Articles about Security

Businesses should ensure that they are still securely protected against DDoS attacks, despite the recent growth of other trends such as ransomware.

That’s the warning from Arbor Networks, which is urging organizations of all sizes to make sure they stay safe online as DDoS attacks are still rife around the world.

Continue reading →

As we reported over the weekend the UK parliament's email system was subject to a brute force attack using passwords stolen in the 2012 LinkedIn breach.

Security experts have been quick to point out the inherent weakness in large organizations and government departments relying on passwords to protect highly sensitive data.

Continue reading →

With Windows 10 S Microsoft has made the bold claim that this locked down version of its operating system is immune to all known ransomware. This may well be true, but that's certainly not to say that Windows 10 S is completely secure. Lock up your Surface Laptop!

An investigation carried out by ZDNet found that Windows 10 S -- despite only supporting the installation of apps from the Windows Store -- is vulnerable to that old security nightmare: Word macros. The problem comes about because the macros have full access to the Windows API, opening up a potential attack vector.

Continue reading →

To remedy a malware attack businesses need to shell out, on average, $2,300 per attack. This is according to a new report by Arbor Networks.

The report, produced in partnership with research organization 451 Research, says spear phishing attacks are still most successful of all the different methods of entry.

Continue reading →

An investigation by the Times has found that passwords belonging to British officials have been traded by Russian hackers. The passwords and email addresses of tens of thousands of politicians, senior police officers and diplomats were sold or swapped following an attack on LinkedIn in 2012.

As well as LinkedIn, some information seems to have been garnered from MySpace. The credentials for politicians, including education secretary Justine Greening and business secretary Greg Clark, were initially put on the market for sale or trade, but were later made available free of charge.

Continue reading →

Businesses looking to digitally transform won’t be intimidated by cyber-attacks or data protection regulations, according to a new report by Advanced.

Based on a poll of more than 500 senior executives in UK organizations, Advanced says organizations are concerned, but won’t give up.

Continue reading →

A new survey shows that 18 percent of organizations now have more than half of their workloads in cloud-native environments. In addition many are moving from on-premises and self-hosting toward shared environments, distributing workloads across multiple providers.

The study by cloud security and network software firm Cohesive Networks also finds 57 percent of respondents say that cloud-native workloads make up at least 20 percent of applications in Infrastructure-as-a-Service (IaaS).

Continue reading →

Virgin Media is urging hundreds of thousands of customers with its Super Hub 2 router to change their passwords after a Which? investigation uncovered a way for hackers to gain access to the device.

If the password for the router is not changed from its default there is a risk from hacking, but Virgin Media said the risk is small. Nevertheless, as a precautionary measure a password change is the advice for more than 800,000 users.

Continue reading →

Microsoft introduced a bug bounty program for Edge last August. Originally intended as a temporary thing, it will now live on as the software giant reports that it has lead to major improvements in its browser's security.

As is the case with bug bounty programs, part of the appeal for security researchers is the financial side. In this case, Microsoft says that it has paid over $200,000 in bounties in since it kicked off.

Continue reading →

We're all familiar with the concept of the dark web where information gained from hacks and data breaches is traded amongst cyber criminals. But just how much are your identity and account credentials worth?

Password manager and digital vault app Keeper Security has produced an infographic looking at how much various pieces of information trade for.

Continue reading →

It's a common belief that anything that appears online is fair game for downloading and sharing, and this idea extends to Facebook profile pictures. Facebook has found that in India in particular there is great concern from users -- particularly woman -- about uploading a profile picture in case it is download and shared elsewhere.

Responding to this, the social network is trialling features that will grant users more control over their profile pictures. Facebook is not only introducing a new profile picture guard, but also encouraging people to add a design layer to their images to discourage misuse by others. If the trial proves successful, the feature will enjoy a wider rollout.

Continue reading →

For decades, the Microsoft Security Bulletins have provided IT administrators with a monthly list of vulnerabilities and accompanying patches. Much to the chagrin of the IT community, these Bulletins have been replaced by the Security Update Guides portal (SUG), which many administrators believe will be a lot more work for them, especially for patch management professionals who already have enough on their plate.

Moreover, the additional time to research and understand the security patches required for their unique environments will only lengthen the time to patch. While the portal is searchable by Common Vulnerabilities and Exposures (CVE), Knowledge Base (KB) article, product or release date, the change in process will impact the daily routines of IT administrators and security professionals around the world.

Continue reading →

Cisco has unveiled its network of the future designed with the ability to learn, adapt and evolve to combat security threats and manage the increased load put on networks by an ever-increasing number of devices.

The company created its new network with the intent of developing an intuitive system that can anticipate actions, stop security threats and continue to evolve and learn over time. Cisco's network of the future will allow businesses to solve the challenges they face in a time of increased connectivity and distributed technology.

Continue reading →

Retailers are facing losses of up to $71 billion globally as the number of fraudulent card-not-present (CNP) transactions rises hugely within the next five years.

A new report from Juniper Research has revealed that a number of different factors are driving the increase in fraud, including the US shifting towards EMV cards, delays in 3DS 2.0 and click-and collect fraud methods.

Continue reading →

Getting your Android apps through Google Play is considered safe, but there are times when even the search giant's store is dangerous. Case in point, Kaspersky uncovered two more trojan-infected apps that weren't removed until they had over 60,000 installs.

Kaspersky security researcher Roman Unuchek reports that, since September 2016, he has discovered "several dozen new malicious apps" on Google Play, all of which "were rooting malware that used exploits to gain root rights on the infected device." Obviously, Google failed to catch any of those in time either.

Continue reading →