Articles about Security

The majority of financial services are at risk of insider cyber threats because their mainframe environments have blind spots, according to Compuware.

The company's latest research claims that organizations such as banks keep the majority of the sensitive customer data on the mainframe, as they consider it the securest in the entire enterprise. However, they are not monitoring it close enough to truly understand what those with privileged access are doing with that data.

Continue reading →

The number of impersonation attacks rose by 400 percent this quarter, new research has revealed.

According to a new report by Mimecast, attacks where malicious actors carefully impersonate C-level executives, employees or business partners are on the rise.

Continue reading →

Researchers from the Kromtech Security Research Center have discovered an unprotected database online that includes information on about 10 million cars sold in the US.

As well as data such as VIN and details of payment plans, the database also includes detailed information about owners, such as name, address, phone numbers and occupation. It has been left exposed online for over four months, but it's not clear who the owner is -- or how to address the security risk it poses.

Continue reading →

New research from threat intelligence company Recorded Future reveals that of 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75 percent were publicly reported online before they were published to the NIST's centralized National Vulnerability Database (NVD).

Sources reporting include easily accessible sites such as news media, blogs, and social media pages as well as more remote areas of the internet including the dark web and criminal forums.

Continue reading →

A new report into cyber security trends shows healthcare to be the most frequently targeted industry, with 164 threats detected per 1,000 host devices.

Next most targeted are education and media, which had 145 and 123 detections per 1,000 host devices, respectively. By comparison, the food and beverage industry came in as the least targeted industry with just 17 detections per 1,000 hosts.

Continue reading →

Security software firm Kaspersky Labs has filed antitrust complaints against Microsoft in Europe. The complaints center around Microsoft disabling third party antivirus software in Windows 10 to favor its own Windows Defender.

The Russian company complained to the German Federal Cartel Office and the European Commission, saying that Microsoft abused its position. Microsoft has made some changes to the way Defender works, but Kaspersky does not believe this goes far enough.

Continue reading →

The UK government, and Theresa May in particular, has been criticized for an apparent lack of awareness in how online encryption actually works following the Prime Minister’s call for tighter regulation following the attacks.

Declaring that some internet giants were providing extremist ideology "the safe space it needs to breed," PM May took aim at not just the companies, but the internet itself, in her statement yesterday.

Continue reading →

Security researchers have warned that more dangerous malware has been released from the recent NSA dump that resulted in the WannaCry ransomware outbreak.

Experts at Secarma have revealed that the attack could be hiding another malicious package, which could be as dangerous as WannaCry.

Continue reading →

With growing numbers of data breaches and increasing pressure from regulations like GDPR, companies need to enact stricter security policies.

Object and cloud storage specialist Scality is addressing this with the launch of Scality RING7, a new software-defined, multi-site file system and object storage solution.

Continue reading →

Companies face the possibility of security breaches from many different sources, which means they must constantly react to new threats.

New player in the security field Balbix aims to put security professionals ahead of the game with the launch of its predictive breach-risk platform. It can be used to predict top breach scenarios, prioritize security fixes and provide risk insights to prevent security incidents before attacks happen.

Continue reading →

It's becoming increasingly clear that data breaches can happen to any company and at pretty much any time.

Protecting your company's data isn't just about securing your own systems, it also means ensuring that any third-parties you contract out services too are taking appropriate care too.

Continue reading →

Businesses increasingly face threats from within, but traditional security models are based around protecting a network from outside attacks.

A new report by trusted access specialist Duo Security looks at the new threat landscape where companies need to be able to verify the identity of users and the integrity of devices. It finds that while things are looking up, failure to keep systems up to date is still presenting a major risk for many organizations.

Continue reading →

Cisco and IBM have announced a new partnership that will see both companies integrate their security services, products and threat intelligence in an effort to bolster their cybersecurity offerings.

Both companies already have sizable security businesses and the partnership will see them share research and services with one another. Cisco's security suite will integrate with IBM's QRadar across networks, end points and cloud while IBM Global Services will offer support in managed security services to the company.

Continue reading →

There’s a huge number of creative hackers out there finding new and infuriatingly clever ways to compromise data. Then there’s an even more massive number of not-so creative hackers using the same old strategies because the same old vulnerabilities keep popping up in organizations the world over.

Either way, a data breach is devastating, but one route is far worse when it comes to explaining to affected users, investors and the Securities and Exchange Commission how the personal data of 1.2 million of a company’s users ended up for sale on the dark web. Now is the time to get to know six of the most common database security vulnerabilities -- before the FBI start asking some pretty tough questions.

Continue reading →

Google has updated Gmail with a number of new security features aimed at businesses that require better protection against malware and phishing scams.

The company announced today that it is bringing early phishing detection to its email service by using machine learning along with click-time warnings for malicious links found in emails as well as unintended external reply warnings.

Continue reading →