Articles about Security

Increased numbers of phishing and other cyber attacks are putting companies under greater pressure to secure their applications.

Conventionally this requires re-coding or other work to achieve, but new software from behavioral firewall specialist Preempt lets organizations add secure authentication to any enterprise application.

Continue reading →

The UK's ActionFraud cyber crime reporting center is warning customers of BT’s internet services of a phishing scam claiming to protect against WannaCry-style attacks.

The emails claim that BT has launched preventative measures to protect data on an international scale and try to get recipients to click on a link to a 'security upgrade'.

Continue reading →

A firmware update to the Netgear R7000 router adds a new feature that will concern privacy advocates. The update allows Netgear to start "collecting analytics data" and the release notes warn that: "NOTE: It is strongly recommended that after the firmware is updated to this version, you log back in to the router's web GUI and configure the settings for this feature."

Netgear says that the data collection is to help it "isolate and debug technical issues" and does not -- according to the company -- include details such as the websites that are visited, but it will still be a cause of concern for many people. It's hard not to draw parallels with Windows 10 which has managed to upset many users with its telemetry settings.

Continue reading →

Exploits linked to leaked NSA hacking tools have been causing havoc recently, with the WannaCry ransomware infecting more than 300,000 systems.

WannaCry made use of the previously unknown SMB exploit EternalBlue, but the leak included details of several others. Microsoft has released patches, but are they in place on all your PCs?

Continue reading →

A new form of malware is targeting innocent victims in order to mine cryptocurrency for its creators.

Adylkuzz, which targets the Monero cryptocurrency, stays hidden within an infected machine, and does not give visual warnings or interfere with users’ files.

Continue reading →

Last week's WannaCrypt attack infected over 200,000 devices and is estimated to have made its perpetrators $72,000.

Increasingly scammers and criminals are seeing the internet as a means of making financial returns. Cyber crime has become a serious business and no business or information is safe from attack.

Continue reading →

Google has showcased a number of major changes coming to Android at its I/O event yesterday, like Google Play Protect. It is designed to keep your smartphone safe using app usage analysis and machine learning, and includes a feature that many Android users are already familiar with.

Part of Google Play Protect is Find My Device, which has been previously known as Android Device Manager. Google decided to change the name, and add new functionality in the process, likely because it is more appropriate, considering what it is mainly used for -- which is to locate Android devices and remotely wipe or ring them.

Continue reading →

None of the political parties in the UK, Germany and Norway, all of whom have upcoming elections, have email authentication or protection against spear phishing in place, according to new research.

The study by secure email company Agari shows that while eight percent have published an email authentication policy, they've left the door wide open by setting their policy to 'none', which will not stop malicious emails from reaching intended victims.

Continue reading →

Increasingly we're surrounded by devices that have microphones. Not just our computers and smartphones, but smart home devices like Alexa and Echo and even our TVs.

The problem is these mics are not just accepting commands, they're listening to what's going on in the background too.

Continue reading →

There's no getting away from the fact that Android has something of an issue with dangerous and malicious apps. Google's latest weapon in the fight against such apps is Google Play Protect which uses machine learning and app usage analysis to weed out the bad guys.

The new system sees Google not only checking apps as they are submitted to the Play Store, but monitoring the apps you already have installed. By analyzing app behavior, Google is able to identify suspicious software that may have slipped through the net or has been installed from outside of the Pay Store.

Continue reading →

Two thirds of consumers in the UK would "break up" with a brand if it suffers a data breach.

That's according to a new report by Talend which highlights the importance of businesses engaging with customers to ensure they provide high-quality data security.

Continue reading →

A majority of cyber security professionals don’t trust the data that they get from their tools according to a new report from risk analysis company Bay Dynamics.

The survey, carried out by research firm Enterprise Management Associates, of more than 400 security professionals in organizations with more than 5,000 employees reveals that 52 percent of threat alerts are improperly prioritized by systems and must be manually re-prioritized.

Continue reading →

News over the past week has been dominated by the fallout from the WannaCry ransomware. Now the hacking group that released the NSA's hacking tool kit into the wild has announced plans to start an exploit subscription service in June.

ShadowBrokers used a blog post to announce that next month will see the launch of "TheShadowBrokers Data Dump of the Month" service. Described as "being like wine of month club," such a subscription service would attract a great deal of interest from intelligence agencies and would-be hackers alike, particularly if -- as the group suggests -- it includes access to Windows 10 exploits.

Continue reading →

The UK government has defended the NHS's cyber-security procedures, days after a number of trusts were taken offline by the WannaCry ransomware.

Security minister Ben Wallace said that the NHS had followed "pretty good procedures" in dealing with the attack.

Continue reading →

The weakest point in any network is usually the endpoint, so effective protection measures are essential to fend off cyber attacks.

Security specialist Guidance Software is launching an updated version of its EnCase Endpoint Security solution aimed at providing enhanced endpoint detection and response (EDR) capabilities for businesses.

Continue reading →