Articles about Security

Every eighth person in England has had their healthcare data breached. This is the conclusion of a new report just released by Accenture. Based on a poll of 1,000 people it says that more than half of those who experienced a data breach (56 percent), were in fact, victims of medical identity theft.

The report also says that these data breaches are fairly expensive, too. On average, more than three quarters (77 percent) have had to pay roughly £172 in out-of-pocket costs, per incident.

Continue reading →

People are the biggest threat when it comes to enterprise cyber-security, not technology or processes. This is according to a new report by The Institute of Information Security Professionals (IISP), which says there are a couple of ways people are putting organizations at cyber risk.

The first, and most obvious one, is not being careful enough when opening links in emails, downloading attachments and visiting threat-carrying sites. The second one, less obvious, is the lack of technical skill. And finally, the third one, is the risk from senior business stakeholders making "poor critical decisions around strategy and budgets."

Continue reading →

The Internet of Things is gaining in popularity just as many pundits have predicted for years. Having a connected home is easy and cost effective, thanks to devices like Amazon Echo, WeMo lights, and Nest thermostats. It really is an exciting time to be a tech-enthusiast consumer.

Unfortunately, while IoT is exciting, it can also be confusing and scary. Many devices do not work together due to fragmentation, and even worse, there can be security exploits that put the consumer's home network at risk. In other words, an internet connected refrigerator or webcam could be abused by hackers. Today, The Linux Foundation launches the open source EdgeX Foundry -- an attempt to unify and simplify the Internet of Things.

Continue reading →

The cloud is a dynamic environment and the threats it faces are equally fluid, whether they're sophisticated cyber attacks or insider threats.

Cloud security company Lacework is launching a new tool called Polygraph that detects breaches, manages insider threats, delivers insights into workloads, and offers graphical investigation tools for public, private and hybrid cloud workloads.

Continue reading →

Increasing workforce mobility and the shift of systems to as-a-service models has meant greater need for a reliable means of controlling access and identifying legitimate users.

Identity management specialist SailPoint is launching a new service called IdentityNow Access Request that provides a simple, mobile-ready interface for delivering a self-service access request process to employees, contractors, and business partners. It's aimed at improving IT efficiency and reducing the risk of inappropriate access by consistently enforcing organizational access policies.

Continue reading →

WikiLeaks continues to release documents that reveal various hacking tools used by the CIA. After the HIVE revelations just over a week ago, the group has followed up with details of operations that were mentioned in the very first batch of Vault 7 leaks -- hacking Samsung televisions to listen in on people.

The documents suggest that the CIA's work is based on a tool developed by MI5 in the UK called Extending. The CIA went on to transform this into its own utility by the name of "Weeping Angel." WikiLeaks has published the guide to using the tool in a file marked "SECRET STRAP 2 UK EYES ONLY," and it describes how an implant is configured on a Linux PC before installing it on a target Samsung F Series smart TV.

Continue reading →

The Internet of Things (IoT) has undergone an amazing transformation, from a pipe dream to a marketing buzzword, and now an impending reality. Recent estimates expect the number of Internet-connected devices to reach 26 billion by 2020, with some studies suggesting an even higher output.

With an exponential increase in devices communicating with us, other devices, and with the internet at large, how can anyone keep private information safe?

Continue reading →

Many organizations don’t enforce proper security measures in their DevOps environments, putting both the company and the product at risk. This is according to a new report by Venafi looking into security practices among DevOps adopters.

Using the same passwords for multiple machines or not even bothering to secure communications between machines are some of the most common issues, usually among organizations in the middle of adopting DevOps practices.

Continue reading →

Whether it’s state-sponsored attacks, corporate espionage, a moneymaking scheme or simply someone trying their luck, businesses and governments are facing a constant barrage of cyber attacks. The high-profile cases of lone wolves hacking into the systems of government organizations mask the more devastating consequences of attacks carried out or ordered by nation states against other nation states.

They are threatening national security around the world, but the wide variety of attack vectors, as well as the continuous evolution and improvement of methods, means we’re constantly chasing our tails trying to keep up and keep them out.

Continue reading →

New data from cloud security specialist Netskope shows that companies are still struggling to prevent network breaches and protect themselves at all points of entry.

Backdoors made up the bulk of cloud malware detections, at 37.1 percent, down from 43.2 percent last quarter but still the biggest single threat.

Continue reading →

Deception technology intended to catch out attackers by deploying decoys that mimic business systems is gaining in popularity. The market for deception is expected to exceed $2 billion by 2021.

Threat defense specialist Acalvio Technology is launching a new product called ShadowPlex which offers the scale and depth of a dynamic deception environment, and integrated intelligence built on a cloud-first infrastructure that makes it easy and cost-effective to deploy.

Continue reading →

We all know someone who’s been in a difficult position following a security breach. They are rushing to assess the damage, while simultaneously repairing website functionality to limit the compromise. It’s a stressful situation, especially if you’ve had to deal with a compromise more than once. Unfortunately for some website owners this is a reality -- shortly after the initial security breach, the website becomes compromised again. It leaves the website owner asking why their website is being targeted and how the website re-infection is happening.

The short answer is that it’s most likely due to unresolved vulnerabilities. While it may seem like you’ve been singled out and targeted by some menacing hackers, most of the time that isn’t the case. The majority of website compromises are preceded by automated campaigns that locate websites vulnerable to a particular exploit the hacker wishes to employ. The bottom line is, you aren’t the target that the hacker is singling-out, it’s the software on your website. There are a couple main culprits for this scenario.

Continue reading →

Technology is ever the equalizer, and this is increasingly true in the realm of home security. For most people, home security means a few good deadbolts and possibly some bars on the window. Whole-home, monitored, wired security systems that cost upwards of $50 a month (not to mention long-term contracts and multiple up-charges for installation and additional features) are an expensive option if all you want to know is if someone is in your backyard or trying to open your front door.

Today, thanks to wireless technology, there are multiple lower-priced options for home monitoring systems, including complete DIY systems that you can install and monitor yourself. However, these still start at around $200. What if you just want some basic, high-tech security that won’t break the bank? Here is a round-up of nine low-cost, high-tech ways you can protect your home, based on your specific security needs, all for under $100.

Continue reading →

Researchers at threat intelligence specialist Recorded Future have uncovered a new strain of ransomware called Karmen that’s designed for use by people with limited technical expertise.

The ransomware-as-service has been developed by Russian and German hackers and is notable for its user-friendly approach. It comes equipped with a dashboard that allows the tracking of computers infected with the virus, including the status of any ransom that’s been paid.

Continue reading →

UK-based businesses of all sizes are being urged to protect themselves against cyber crime after new government statistics showed nearly half of all UK businesses suffered a cyber breach or attack in the past year.

The Cyber Security Breaches Survey 2017 reveals nearly seven out of 10 large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the period being £20,000 and in some cases reaching millions.

Continue reading →