Articles about Security

The Brexit process is now officially underway, but there is still a good deal of talk about the validity of the outcome. A number of members of parliament have expressed concerns that a foreign government may have interfered with the referendum, making it difficult or impossible for people to register to vote.

The Commons public administration and constitutional affairs committee (PACAC) has published a report which looks at the possible causes for the crash of the "register to vote" site last year. It suggests that the crash bears the hallmarks of a DDoS attack, and notes that this is a tactic employed by both Russia and China in the past.

Continue reading →

Originally developed as a digital camera platform, Android has definitely come a long way. It just surpassed Windows to become the most popular operating system for Internet usage in the global digital realm.

This has been established through a report by StatCounter, which states that the global OS Internet usage market share of Android (37.93 percent) is 0.2 percentage points ahead of Windows (37.91 percent). You can check out the global operating system market share map, here. This is a huge win for Android, which accounted for a mere 2.4 percent of the worldwide Internet usage almost five years ago. Interestingly, Microsoft had been leading this market since 1980.

Continue reading →

While companies are keen to benefit from the agility and cost savings of using the cloud, there are still concerns about the ability to monitor and secure systems to an enterprise standard.

Ireland-based network analysis specialist Corvil is addressing this with the launch of a software-defined solution for packet-level instrumentation of virtual machines in public, private and hybrid cloud infrastructures.

Continue reading →

On March 14, the UK National Crime Agency and National Cyber Security Center sounded the alarm about the growing cyber threat. One of their conclusions was that ransomware represents a significant, and growing, threat to UK business. Combine this with the fact that the last 12 months has seen cyber attacks on an unprecedented scale, and you’ve got a melting pot of cyber activity right now.

These warnings come as no surprise. Ransomware use has exploded over the past year or so, particularly in the UK, simply because it is an easy way for cyber criminals to make significant amounts of money. Ransomware works, simply because many firms are forced to pay the ransom because they don’t have the defense systems in place to avoid doing so.

Continue reading →

The CIA's range of hacking tools revealed as part of WikiLeaks' Vault 7 series of leaks have been used to conduct 40 cyberattacks in 16 countries, says Symantec. The security firm alleges that a group known as Longhorn has been using tools that appear to be the very same ones used by the CIA.

While it would be obvious to jump to the conclusion that the CIA was itself responsible for the attacks -- and that Longhorn is just a branch of the CIA -- Symantec opts for a rather more conservative evaluation of things: "there can be little doubt that Longhorn's activities and the Vault 7 documents are the work of the same group."

Continue reading →

Security issues with Word documents are nothing new, but they have a tendency to rely on macros -- something which users have learned to become very wary of. But now security firms FireEye and McAfee have discovered a new attack strategy that takes advantage of Windows Object Linking and Embedding (OLE).

The attack can be used to infect even a fully patched computer with malware, and it is believed to be effective in most -- if not all -- versions of Microsoft Word, and Windows 10 offers no protection. The 0day works by using code embedded in a document to pull in malware from a remote server, using various techniques to hide what is going on.

Continue reading →

Last year, hacking group TheShadowBrokers released a number of NSA exploits into the wild, showing how the agency was able to exploit big-name firewalls. At the same time it also released a second cache of documents, encrypted and password protected. Now, in protest against Donald Trump, the group has released the password for the encrypted data.

TheShadowBrokers used a Medium post over the weekend to express their disgust at Trump's presidency. The documents and tools released allegedly demonstrate that the US government, through the NSA, has been actively hacking foreign government networks, and reveal an exploit for the Unix-based Solaris operating system.

Continue reading →

Wonga.com -- the payday loan website -- is investigating a security breach which exposed the personal details of tens of thousands of customers. Up to 270,000 customers in the UK and Poland are believed to have been affected by the breach.

The incident happened last week, but Wonga initially played down its significance. However this weekend the company determined that customer data was involved, including names, addresses, phone numbers, bank account numbers and sort codes and started an investigation.

Continue reading →

Mobile users frequently stray from official app stores when looking for new mobile applications, putting themselves under increased risk from malware, ransomware and other malicious actors. This is according to a new report by RiskIQ, which says that users in the UK are a bit more "conservative," and a bit more on the safe side compared to mobile users in the US.

The report, entitled "Appsession: Is our appetite for mobile apps putting us at risk?" is based on a poll of 2,000 mobile users -- 1,000 in the UK and another 1,000 in the US.

Continue reading →

The latest batch of documents published by WikiLeaks as part of its Vault 7 CIA series purportedly reveals the tools used by the agency to create malware for Windows. The Grasshopper framework is revealed in 27 documents, and they show how to create Windows installers with a malware payload.

Importantly, Grasshopper allows for the easy creation of custom malware delivery options, dependant on the operating system and virus protection detected on a target machine. The documents show that the CIA repurposed malware from Russian and Italian organized crime groups.

Continue reading →

Although governments need to secure their nation's critical infrastructure from cyber attack, they can often lack the context in which to assess risk.

Security ratings specialist BitSight is addressing this with the announcement of its Sovereign Security Ratings, the first objective measurement of national cybersecurity risk.

Continue reading →

Two thirds of the UK’s general public would feel more safe if digital communications were unencrypted, according to a new report by Cable.co.uk. The argument?

If the government could access our communications, it would be able to intercept messaging between terrorists plotting new attacks.

Continue reading →

Security researchers from Kaspersky Lab and Kings College London have uncovered similarities between Turla attacks from 2011 and 2017 and an ancient advanced persistent threat that was used two decades ago to launch an attack against the US government's network.

The researchers (Juan Andres Guerrero-Saade and Costin Raiu from Kaspersky Lab and Thomas Rid and Danny Moore from Kings College London) have taken logs of Moonlight Maze, an attack that happened in the late 90's, from a now retired IT admin whose server has been used as a proxy to launch the attacks.

Continue reading →

There is a new, global cyber espionage campaign, and this one demonstrates a "new level of maturity." This is according to a new report by PwC and BAE, released after consultation with other cyber security experts, including the UK's National Cyber Security Center.

The report claims this new cyber espionage campaign targets businesses through managed services IT providers.

Continue reading →

Back in February of this year researchers at Kaspersky Lab uncovered a series of mysterious fileless attacks against banks where criminals were using in-memory malware to infect banking networks.

A recent investigation into a Russian bank ATM, where there was no money, no traces of physical interaction with the machine and no malware, has thrown further light on this activity.

Continue reading →