Articles about Security

Despite other developments in malware, email remains a favourite route for attackers because it's easy for people to fall victim to phishing and other threats.

Network security company SonicWall is launching a new next-generation email security platform to help guard against ransomware, zero-day and advanced threats.

Continue reading →

Researchers at Kaspersky Lab have uncovered a series of targeted attacks that use legitimate software to avoid detection.

The attacks employ widely available penetration-testing and administration tools as well as the PowerShell framework for task automation in Windows. They drop no malware files onto the hard drive, but hide in the memory.

Continue reading →

Donald Trump’s controversial travel ban might have been overturned for now, but the new administration intends to do what it can to tighten entry into the United States.

One of the plans being considered as part of Trump’s "extreme vetting" policy is to ask visitors what websites they visit, and request their passwords. Should anyone refuse to hand over this information they will be prevented from entering the US.

Continue reading →

One of the biggest worries for businesses is the cost of suffering a major cyber attack in terms of both money and business reputation.

San Francisco-based independent security consultancy AsTech is so confident of its track record that it's offering a $1 million warranty against breach-related costs if an organization using its Paragon Security Program suffers unauthorized access to non-public information through a vulnerability that AsTech fails to discover.

Continue reading →

The world of cyber security is a constant arms race with attackers and defenders constantly on the lookout for an edge.

Cyber security company NexusGuard has released its latest threat report for the final quarter of 2016, and notes a shift towards blended DDoS attacks combining multiple vulnerabilities with the intent of overloading targeted monitoring, detection and logging systems.

Continue reading →

Enterprise users increasingly want access to their data while they're out of the office. This generally requires a VPN or Network Access Control (NAC) solution but these can be time consuming and complex to set up and administer.

To make things faster and simpler, trusted access specialist Duo Security is launching a major commercial implementation of Google's BeyondCorp framework that drastically improves and simplifies management of how employees and devices access critical corporate applications.

Continue reading →

The use of threat hunting techniques to combat cyber attacks is increasing according to a new report.

The study by Crowd Research Partners of cybersecurity professionals in the 350,000 member Information Security Community on LinkedIn reveals that threats are rising dramatically and that deployment of sophisticated threat hunting platforms can significantly accelerate the time needed to detect, investigate and fix threats.

Continue reading →

Ransomware is a big problem for today's enterprises, the US Department of Justice reports an average of 4,000 ransomware attacks occur in the US every day.

This means detection and fast action is more important than ever. Cloud data protection company Druva is launching an enhanced version of its platform to manage the ransomware threat from detection right through to recovery.

Continue reading →

Increasing numbers of companies are coming to accept that it's only a matter of time before they become the victim of some form of data security breach. This means they need to be able to detect and respond to threats more quickly.

Cloud-based security platform Absolute is launching a new Application Persistence product to provide embedded, self-healing capabilities to third-party endpoint controls such as VPN, anti-virus, encryption, systems management and other critical controls that are too easily compromised.

Continue reading →

Businesses understand the need to look after sensitive data, but a problem often arises in knowing where that data is. Unstructured information held in folders and documents is just as valuable to hackers as database records and is harder to protect.

Identity management company SailPoint is launching its latest data governance solution, allowing enterprises to guard sensitive files wherever they reside.

Continue reading →

Implementing effective security can be time consuming, complex and costly, more so given the adoption of cloud-based systems.

Unified security management (USM) specialist AlienVault is aiming to simplify things with the release of USM Anywhere, an all-in-one Software-as-a-Service (SaaS) security monitoring platform.

Continue reading →

Traditional security techniques can be effective in fending off cyber threats, but a new generation of non-malware attacks try to gain control of computers without downloading malicious software. Instead, they use trusted, native operating system tools, such as PowerShell, and exploit running applications, like browsers.

Endpoint security specialist Carbon Black is launching a new tool which can combat both types of threat. Called Streaming Prevention it uses event stream processing to continuously update a risk profile based on a steady stream of activity.

Continue reading →

Computers located in Tampa, Orlando, and St. Louis are more likely than those in other US cities to be infected with malware.

This is according to a new report from ESG, the company behind the SpyHunter anti-spyware program. It compiled its results from SpyHunter detection data across the 100 largest cities in the United States in 2016.

Continue reading →

Earlier this month there was widespread reporting in both the tech and mainstream media of the discovery of a potential security vulnerability in Facebook's WhatsApp messaging service. Coverage of the likely flaw, which was reportedly discovered by researchers at Berkeley University in California, was a blow to Facebook given that WhatsApp places privacy and security at the heart of its service by providing end-to-end encryption of user's messages and photos, preventing third parties including its own staff from accessing them.

In a nutshell the potential security flaw would theoretically allow WhatsApp to intercept some users' messages, which would appear to them to be encrypted. This has resulted in considerable speculation that government agencies could exploit this vulnerability as a means of covert surveillance, by targeting specific individuals' messages or on a bulk extraction basis.

Continue reading →

The threat landscape facing businesses is more complex than ever and it's rapidly changing. No surprise then that traditional approaches to security are struggling to cope.

This has led some security companies to turn to a more dynamic approach of seeking out threats rather than simply responding to attacks.

Continue reading →