Articles about Security

Consumers are quite confident banks and insurers can keep their data safe, but these organizations aren’t that sure. A new report by Capgemini has shown that financial institutions lack a significant amount of confidence when it comes to data protection.

Just one in five (21 percent) of financial service organizations admitted they’re "highly confident" they could detect a data breach. On the other hand, 83 percent of consumers trust banks and insurers with their data.

Continue reading →

The biggest fear for organizations is long-term damage to brand and reputation, yet despite this three quarters lack a comprehensive risk management strategy.

This is one of the findings of a survey for risk intelligence company RiskVision carried out by the Ponemon Institute, it reveals that 63 percent of organizations are worried about reputation and brand damage. This is followed by security breaches (51 percent), business disruption (51 percent) and intellectual property loss (37 percent).

Continue reading →

Ethical hacking, also called penetration testing, entails thinking like the bad guys to find and plug any vulnerabilities in your system to keep it secure.

Hacking For Dummies explains how to protect your computers from malicious attacks. It usually retails for $20, but for a limited time you can download the fully updated 5th edition ebook version for free.

Continue reading →

Even after new mobile threats have been identified the number of devices in use means it can take time for patches to be rolled out to all users.

Mobile threat defense company Zimperium is hoping to tackle this problem with the launch of a $1.5 million bounty program to purchase N-day exploits which have been identified but are still usable on unpatched devices.

Continue reading →

More than a third of organizations that experienced a data breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent.

This is a key finding of the latest Cisco Annual Cybersecurity Report which also shows that after attacks, 90 percent of these organizations are improving threat defense technologies and processes.

Continue reading →

The methodology of malware and cyber attacks has shown a significant shift in 2016, according to the State of Malware report from Malwarebytes.

Although ransomware is the favorite attack method used against business, ad fraud malware is growing fast and poses a substantial threat to both consumers and businesses.

Continue reading →

Many cyber attacks are made using stolen or abused credentials. One of the ways to combat this is to collect activity data and use it to spot anomalous behavior patterns.

Leader in this field Exabeam is launching its new Security Intelligence Platform, designed to decrease the risk of cyber threats for organizations of any size. It addresses the need to collect more data than ever before, to make better connections across that data to detect threats, and to augment human analysts during incident response.

Continue reading →

Businesses are increasingly aware of the need to protect their endpoint systems. However, they tend to concentrate most of their efforts on Windows which can leave other platforms vulnerable.

Cyber security specialist and digital certificate provider Comodo is launching a new version of its Advanced Endpoint Protection (AEP) product that extends availability of its default-deny endpoint security to Mac and Linux platforms, in addition to Windows.

Continue reading →

Increased adoption of virtualization, the cloud, and the accelerating use of web applications and short-lived assets like containers has led to changes in how and when companies need to assess vulnerabilities.

Cyber security firm Tenable Network Security is launching a new cloud-based vulnerability management platform to enable enterprises to secure the full range of assets in modern elastic IT environments.

Continue reading →

At the USENIX Enigma conference, Facebook unveiled a new way to overcome the problem of forgotten passwords. Known as Delegated Recovery, the mechanism essentially allows two online services a user has accounts with to be used as a form of two-factor authentication.

Delegated Recovery is something of a new take on 2FA, building on Facebook's previously announced support for U2F Security Keys. The problem with password recovery via email or SMS, is that it's easy for the recovery medium to be compromised, and security questions are easily guessed. Delegated Recovery takes a new approach, and it's being trialed on GitHub.

Continue reading →

Security researchers from Context IS have uncovered serious vulnerabilities in a number of premium Samsung Galaxy phones which allow attackers to crash devices using a single SMS message and initiate ransomware attacks.

The report is part of a series which aims to show "how, even in 2017, SMS-based attacks on Android phones are still viable". As longtime readers might recall, iOS too was vulnerable to such attacks -- but that was nearly two years ago. While the report focuses on Samsung's Android handsets, the researchers suggest that the vulnerabilities could be found in other vendors' smartphones as well.

Continue reading →

USB flash drives are great for storing personal files on, so you can have easy access to them wherever you go. But what happens if you lose a drive or it gets stolen? All of your personal data could be at risk.

While there are ways to secure the contents of a flash drive using software, you need to remember to do so every time. The datAshur PRO, from iStorage, offers a hardware solution that’s simple to use and will protect your data with military grade XTS-AES 256-bit encryption.

Continue reading →

The way people access the internet is changing, with a shift towards portable devices, and that in turn has led to a shift in the software they use.

Independent testing company AV-Comparatives has conducted its annual survey focusing on which security products (free and paid) are employed by users, along with their OS and browser usage.

Continue reading →

Here we are, at the end of the first month of a new year and where are we? Well, I guess that very much depends on who you are. If you're a hacker, then things are looking good for you. If you're a consumer, the evidence suggests you won't be fooled twice, but is that good enough? And if you're a business, you've got the same security problems as last year but with enhanced threats from hackers and careless employees as well as enhanced expectations from consumers.

So, exactly what is happening in today's security world and what does it mean for you?

Continue reading →

New vulnerabilities discovered in 31 models of NETGEAR router are reckoned to leave at least 10,000 devices at risk and could affect many more.

Cyber security company Trustwave has released details of the vulnerabilities which allow an attacker to discover or completely bypass any password on a NETGEAR router, giving them complete control of the router, including the ability to change configuration, turn infected routers into botnets or even upload entirely new firmware.

Continue reading →