Articles about Security

The consequences of a security breach in the healthcare sector can be severe, yet a new survey reveals that healthcare staff are among the most likely to fall victim to social engineering attacks.

The study from SecurityScorecard exposes vulnerabilities across 700 healthcare organizations including medical treatment facilities, health insurance agencies and healthcare manufacturing companies.

Continue reading →

If someone sends you a document, modern versions of Microsoft Office will automatically open it in Protected View, to keep you safe from malware. If you need to edit it, you can do so, but it's at your own risk.

Office 2016 also gives administrators the ability to prevent users from running macros in Office documents that originated from the Internet, adding further protection. Frustratingly, this feature wasn’t made available in Office 2013, leaving users of the older suite at risk.

Continue reading →

Because it isn't detected by traditional, signature based anti-virus solutions, zero-day malware has the potential to wreak havoc in businesses of all sizes.

Cyber security company Comodo is launching a new, free forensic analysis service to help enterprises discover previously unknown and undetected malware that could cause serious security issues or data breaches.

Continue reading →

The US mobile workforce is set to grow to 105.4 million workers by 2020 according to IDC and this creates a challenge for businesses trying to control and secure deployments.

In a bid to make things easier, networking solutions company Brocade is launching its latest Ruckus Cloudpath platform to enable IT organizations of any size to easily establish secure, policy-based access for wired and wireless devices.

Continue reading →

Dirty COW is a privilege escalation vulnerability found in the Linux kernel. Although it’s been there for nine years, it’s only recently been identified.

The vulnerability, which affects the 'copy-on-write' (COW) mechanism, can be found in most Linux distros, and since the Raspberry Pi runs Linux, it too is at risk.

Continue reading →

Following the large scale cyberattack that took down a number of high-profile sites last Friday, a Chinese electronics component manufacturer has admitted that its products were used by the attackers behind the disruption.

Hangzhou Xiongmai Technology, which produces DVRs and internet-connect cameras, has come forward to acknowledge that its products were exploited and that the attackers had taken advantage of security vulnerabilities resulting from weak default passwords.

Continue reading →

The security habits of the millennial generation could be putting federal IT systems at risk, if agencies don't adjust their cyber defenses in time.

This finding comes from a new study by cyber security company Forcepoint, which examines how members of the millennial generation use technology.

Continue reading →

We've already seen concerns about the threats Internet of Things gadgets may pose in the home, with hackable Barbie dolls and snooping Smart TVs. Not to mention that the latest Dyn DDoS attack was carried out using unsecured IoT devices.

IoT devices are starting to become commonplace in businesses too so the potential for problems can only grow. Security company ForeScout, along with leading ethical hacker Samy Kamkar, has been investigating the risks these devices pose.

Continue reading →

Attacks on the inter-bank SWIFT system have been making the headlines this year, proving lucrative for the hackers and worrying for the industry.

Help is on the way though as Cyber security company TrapX is launching a deception-based security solution, DeceptionGrid, specifically designed protect SWIFT.

Continue reading →

We're seeing attacks on endpoint systems becoming more common and increasingly clever. Yet for administrators knowing what's happening on their endpoints presents a challenge.

Privileged account management specialist Thycotic is launching a new, free Endpoint Application Discovery Tool to automatically discover and reports on applications installed on Windows endpoints.

Continue reading →

Smartphones from LG, Samsung and Motorola are all vulnerable to an attack that makes it possible to gain root access in a matter of seconds. Known as Rowhammer, the attack works using a bit flipping technique that exploits a vulnerability in the design of RAM chips.

Because the attack takes advantage of a physical aspect of design, it is going to be difficult to quickly devise a fix. In the meantime, millions of smartphones are at risk of compromise in what could be as large an issue as the recently-discovered Dirty COW bug -- and there's an app you can use to check if you are at risk.

Continue reading →

San Diego, Calif. As a general rule I never connect to public WiFi networks, which is fine except when attending an event at a hotel ballroom where T-Mobile cellular is like an apparition dancing around a Halloween grave. So as Wendell Brooks, CEO of Intel Capital, begins his speech, I sit typing narrative offline rather than tweeting live. There’s irony, I suppose, reporting old style, about investments in new innovations.

Welcome to the trials and travails of the Intel Capital Global Summit, which kicks off today and goes through October 26. Looking at the lineup, I expect to hear about newfangled tech that would make news reporting so much easier if available—although 4G cellular data would be good enough for today.

Continue reading →

Internet of things (IoT) is expected to make an enormous impact on pretty much every industry in the upcoming months and years, but it seems as organizations don’t really know how to secure their devices. This is according to a new report by ForeScout Technologies, which surveyed 201 senior IT decision makers in the UK, Germany, Austria and Switzerland.

First, the report says the threat surface is going to increase dramatically. An average business will operate 7,000 IoT devices in the next 18 months, which is "far more" than what the average company is used to securing and defending. Second, almost two thirds (65 percent) have "quite", "little", or "no" confidence in identifying and controlling their IoT devices. And third, the biggest challenge seems to be having IT functions working together.

Continue reading →

Doing more of our day to day transactions online increases the risk of falling victim to some kind of fraud. Increasingly therefore companies are turning towards biometrics to ensure users are who they say they are.

Digital verification company Jumio is adding biometric facial recognition to its Netverify product to verify users on mobile devices.

Continue reading →

According to new research from the consumers' association Which?, a number of major UK banks have failed to protect their customers online by not adopting two-factor security, which greatly protects against online banking fraud.

The association tested the customer-side security of 11 banks, revealing that over half had failed to implement two-factor ID checks on customers when they logged into their accounts. Lloyds Banking Group, Lloyds, Halifax, Bank of Scotland, Santander and TSB were the banks which scored the lowest on the tests conducted by Which?.

Continue reading →