Articles about Security

Following the $81 million cyberattack in February, a second hacking group has emerged with the intention of exploiting the SWIFT money transfer system to rob banks.

A report from the security firm Symantec has revealed that these cyberattacks have occurred since January and have targeted companies located in the US, Hong Kong, Australian and other countries. The firm has detected 74 different computer infections that suggest that around 100 organizations have been affected by these attacks so far.

Continue reading →

There is a 12 year old vulnerability in OpenSSH that hackers are now using to attack Internet of Things (IoT) devices and remotely generate traffic. Akamai Technologies' researchers Ory Segal and Ezra Caltum have identified the old vulnerability and dubbed it SSHowDowN Proxy.

The researchers say hackers are using it to target CCTV, NVR, and DVR devices, satellite antenna equipment, networking devices such as routers or hotspots, and internet-connected NAS devices.

Continue reading →

Credentials for privileged access accounts are a prime target for cyber attackers and they can often be stolen from vulnerable endpoints.

Privileged account management specialist Thycotic is tackling this problem by launching Privilege Manager for Windows, which allows IT admins to implement a wide array of policies and controls that best match their needs.

Continue reading →

Many industries have found that the rapid expansion in demand for digital information has outpaced efforts to keep the data secure. This is a particular issue for healthcare organizations which handle confidential records yet have seen some headline breaches in recent years.

UpGuard, the company behind the CSTAR security preparedness score for enterprises, has released a new report which provides fresh data on the security failings of companies in the healthcare industry.

Continue reading →

2016 has been a long year for retailers, with a number of them being relieved of customer data by hackers looking mostly for credit card information. Wendys, Eddie Bauer, Hard Rock Hotel and Casino Las Vegas and others have all been forced to step forward in an effort to protect customers, though largely done after the fact.

Now the latest victim has been announced as retailer Vera Bradley reveals it too has suffered a serious breach of its payment processing system.

Continue reading →

Echoing the findings we reported earlier that companies leave cloud protection to third-parties, a new study from cloud security company Netskope reveals most companies don't scan their cloud services for malware either.

The study conducted with the Ponemon Institute shows 48 percent of companies surveyed don't inspect the cloud for malware and 12 percent are unsure if they do or not. Of those that do inspect 57 percent of respondents say they found malware.

Continue reading →

Facebook's recently rolled-out Secret Conversations heralded the arrival of not only end-to-end encryption for users, but also disappearing messages. Not to be outdone, Edward Snowden's favorite messaging service, Signal, has followed suit.

The company behind the app, Open Whisper Systems, points out that the feature is not really designed to further improve security and privacy; rather it is a way "to keep your message history tidy".

Continue reading →

A lack of visibility into an organization's use of cloud providers can lead to unauthorized access to data, improper handling and storage of data and unauthorized data removal. As a result, organizations are left exposed and vulnerable to a data breach.

This is among the findings of a new report from the Blancco Technology Group. Based on a survey of almost 300 IT professionals around the world it finds that 26 percent of organizations are either 'not confident' or only 'somewhat confident' about their IT teams' knowledge of the use of all cloud storage providers.

Continue reading →

Yahoo has had a dramatic fall from grace in the last couple of weeks. While far from the most popular email service out there, it maintains a relatively healthy user base -- but all of this changed with news of a security breach resulting in the theft of 500 million account details, and the revelation that the company secretly scanned emails for the NSA.

While there has not exactly been a mass exodus away from Yahoo, many users have started to question their loyalty to the company and investigate the alternatives. If you are thinking about abandoning Yahoo, the company has put something of an obstacle in the way -- it has disabled email forwarding, saying the feature is now 'under development'.

Continue reading →

A new report released by data protection company Thales and the Ponemon Institute shows that the use of cloud services and the IoT has led to greater dependence on public key infrastructures (PKIs) in today's businesses.

The survey of more than 5,000 companies across 11 countries shows that PKIs -- used to create, distribute, store, and revoke digital certificates and manage public-key encryption -- are increasingly relied on to support applications.

Continue reading →

In an attempt to block foreign hackers from compromising the devices of British politicians to access sensitive information, Apple Watches have been banned from use during official cabinet meetings.

The UK's prime minister Theresa May has informed elected ministers that just as mobile phones are not allowed, high-end smartwatches will no longer be permitted as they pose a security risk. An inside source informed The Telegraph that "The Russians are trying to hack everything".

Continue reading →

The fact that people are afraid to use more apps because of security reasons is costing the UK economy billions. To be more precise, £2.5 billion this year, £3.2 billion the next.

This is according to a new report by Rackspace, which says that 36 percent of consumers are reluctant to use more apps for security reasons. Privacy is also a huge issue for 33 percent of consumers in general -- rising up to 37 percent among the older population.

Continue reading →

One of the main reasons why hackers and other malicious actors are so hard to locate is not the fact they're really good at hiding their location -- it is because they're exceptional when it comes to faking things. They fake their locations, their working hours, language, infrastructure, toolkits -- even their own groups.

Hackers are going extreme lengths to make sure people looking for them are actually in for a wild goose chase. These conclusions were released by security researchers at Kaspersky Lab who tried to tackle the issue of misleading both victims and security researchers.

Continue reading →

A new study has revealed that many consumers are suffering from "security fatigue" as a result of relentless cybersecurity warnings which have led to many of them failing to protect themselves online.

The study was conducted by the US National Institute of Standards and Technology (NIST), by conducting in-depth interviews with a wide cross-section of Americans between the ages of 20 and 60 living in rural and urban areas in both low and high-paying jobs.

Continue reading →

It's reckoned that by 2020 three-quarters of new cars shipped globally will have some form of internet connectivity.

But while this brings benefits in terms of practicality and ease of use it also adds cars to the list of IoT devices that are vulnerable to attack. We've already seen Fiat Chrysler recalling cars to fix a vulnerability and this could be just the tip of the iceberg.

Continue reading →