Articles about Security

A new study reveals that 53 percent of IT professionals use common, but ineffective, methods to erase data on corporate computers, external drives and servers.

The survey by Blancco Technology Group of over 400 professionals worldwide found that 31 percent report dragging individual files to the Recycle Bin and 22 percent reformat the entire drive.

Continue reading →

A majority of enterprises (79 percent) say they have taken action to improve their security in response to major cyber attacks. However, 40 percent of organizations still store privileged and admin passwords in a Word document or spreadsheet, while 28 percent use a shared server or USB stick.

This is among the findings of the 10th annual Global Advanced Threat Landscape Survey from cyber security company CyberArk which looks at whether organizations are learning lessons from cyber attacks.

Continue reading →

The number of breaches and their severity are both growing, a new report by digital security company Gemalto is saying.  Titled Breach Level Index, it says there has been 15 percent more data breaches in the first half of 2016, compared to the last six months of 2015.

A total of 974 data breaches were reported worldwide, amassing 554 million compromised data records, in the first half of 2016. It is also interesting that in more than half of cases (52 percent), the number of compromised records were not disclosed at the time of reporting. Looking specifically at the UK, there have been 61 breaches, most of which happened at the government sector (14). Finance and healthcare sectors were close second and third.

Continue reading →

In the first six months of 2016 users were twenty percent less likely to encounter malware than in the same period last year. But although attacks are decreasing they’re getting more sophisticated and often disappear within hours having achieved their aims.

These are the key findings of the latest Webroot Quarterly Threat Report, based on information collected from millions of endpoints, released today.

Continue reading →

The highest rates of ransomware are now found in the education and government sectors according to the findings of a new report from BitSight.

The report looks at how ransomware is impacting almost 20,000 companies in six major industries: finance, retail, healthcare, energy/utilities, government and education. The findings show that the rate of new ransomware strains, such as Locky and Cryptowall, has spiked over the last couple of years, and numerous industries are beginning to fall victim to these ransomware attacks.

Continue reading →

Oracle has announced that it will purchase the cloud access security broker (CASB) Palerra, making this the company's eight acquisition in 2016.

The deal was announced at the beginning of Oracle OpenWorld in San Francisco and the amount which the company is paying for Palerra has yet to be disclosed. Oracle made the decision to purchase the company for its Loric software product as it "protects and assures compliance of applications, workloads and sensitive data stored across cloud services".

Continue reading →

Traditional approaches to deploying security controls don't always provide appropriate or sufficient protection for mission-critical information assets.

Aiming to support enterprises in guarding this information, the Information Security Forum (ISF) is launching 'Protecting the Crown Jewels', a series of reports based on the ISF Protection Process, to help organizations formulate a structured, methodical process to deliver comprehensive, balanced protection.

Continue reading →

A company is rarely attacked by a DDoS (distributed denial of service) just once. If it happens once, it will probably happen again, which is why constant preventive measures are required, if a company wants to keep their online services operational.

These are the results of a new report by Kaspersky Lab. Entitled Corporate IT Security Risks 2016, it says that one in six companies were victims of DDoS attacks in the past 12 months. The majority of those attacks were aimed against construction, IT and telecommunications companies.

Continue reading →

The potential for data loss is there for all businesses, but smaller organizations often don’t have the resources to guard against it as effectively as larger ones.

Safetica, an established European data loss prevention company, is launching in North America and aiming its software at small and medium businesses. It's easy to use, helps businesses of all sizes comply with regulations, and Safetica provides support before and after deployment at no charge.

Continue reading →

Businesses are increasingly recognizing that passwords are no longer an adequate way of protecting systems. But users still need a means of access that is easy to use, secure and doesn't get in the way.

Cloud-based access provider Duo Security is today announcing that it's combined its flagship two-factor authentication and device insight with single sign-on (SSO) capabilities to create a trusted access platform.

Continue reading →

Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care. These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016.

It says that hospitals paid almost $100,000 (£75,500) to a specific bitcoin account. In the first half of 2016, one "actor" (it could be a single hacker, but more likely a group) apparently received $121 million in ransomware (189,813 bitcoin), targeting various industries. This actor, according to the report, has had profits of $94 million in the first six months of this year.

Continue reading →

Hackers are using social media to gather information about their next victim. They use that information to form sophisticated strategies and deliver advanced threats into networks.

These are the results of a new Blue Coat Systems report, based on a poll of 3,130 workers in various industries in Great Britain, France and Germany. Key takeaway from the report is that user behavior has not improved much since last year. This year, 42 percent of respondents say they only accept friend requests from people they know.

Continue reading →

Because it allows only the essential elements of the Windows operating system to run, Safe Mode is a useful tool for diagnosing and fixing problems. But according to researchers at CyberArk Labs it could also be exposing you to risk.

Safe Mode stops a lot of third-party software from running at startup and that can include many security solutions. Attackers who have gained remote access to a machine may therefore be able to reboot it into Safe Mode to launch attacks.

Continue reading →

When it comes to corporate IT security, one of the biggest pain points is the mobile device. With almost every employee having one, and many bringing their own, the cyber-attack surface increases dramatically, putting corporate data at huge amounts of risk. Now, IBM is stepping into the game with a service of its own, which aims to protects mobile devices, via IBM Cloud.

The mobile-security-as-a-service, called IBM MaaS360, aims to help IBM’s clients address local data protection standards. It is currently in operation in the US, Germany and Singapore, with France and India already in the works. They will be followed by an "additional eight countries" planned for the next two years. IBM didn’t go into further detail, but we’re hoping the UK will be among them.

Continue reading →

If your company counts 50 people, at least one of them might be a malicious insider, according to new studies. Imperva has released a report which says that 36 percent of surveyed companies suffered a security incident involving malicious insiders in the past year. One in every 50 employees is considered to be a malicious insider.

Another interesting finding is that not all malicious insiders are disgruntled former employees looking to inflict some damage as they close the door on their way out. There are people who are using their position to transform confidential data into a second stream of income. The ramifications of such behavior can be dire -- in one example, a company has had to shut down operations for three weeks, after an attack, and another had its banking system hacked.

Continue reading →