Articles about Security

Insurance companies have slightly different software needs from other businesses. They need to expand accounts, drive renewals, streamline the new policy acquisition process and manage claims.

Now cloud specialist Vlocity and insurance solution provider Insurity are announcing a partnership that will deliver a cloud solution for insurance businesses.

Continue reading →

Here’s another solid proof of what security experts have been buzzing about in the past few years -- that people are the single greatest cyber-security threat to businesses.

This time, proof comes from Transputec and Business Continuity Institute, which have polled 369 business continuity professionals from all over the world into enterprise cyber-security.

Continue reading →

To the amazement of some, and the disappointment of others, the FBI today recommended that no charges be brought against Hillary Clinton over her use of a private email server. The presidential hopeful was roundly criticized, however, with James Comey describing her actions as "extremely careless".

The FBI director's remarks came after Clinton took part in a voluntary interview over the weekend, and after the bureau's investigation found that her private email account had indeed been used to send classified and even secret information -- officially a misdemeanour. The FBI's line is that "no reasonable prosecutor would bring such a case".

Continue reading →

When we discuss mobile malware we usually look at the technological aspects, specifically how it's designed, how it spreads, what devices it targets, how it affects them after infection, and how it can removed. What we rarely get to talk about is the financial side of things, which in the case of certain types of malware is the primary interest of their creators.

Check Point has published a report on the HummingBad malware campaign, finding that it generates $300,000 a month in fraudulent revenue with a pool of 85 million infected Android devices across the globe at its disposal. In a year attackers are looking at about $3.6 million in revenue, assuming the number of devices does not expand considerably.

Continue reading →

New figures reveal a 52 percent rise in young identity fraud victims in the UK. In 2015, just under 24,000 people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.

The figures from fraud prevention service Cifas -- which is calling for better education about fraud and financial crime -- are released alongside a new short video designed to raise awareness of ID fraud among younger age groups.

Continue reading →

Starting October 1, all government digital services (GDS) websites will be required to use HTTPS encryption, according to new security guidelines.

All services will additionally have to publish a domain-based message authentication, reporting & conformance (DMARC) policy that will be applicable to their email systems.

Continue reading →

A newly revealed vulnerability on Android phones is able to bypass the full disk encryption on over half of devices.

The attack, demonstrated by Israeli security researcher Gal Beniamini, can allow an attacker to break through the levels of trust and privileges that are intended to ensure only legitimate code can access secret material, such as DRM keys or disk encryption keys.

Continue reading →

With cyber attacks on the rise, organizations are facing pressure to beef up their security to avoid falling victim to such an attack. However, a recent IT security report from Spiceworks shows that 80 percent of organizations were affected by at least one security incident during 2015.

To compile its report, the company surveyed over 600 IT professionals from the US and UK. Shockingly, Spiceworks discovered that few organizations have either an in-house or third-party cyber security expert on call.

Continue reading →

Ransomware has gone mainstream with several high-profile attacks. It essentially locks your data away and demands money to free it – essentially mob protection money. While some tools have been released to aid frantic people in these times, most versions have gone unfixed.

Now AVG, the free antivirus company, has come out with six new tools designed to fight this affliction. Each is for a different form of this malware.

Continue reading →

Cisco has announced that it will be acquiring the cloud-based security provider CloudLock for $293 million in cash and equity.

CloudLock makes use of application program interface (API) technology to allow enterprises to apply and monitor the security of documents and other content that is accessible via cloud-based applications. The service works with Office 365, Google Drive, Salesforce applications and thousands of other apps and programs.

Continue reading →

German investigative journalists from the c’t magazine said many home security systems come with a huge vulnerability which can put every home using the system at risk.

The vulnerability, however, is nothing fancy in hacking terms -- it’s pretty obvious and straightforward, but frequently overlooked. You see, similar to Internet routers, these home security systems are configured through a browser, and many come with easily crackable passwords like "1234" or "admin1234".

Continue reading →

I’ve been trying not to think about Euro 2016 after England’s whimpering exit on Monday night, but new research from mobile security and management firm Wandera has grabbed my attention.

According to analysis of data traffic patterns from enterprise mobile devices, the official UEFA Euro 2016 Fan Guide App is leaking user’s personal information -- including usernames, passwords, addresses and phone numbers -- over unsecure internet connections.

Continue reading →

One of the most common questions I am asked when collaborating with customers is "…what makes a useful adversary profile?" The easy answer is any summary that allows your team to make faster and more accurate decisions when push comes to shove, but the deeper answer is more artful than scientific.  Adversary profiles are the intelligence intersection across a team’s defensive efforts and can demonstrate a distinction from teams who have made a conscious decision to transform from 'whack-a-mole' to 'know thy enemy'.

So…What makes an invaluable adversary profile? Here are a couple points you should consider when structuring an adversary blueprint.

Continue reading →

A new report focusing on malware in the enterprise, finds that large organizations (those with more than 200 iOS or Android mobile devices) are almost guaranteed to have at least one malware-infected device.

The report, by mobile threat defense specialist Skycure finds that four percent of all mobile devices have malware installed, regardless of whether they are managed by an enterprise or an individual.

Continue reading →

Out of 300 IT professionals attending the Infosecurity Europe conference, almost half (49 percent) believe their CEO has fallen victim to a targeted phishing attack.

The results have been published in a new paper by unified security management and crowd-sourced threat intelligence company, AlienVault.

Continue reading →