Articles about Security

Why organizations need a risk-based approach to securing payment card data [Q&A]

card theft

The Payment Card Industry Data Security Standard (PCI DSS) has done much to cut credit card fraud by ensuring that businesses comply with the rules.

But Charles White founder and chief executive of UK-based risk consultancy Information Risk Management (IRM) argues that it has now become little more than a tick box activity which enterprises go through to gain accreditation.

Continue reading

App collusion is not a myth anymore

Up until today, app collusion for malicious purposes has been in the domain of myths and urban legends, but according to a new report by Intel Security, no more.

The security firm released its latest security report, entitled McAfee Labs Threats Report: June 2016, in which it says that it had found some apps capable of app collusion.

Continue reading

AT&T fends off 200,000 malware attacks every day

Google stops developers and Mac users installing unofficial Chrome extensions

AT&T has revealed that its network is constantly under the threat of attack by cybercriminals looking for ways to breach its security.

Each day the company detects over 30 billion malicious scans being deployed to find weaknesses in its network. Cybercriminals often use such scans to detect security vulnerabilities that could be exploited in future attacks. Researchers at AT&T also noted how the number of ransomware attacks increased significantly, with as many as 1.5 million new attacks occurring between 2013 and 2015.

Continue reading

Major websites are vulnerable to advanced bots

Google finds security questions are crap because your answers are fake

Pretty much every top website, in retail, financial services, consumer services, OTA members (Online Trust Alliance), news and media, and top US government agencies, is vulnerable to advanced bots, new research says.

Bot detection and mitigation company Distil Networks, analyzed 1,000 top websites in these verticals, and how they behave against crude, simple, evasive and advanced bots. All of the verticals performed quite well against crude bots, (75 percent in consumer services, 70 percent in government, 65 percent in financial services, 64 percent in news and media, 78 percent in retail and 67 percent in OTA members), but when it comes to advanced bots, one percent is the best result found.

Continue reading

Most countries unprepared for General Data Protection Regulation

Globe data

The EU's General Data Protection Regulation (GDPR) intended to strengthen data protection is due to come into force in May 2018, yet new research from content management company Metalogix shows IT professionals in many countries aren't prepared for it.

Among the top IT considerations for a cloud archiving solution, GDPR readiness ranked only fourth, named by 26 percent, behind security (79 percent), administrative control (50 percent), and service level agreements (44 percent).

Continue reading

Apple: Developers must use App Transport Security by 2017

Apple has announced that the deadline by which app developers must enable App Transport Security (ATS) in all apps is 1 January 2017. ATS is not a new feature of iOS 10, having been introduced in iOS 9 and it increases the security of data transferred over the web by apps.

With ATS enabled, apps are forced to use the far more secure HTTPS rather than HTTP, and this is something we've become accustomed to looking out for when browsing the web. At the moment, developers are able to disable ATS, but from the end of the year this will no longer be possible.

Continue reading

Retailers aren't spending on the right areas to protect data

Lock and money

The retail sector has been the subject of some of the most high profile data breaches in recent years. Add to this the willingness of customers to switch allegiance in the event of a breach and it's clear the industry needs to take security seriously.

A new survey from enterprise data protection specialist Vormetric in conjunction with 451 Research focuses on retail companies, detailing IT security spending plans, perceptions of threats to data, rates of data breach failures and data security stances.

Continue reading

IT vs security pros: Handling appsec

pixel padlock

A new report into corporate app security, conducted by runtime application security visibility and protection company Prevoty, shows significant discrepancies between IT and security professionals, when it comes to app security.

The report, entitled "The Real Root Cause of Breaches -- Security and IT Pros at Odds Over AppSec", is based on a poll of more than 1,000 IT and security professionals and says there are major divides in how these two groups handle app updates, app security tuning and backlogging.

Continue reading

EMEA businesses too slow to detect a data breach

It takes businesses in the EMEA region (Europe, Middle East, Africa) three times longer than businesses elsewhere in the world to detect a breach, mostly because they’re forced to detect such hits themselves instead of relying on outside help.

Those are the general conclusions of the first Mandiant M-Trends EMEA Report. The report, released by security experts FireEye, is based upon the statistics collected during investigations in the region, done by Mandiant’s leading consultants in 2015.

Continue reading

Symantec buys Blue Coat Systems

Symantec has decided to purchase Blue Coat Systems for $4.65 billion in a move that will allow it to more thoroughly protect its users from a variety of threats online.

The deal will also see Blue Coat’s CEO, Greg Clark, become Symantec’s new CEO. This will help the company fill the role which has been vacant since its previous chief executive, Michael brown stepped down in April due to poor financial results.

Continue reading

IoT has too many devices and not enough security

As Internet of Things devices expand their reach into the enterprise, they make greater demands on security.

New research from cyber security specialist ForeScout Technologies reveals that while IT professionals acknowledge the growing number of IoT devices on their networks, they are unaware of how to properly secure them.

Continue reading

More than half of board members are willing to sack security execs for poor reporting

Boss firing employee message card

The decisions that board level executives make on cyber security are very dependent on the quality of the reports they receive from front line management.

A new report from cyber risk analysis specialist Bay Dynamics, carried out in conjunction with Osterman Research, looks at how boards of directors see cyber security reports. Among its findings are that 59 percent of board members say that one or more IT security executives will lose their job as a result of failing to provide useful, actionable information.

Continue reading

SailPoint extends open identity management platform

unknown identity

Since threats to enterprise systems often come from stolen or compromised credentials, managing user identity is a vital part of modern security.

Access control specialist SailPoint is announcing a plugin framework for its SailPoint IdentityIQ platform that will allow customers and partners to develop extensions to the core product features, so they can move towards a more identity-aware organization.

Continue reading

Internet of Things devices are NSA's latest target

The Internet of Things (IoT) may be the US National Security Agency’s next potential target for spying and collecting data according to a comment made by its deputy director at a recent military technology conference.

During the conference, which was held in Washington DC on June 10, deputy director of the NSA Richard Ledgett said that the agency is considering potential ways it could collect data from internet-connected devices such as smart appliances and pacemakers.

Continue reading

Encryption-focused Apple File System (APFS) replacing HFS+ on macOS, iOS, tvOS, watchOS

Apple was quite boisterous at WWDC today regarding its operating systems and services. Quite frankly, I was blown away at all the ways the company is looking to improve its customers' lives, but some folks were apparently underwhelmed. Oh well, you can't please everyone, I suppose.

For some reason, Apple was fairly quiet about one huge change -- it is replacing the HFS+ file system. Based on the more-than-30-year-old HFS, it is apparently time to move on. What is the upcoming file system called? The unimaginatively "Apple File System". The encryption-ready file system will be used on macOS, iOS, tvOS, and watchOS.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.