Articles about Security

New Webroot solution uses threat intelligence to secure IoT gateways

AI

As the Internet of Things takes off, gateways are increasingly being used to connect legacy and next generation devices, but they often don't have the security features to protect critical infrastructure.

Endpoint security specialist Webroot is launching a new threat intelligence solution for IoT gateways to secure them against advanced and persistent network based threats.

Continue reading

90 percent of financial services IT security pros fear security breaches

Piggy bank theft

A new survey of IT security professionals working in the financial services sector reveals that 90 percent feel vulnerable to security breaches and 44 percent have actually experienced one -- 19 percent in the last year.

These findings come from enterprise data protection specialist Vormetric which, in conjunction with 451 Research, has issued a financial services edition of its 2016 Data Threat Report.

Continue reading

Businesses open to hiring ex-hackers to beef up security

The Hollywood scenario where people hire ex criminals to do their bidding, as no one else seems to have the necessary skills, has been replicated in real life, according to a new report by cyber-security service provider SecureData.

SecureData says more than a third of businesses (34 percent) would have no problems hiring an ex hacker to compensate for the lack of in-house cyber-security skills. I just wonder how you classify someone as an "ex hacker".

Continue reading

Most enterprise Windows environments are not secure enough

Security

A new survey, from the real-time IT management company ManageEngine, has revealed that 70 percent of global IT administrators believe that their Windows environments are at risk of malicious attacks.

The survey, titled "Global Active Directory and Windows Server Security -- Trends and Practices Survey, 2016", gathered the opinions of over 325 IT administrators from organizations around the world.

Continue reading

Anonymous teams up with GhostSquad to attack major banks

Anonymous has joined forces with GhostSquad to launch successful cyberattacks on eight international banks that were forced to shut down their websites.

The hacktivist collective alongside the hacker group GhostSquad have launched a new operation called Op Icarus which aims to punish corrupt banks and individuals in the financial sector.

Continue reading

India has mobile forensic tools to hack into iPhones

The case of the FBI seeking to force Apple to provide backdoor access to the San Bernardino shooter's iPhone focused attention on security and encryption once again. The agency may have been able to gain access to the phone with help from a third party, but the Indian government has gone one better.

Communications Minister Ravi Shankar Prasad has revealed that the government has a tool that can be used to gain access to, among other devices, Apple's iPhone. This is not to say that a tool has been created that bypasses encryption, rather that a method for getting past the lockscreen has been developed.

Continue reading

Outdated software on BYOD devices puts business data at risk

When people used office workstations managed by the IT department it was relatively easy to manage security because there was a defined perimeter.

In the modern era of mobile devices and BYOD though security becomes much harder. Authentication specialist Duo Security has released a new report on the security health of user devices, based on data gathered from more than two million devices used by businesses worldwide.

Continue reading

Think Android security updates take too long to roll out? So do the FTC and FCC

Both the Federal Communications Commission (FCC) and Federal Trade Commission (FTC) are starting to ask the questions that Android users have been asking for years: why do updates and upgrades take so long to roll out?

If you're in possession of a flagship or recent handset, the chances are you're in line to receive timely updates for the foreseeable future. But Android's fragmentation means that older handsets quickly drop off the radar, get forgotten and remain unpatched. The FCC and the FTC both want to know why security patches are slow to hit phones, and the agencies have launched separate, but parallel, investigations.

Continue reading

New security vulnerability affects one in four Android devices

A security vulnerability on Google’s Android OS has exposed users’ text messages, call histories and other sensitive data for the past five years.

The security firm FireEye has released a blog post detailing how it affects smartphones running Android 4.3 Jelly Bean as well as earlier versions of the OS. The bug, which has been indexed as CVE-2016-2060, allows apps to access sensitive user data by taking advantage of Android’s permission system.

Continue reading

Security concerns keeping IT pros up at night

cloud padlock

Security is still the main reason IT professionals are up at night, new reports from BCS, The Chartered Institute for IT say.

BCS has asked 444 IT experts about their thoughts and fears revolving their company in 2016. The results, released in the 2016 Digital Leaders survey, show a mix of "predictable" and "thoughtful" ideas, as the BCS puts it.

Continue reading

Lenovo fixes yet another major security vulnerability

This past year hasn't been kind to Lenovo. The company has had quite a few security problems on its hands, most affecting its Windows software. The PC maker has issued patch after patch to address them, but it now looks like the saga is far from over.

A security researcher has uncovered a new vulnerability in the Lenovo Solution Center software, which comes preloaded on the company's desktops and laptops to help users monitor things like battery life and driver updates.

Continue reading

Cyber criminals love to attack hotel chains

Hotels represent rich pickings for cyber criminals. There's the potential to steal information from large numbers of customers with consequent financial gains.

Researchers at Panda Security have issued a report showing the major attacks targeted against hotel chains in 2015.

Continue reading

Microsoft Edge users can now install Adblock Plus or AdBlock extensions

Microsoft Edge

Extensions, or the lack thereof, have been stumbling block for many would-be Microsoft Edge users. Support for add-ons has finally arrived, bringing with it the potential for something people have been asking for since Edge first appeared -- the ability to block ads.

It had previously been thought that Edge might feature native ad blocking, but this turned out to be a matter of poor communication from Microsoft. We've already shown you a slightly bodged-together way of blocking ads in Edge, but now Adblock Plus and AdBlock extensions have been officially released to the Windows Store.

Continue reading

Crowdsource your security knowledge: A simple guide to OWASP Top 10

security guards

Over the past two years, the Internet has seen some of the biggest, most devastating data breaches in history. With each attack, millions of personal identifiable information records are stolen, leading to the possibility of identity theft, banking fraud, and in some of the most notable cases, that's right -- divorce.

From an internet security standpoint, what’s most interesting about these data breaches isn’t the various celebrities naive enough to sign up for Ashley Madison with their real names but rather that these breaches often come from some of the most common methods hackers have for accessing data. Shouldn’t these common methods be the most widely protected against? That’s what a large portion of the internet security community believes, and that’s where the Open Web Application Security Project (OWASP) comes in. OWASP is an open-source security community that publishes the most common attacks to help developers keep their software from being the source of a critical (and possibly humiliating) breach. Keep reading to find out what OWASP’s Top 10 Project is as well as what those Top 10 actually are.

Continue reading

What you need to know about spear phishing

Phishing

Unlike spam or phishing emails, which involve a broad and varied range of targets, spear phishing is a highly-targeted email attack against a specific group, organization, or even person.

The main aim of a spear phishing attack is either to obtain unauthorized access to sensitive data, whether this is intellectual property, financial data, trade or military intelligence, or to get the recipient of the email to act on a command, whether this is to transfer money or share confidential data.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.