IT budgets will mostly go towards buying mobile devices, security
IT budgets for businesses in the US will be mostly spent on security, and mobile devices allowing employees remote working, a new survey has shown.
According to a new survey by Wakefield, 30 percent of US businesses will spend most of their IT budgets on network and data security, and 28 percent will spend it on mobile devices allowing employees to work remotely.
Bitdefender's new tool protects against ransomware
Ransomware is the malware du jour, and each strain seems more vicious than the last. As with any virus variant, there is a game of cat and mouse played out between virus writers and security companies as each battles to outwit the other.
Trying to get ahead of the curve, Bitdefender has released a tool that offers protection against the likes of CTB-Locker, Locky and TeslaCrypt. When it comes to dealing with ransomware the advice, unfortunately, has become a case of either pay up, or revert to data backups. Alternatively, you could try prevention rather than cure, and Bitdefender's 'crypto-ransomware vaccine' could be what you've been looking for.
Apple responds to FBI iPhone hack, but questions remain
Yesterday, the FBI announced that it had managed to break into the San Bernardino shooter's iPhone sans help from Apple. The iPhone manufacturer will undoubtedly be pleased that the court case has come to an end without the company having to cave in and assist the agency.
In a statement, Apple said: "From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought". But with the FBI's previous insistence that help from Apple was absolutely essential, some serious questions remain.
FBI cracks San Bernardino iPhone without help from Apple
The US justice department has announced that it has successfully cracked the iPhone belonging to the San Bernardino shooter, Syed Farook. The FBI was able to unlock the phone without help from Apple, ending the lawsuit that had pitted the FBI against Apple.
In a statement, the Justice Department said: "The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple." It has been thought that Israeli security firm Cellebrite was helping the FBI, but the question now has to be asked about the security of other iPhones and whether law enforcement agencies will use the same technique to access data in the future.
New research helps isolate real threats from suspicious activity
Security teams often spend a lot of their time investigating anomalies and suspicious behavior, leaving them less time to focus on true threats.
Cloud security specialist CloudLock is tackling this problem with research into what it calls a Cloud Threat Funnel. Based on analysis of user behavior patterns it can isolate truly malicious threats from the noise of other potentially suspicious or unusual behaviors.
The dangers of using public Wi-Fi hotspots
There are hundreds of thousands of free public Wi-Fi spots throughout the UK. Widespread connectivity and free accessibility are two appealing features that tempt users to open up their devices for on-the-go convenience.
However, uncontrolled access to public Wi-Fi hotspots and robust mobile security often conflict with one another. Cyber-criminals now find it increasingly easy to attack public Wi-Fi networks using Man-in-the-Middle (MitM) techniques which allow the attacker to clearly view all information transmitted across networks.
Software vulnerabilities are up -- but it's not Microsoft's fault
The number of software vulnerabilities has increased over the last year, but the majority of them are in non-Microsoft products.
This is a key finding of the latest Vulnerability Review from Flexera Software, which in 2015 recorded 6,081 vulnerabilities in 2,484 products from 263 vendors. This compares to 2014's figures of 15,698 vulnerabilities in 3,907 products from 514 vendors.
PETYA ransomware targets enterprise users via the cloud and overwrites MBRs
Crypto-ransomware is the malware du jour, and the likes of TelsaCrypt 4 and KeRanger are just some of the names to hit the headlines recently. One of the latest examples of ransomware, PETYA, is taking a slightly different and more worrying approach -- it not only targets enterprise users, but also encrypts entire hard drives rather than just a selection of files.
PETYA -- also known as RANSOM_PETYA.A -- goes to some lengths to make sure that victims know that their computers are infected, overwriting the MBR (Master Boot Record) to display a ransom note during the boot process. The malware uses a "military grade encryption algorithm" to lock users out of their files, and victims are directed to venture onto the dark web using the Tor browser to make a Bitcoin ransom payment.
Best practices for securing your website
The web seems like a dangerous place lately, doesn’t it? We’re constantly hearing about some new piece of malware, or a website that was hacked and defaced, or a new vulnerability in what was once thought to be a secure protocol. I wouldn’t blame you for being paranoid -- after all, to hear the media tell it, your site’s under attack by criminals and ne’erdowells from all sides.
Here’s the thing -- if you’ve taken all the necessary steps to keep your site safe, you actually don’t have a whole lot to worry about. And that’s where we come in. Today, we’re going to talk about some best practices for securing your site, and protecting it against everything from infected clients to ignorant users. Let’s get started.
Losing customer trust is a major concern for DDoS targets
The loss of trust and confidence of customers is the most damaging consequence of a DDoS (distributed denial of service) attack, a new survey by Corero Network Security says.
In the annual survey, entitled DDoS Impact Survey, losing trust is the most damaging consequence for 50 percent of those surveyed, followed by lost revenue, for 34 percent. The surveyed include IT decision makers (ITDMs), network operators and security experts that were present at the recently held RSA 2016 conference.
The rise of the advanced persistent bots
Overall bad bot activity is decreasing, but the number of advanced persistent bots is up according to a new report.
The 2016 Bad Bot Landscape Report from Distil Networks reveals that 88 percent of all bad bot traffic has one or more characteristics of an advanced persistent bot, one that's able to mimic human activity and evade detection.
Zero day OS X flaw can bypass System Integrity Protection
Security company SentinelOne has released news of a major flaw in Apple OS X systems that can allow the bypassing of the latest System Integrity Protection security feature.
This zero day vulnerability is present in all versions of Apple's OS X operating system. It has been reported to Apple and patches will be available soon. SentinelOne’s lead OS X security expert, Pedro Vilaça, is presenting the full findings on this vulnerability today at SysCan360 2016 in Singapore.
Uber announces bug bounty program
Uber is calling on independent computer researchers and experts to find weaknesses in its system as the transportation firm is set to release its technical map.
As Uber jumps into the bug bounty bandwagon -- a philosophy that has long been advocated by the open-source software movement -- it details its software infrastructure to the public, identifies what sorts of data might be exposed inadvertently and suggests what types of flaws are the most likely to be found.
User error is the leading cause of data loss in SaaS applications
Accidental deletion of information is the leading cause of data loss from SaaS applications, responsible for 43 percent in the US and 41 percent in the UK, ahead of data loss caused by malicious insiders and hackers.
This is among the findings of a new survey of IT professionals in the US and UK from cloud backup specialist Spanning which also has insights into who is responsible for SaaS data protection, organizational confidence in SaaS data protection, and the top concerns surrounding moving data to the cloud.
Police: if you fall victim to online fraud, it's your own fault
Victims of online fraud are to blame for their misfortune and should not be rewarded with a refund for money they lose. This is the view of UK Metropolitan police commissioner Sir Bernard Hogan-Howe who says that banks should not pay money lost to online fraud as the victims have not taken their security seriously.
Rather than offering refunds to customers, banks should instead be encouraging them to use stronger password, keep antivirus software up to date, and generally be more careful. It's a view that’s certainly going to prove controversial and raises the question of whether the carrot or the stick is the best approach to tackling online fraud.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.