Articles about Security

Return of investment for cybersecurity: Can we put a number on it?

Almost eight years ago, Bruce Schneier wrote a great article about the problems of ROI calculation for cybersecurity spending within organizations. Since then, both annual spending on cybersecurity and the cost of global cybercrime have significantly increased.

Despite that organizations increased their information security budgets by 24 percent in 2016, many security officers still have to justify to their management every extra thousand spent on cybersecurity. Traditionally, Europe is more conservative than US, and many more European security officers are asked to reduce their initial cybersecurity budgets by removing some items or replacing them with less expensive alternatives.

Continue reading

Microsoft is backing up your encryption keys in the cloud, but you can prevent this

cloud key

Microsoft, like many companies, ships some of its products with disk encryption and that's a good thing given the state of today's world. The vast majority of customers have nothing to hide, but they also don't wish to be watched by the prying eyes of governments and others.

However, it is being reported that the Windows maker is storing encryption keys in the cloud. While that doesn't necessarily mean a problem, it's also a bit scary because of the potential for what can go wrong -- a Murphy's Law scenario. This issue was first reported by The Intercept, which notes that your keys "may" be stored in the cloud -- not everyone's are.

Continue reading

Dodgy database exposes details of 191 million US voters

Ballot box

If you've voted in a US election at some point in the last 15 years, there's a high chance that your personal details are now out in the wild. Security researcher Chris Vickery found a misconfigured database that exposes the details of no less than 191 million US voters.

The discovery was made a little over a week ago, and includes the names, addresses, phone numbers, email addresses, state voter IDs, and party affiliations of people registered to vote since the year 2000. The amount of detail contained in the database gives real cause for concern, and Vickery was shocked to find his own details were easily accessible due to a database misconfiguration.

Continue reading

2016 will see the rise of DDoS-as-a-service

DDoS attack start

We've already seen a big increase in DDoS attacks in the past year and according to the latest predictions these are set to continue and become more sinister in nature as we move into 2016.

Security specialist Corero foresees a rise in 'Dark DDoS' attacks used as various smokescreens to distract victims while other attacks infiltrate corporate networks to steal sensitive data.

Continue reading

How to view saved Wi-Fi passwords in Windows 10, Android and iOS

So many stores, service stations, coffee shops, pubs and so on offer free Wi-Fi that you probably have countless networks saved on your phone or laptop. Having a password saved on your computer is great, but how can you get the password so you can use it on your phone as well?

Rather than trying to hunt down a member of staff to ask, or hunting high and low for that tiny sign that shares the password, you can instead view the wireless passwords you have saved. Read on to find out how to retrieve these passwords in both Windows 10 and Android.

Continue reading

North Korea's Red Star OS leaves the government in control of computers

Based on Fedora Linux, you might expect North Korea's Red Star OS to be a secure operating system. It's not -- at least not by most people's standards. Like China, the socialist state is keen to embrace the power of the internet, but wants to retain control over is citizens. This s exactly what Red Star OS enables the government to do.

Germany researchers from the security company ERNW have probed Red Star OS, examined the code and determined that it is a home grown operating system that leaves the government in control of many aspects of its use, including encryption. It has been suggested that North Korea is paranoid that the west will try to infiltrate through software, but it is North Korean citizens that should be more worried.

Continue reading

China passes law requiring tech firms to hand over encryption keys

Apple may have said that it opposes the idea of weakening encryption and providing governments with backdoors into products, but things are rather different in China. The Chinese parliament has just passed a law that requires technology companies to comply with government requests for information, including handing over encryption keys.

Under the guise of counter-terrorism, the controversial law is the Chinese government's attempt to curtail the activities of militants and political activists. China already faces criticism from around the world not only for the infamous Great Firewall of China, but also the blatant online surveillance and censorship that takes place. This latest move is one that will be view very suspiciously by foreign companies operating within China, or looking to do so.

Continue reading

Twitter says it is beating the trolls

Social networks were designed for people, and people mean problems. In particular, the likes of Facebook and Twitter have become havens for bullies and trolls, eager to prey on others online. Twitter has launched tools and education programs to combat trolling, and now the site says that it is winning the battle.

After making it easier to report abusive tweets and increasing the size of its anti-troll team, Twitter believes it is getting 'bad behavior' under control. As well as bullying of acquaintances and work colleagues, Twitter has also been used to attack celebrities, the gay community, religious groups, and more, with many people feeling driven from the site. It seems that the decision to take a very hands-on approach to troll tackling is starting to pay off.

Continue reading

Oracle agrees to warn Java users of malware risk

Oracle is about to issue a warning that Java users could be exposed to malware, the media have reported on Tuesday.

The exposure is the result of a flaw that existed in Java’s software update tool. After an investigation conducted by the US Federal Trade Commission, Oracle (Java’s distributor) has agreed to issue a warning over its social media channels and on its website, otherwise it would have been fined.

Continue reading

Weaponization, iOS attacks and biometrics – the security landscape for 2016

It's the time of year when companies inevitably turn to their crystal balls and try to predict what the coming year will have in store.

Where security is concerned there's a focus across the board on the evolving threat landscape and the tools needed to deal with it. We've brought together predictions from some of the leading industry experts.

Continue reading

Google tests password-free logins on iOS and Android

Online security concerns mean that we have become reliant on passwords to access so many different services. The sensible and secure route to take is to use a unique password for every site and service you access, but unless you have a record-breaking memory, this can prove tricky. Google has a solution: ditch the password entirely.

While this may be seen as a step down from the two-factor authentication that so many companies have been pushing for in recent years, it is actually quite similar in many respects. Google's method focuses on speed and convenience, and still requires the use of a smartphone.

Continue reading

DDoS attacks rise by 180 percent in 2015

To some this will come as a surprise, to others not as much, but the Distributed Denial of Service, also known as DDoS -- was the most popular type of cyber-attack in the past year.

According to a report by security firm Akamai, there has been a jump of 180 percent in the number of DDoS attacks in 2015. The ending year also saw records broken in the size of the attacks, as well.

Continue reading

Tim Cook: Apple will not budge on encryption

With many U.S. lawmakers calling for an end to encryption, Tim Cook has decided to reiterate Apple’s stance on the matter. Apple’s CEO believes that when it comes to encryption there is no trade-off between privacy and national security.

During CBS’ program 60 Minutes, on Sunday Cook defended the need for encryption and how it important it is to Apple and its consumers. According to Cook, there is no reason why Americans should not be able to have privacy while simultaneously protecting America’s national security.

Continue reading

Apple wants the UK government to rein in snooper's charter

Tim Cook is a vocal opponent of any form of encryption weakening, and now Apple has spoken out against the UK government's Investigatory Powers Bill -- otherwise known as the snooper's charter. Currently in draft form, the bill would require ISPs to retain customers' browsing histories for a year, and would require technology companies to implement backdoors that would allow encryption to be bypassed.

Apple says that it has serious concerns about the proposed bill in its current form, and calls for sweeping changes to be implemented. The company has famously refused to allow access to encrypted iMessage chats, and this is a stance it is reiterating.

Continue reading

Panda Security: 2016 will be the year of Android of IoT attacks

Security experts from Panda Security warn that 2016 is set to be a bumper year of attacks and malware infections. The company says that malware will grow at "an exponential rate", with Android, mobile payment platforms, and the Internet of Things being key targets.

Business, individuals, and corporate users alike are at risk, and it is predicted that infections via JavaScript and Windows 10's Powershell are to be common attack vectors. Exploit kits are due to increase in popularity, largely because of the fact that it is not currently easy to combat them.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.