Articles about Security

How today's work gets done in the cloud

In recent years cloud technology has allowed organizations of all sizes and across all industries to become more flexible and more productive.

Identity and mobile management specialist Okta has produced a report based on usage data across more than 2,500 customers and 4,000 apps that sheds light on how organizations and people get work done today, and on what security measures companies use to keep data safe.

Continue reading

New Spotify privacy policy angers users and drives some away

Spotify has updated its privacy policy, and a lot of users are now very unhappy. The change was prefaced a few days ago on the Spotify blog and the new policy started to roll out on 19 August. As it starts to hit accounts around the world, users are sitting up and paying attention; many are not happy with what they see.

What are people so upset about? Spotify might now access your Facebook likes and posts, photos and contacts you have stored on your phone, and even the speed at which you are traveling. The company says that the changes have been made as part of a move to "be as open and transparent as possible", but it has left large number of users questioning motives, and many have been pushed to quitting the music service completely.

Continue reading

How secure are professional services companies?

security padlock

The number of high profile security breaches in recent years highlights the risk for individual organizations. But what about the risks that stem from other businesses in the supply chain?

Security ratings specialist BitSight has released new data that looks at the overall security ratings of four common business services industries -- law, PR, accounting and benefits administration -- each of which have access to sensitive data.

Continue reading

Lenovo issues BIOS updates to fix security vulnerability

Lenovo has issued a BIOS fix for some of its machines, thus preventing a vulnerability which could allow potential hackers to gain control of a desktop or a laptop computer from the manufacturer.

In a press release published on the Lenovo website, the company has urged consumers to manually update their BIOS. Newer machines will have the fix by default.

Continue reading

Ambient sound can be part of two-factor authentication

For those of you that have been living under a rock for the past few years, two-factor authentication is something that you use to re-verify your credentials to log into a particular site or service. This authentication is typically completed in the form of text message, a phone call, or a notification on your smartphone.

Although 2FA is extremely secure, it is also slightly annoying to have to open up a secondary app to authenticate yourself again. A couple of researchers from Switzerland want to make that process even easier and less annoying. So, the researchers want to get rid of the text-based bits and use ambient sound instead.

Continue reading

Executives lack confidence in enterprise security

Security

A new survey of security executives at large companies in the US reveals that many don't have confidence in their enterprise security posture. Less than a third of these executives are confident in their organization's security position, and only slightly more than a quarter feel that their communications on security to senior management are effective.

The survey commissioned by Raytheon|Websense shows that many still rely on technology aimed at preventing breaches but do little after one has occurred. Yet 9 out of 10 of the organizations represented in the survey have had at least one breach involving a loss or compromise of data in the past year.

Continue reading

Only a quarter of businesses feel confident about stopping data breaches

Only a quarter of U.K. businesses believe their organization could detect a data breach at any time, a survey by software provider Informatica has shown.

The survey further shows that 33 percent say their organization is very good to excellent at detecting and containing breaches.

Continue reading

New AudioEffect vulnerability affects every version of Android back to 2.3

Stagefright was one of the biggest and most worrying security vulnerabilities to be discovered in Android for quite some time. Affecting the mediaserver component, Stagefright allowed for the remote bricking of devices with nothing more than a message. Now a new, yet-to-be-named vulnerability has been discovered in the same component, specifically the AudioEffect element.

Known as CVE-2015-3842, the vulnerability allows a hacker to run their own code on a phone using whatever permission they want. Security researchers at TrendMicro discovered the vulnerability and explain that it can be implemented by simply tricking users into installing a specially-designed app that has no permission requirements and is therefore unlikely to raise suspicions.

Continue reading

Uber wants to keep your data safe, so it's quadrupling its security staff

Uber intends to quadruple its security staff by the end of 2015, from 25 to 100 full-time staff members. This investment comes a few months after hiring ex-Facebook chief security officer Joe Sullivan to work as security chief for the mobile cab firm.

The security staff will make back-end data even more secure, while also protecting customers and drivers on the road. Uber is also working on security for staff in volatile countries like China, India and France.

Continue reading

The most dangerous places to use your mobile on vacation

Times Square tourists

We all know that using public wireless hotspots can be risky, but is seems that some places are more of a threat than others.

Mobile threat defense company Skycure has put together a study into the most dangerous tourist destinations to use your mobile device, the type of threats you might encounter, and offers some tips on how to avoid falling victim to an attack.

Continue reading

Wombat Security helps employees report phishing attacks

Phishing

Phishing is a popular route for cyber criminals to gain a foothold in organizations as the weakest link in security is usually the person sitting at the keyboard.

To help combat this Wombat Security is adding a new PhishAlarm to its security awareness and training platform. PhishAlarm is a plug-in for Microsoft Outlook that enables end users to report suspected phishing emails to security and incident response teams with a single mouse click.

Continue reading

Apple has two more vulnerabilities to fix in OS X 10.10 Yosemite

Two zero-day vulnerabilities in Apple’s OS X, that have been discovered  by an Italian teenager, could potentially be used to gain remote access to a computer.

Luca Todesco, 18, found that there are two bugs in the OS that can be used to corrupt the memory in the OS X’s kernel. Once the memory is corrupt, the attacker can then circumvent the kernel address space layout randomization (kASLR), which is a defensive technique of the OS to protect itself from giving the attacker the root shell. But once the attacker circumvents through the kASLR, they can gain a root shell.

Continue reading

FixMeStick: Eliminating malware with a USB drive [Review]

We all know that virus infections are a pain, not only do they disrupt your work they can also be hard to remove as they often prevent you from downloading or running cleanup tools or even from accessing Windows.

If you don’t have access to a friendly geek with the right tools you can be faced with hours of work or even having to wipe out and reload your machine.

Continue reading

New Snowden documents show AT&T helped the NSA spy on internet traffic

The NSA has been helped by AT&T for decades in spying on huge quantities of internet traffic new-disclosed documents reveal. The astonishing relationship between the National Security Agency and the telecoms company goes far beyond any sort of arrangement or co-operation that came from other firms.

Evidence published by the New York Times shows that the NSA had arrangements in place with AT&T and Verizon, but the partnership with AT&T proved particularly lucrative. The communications giant added surveillance equipment to at least 17 of its web centers and was used as a testing ground for new spying technologies and techniques. All this is revealed in a new batch of documents provided by Edward Snowden.

Continue reading

Firefox stealthily loads webpages when you hover over links -- here's how to stop it

Pre-fetching or caching of web pages is a technique used by many web browsers to improve perceived performance -- it's nothing new. But Firefox takes a slightly sinister and stealthy approach. Simply hover your mouse over a link and the browser fires off requests to the associated website in the background.

While this sounds potentially helpful, it is also something of a privacy and security concern -- not to mention a waste of bandwidth. You might hover over a link simply to check out the destination in the status bar; if there is a link to a malicious or unsavory website, you probably don’t want these stealthy connections being made in the background. If you're worried about your security or privacy, or just want to be back in control of your web connection, there are steps you can take.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.