Articles about Security

Microsoft's 'feeble' enterprise security and virus protection is the worst

Tests carried out by independent security labs AV-Test show that Microsoft is at the bottom of the league when it comes to enterprise security and virus protection. The tests pitted 11 security solutions against each other, and Microsoft's Endpoint Protection 2012 from the Microsoft Management Suite System Center 2012 was found to offer the weakest protection.

In both enterprise network security tests and virus detection tests, Microsoft trailed behind the competition in eleventh place. What's particularly concerning is that as the tool tested is bundled software, it's likely that it is precisely what many businesses are relying on for protection.

Continue reading

Chrome blocks access to torrent sites

Chrome users who download torrents may be thinking about switching to a different browser. Google's web browser is now blocking access to a number of big name torrent sites. This is not a case of Google taking the moral high ground about the rights and wrongs of torrenting, but part of the search giant's security program to protect users from "harmful programs".

Starting yesterday, downloaders found that access was blocked to ExtraTorrent and KickassTorrents, although the block was later lifted. The block remains in place for other torrent sites including kat.cr. Upon attempting to visit an affected site, would-be torrenters are greeted by a red, full-screen security warning that advises of the potential danger of the site in question.

Continue reading

Hacking collectives target major firms for profit

Security researchers at Symantec have discovered that a number of well-known hacking collectives are actually highly trained independent groups targeting large corporations for financial gain.

The likes of Apple, Facebook and Twitter have all faced cyberattacks in the past and it is now thought that this is only viable if the information that is acquired is then sold or traded through some "financial market".

Continue reading

NSA releases network security tool -- will IT admins use it?

The NSA has released a network security tool that it claims is designed to help organizations "fortify their networks against cyber attacks". But, after being revealed to be spying on just about anyone it wants to, from US citizens to leaders of allied governments, while undermining major tech firms in the process, IT administrators will likely be very skeptical of adopting it.

Seemingly to put security concerns to rest, the security tool is made available through GitHub, making it easy for security researchers to analyze the code and find weaknesses -- of any kind -- that could put networks at risk.

Continue reading

Being proactive about security is the best defense against cyber attacks

Edinburgh council was the target of a cyberattack this week, and the details of more than 13,000 email addresses were stolen. The council was quick to issue a warning to all those who have an account with the authority, saying they might experience an increase in spam and phishing.

It said: "We are taking this incident very seriously. We have made sure that our service providers have reinforced the security of our website and we will continue to monitor security regularly".

Continue reading

How to protect yourself against ransomware

ransom note

Regardless of whether you’ve been hit with ransomware or not, protecting your network from these types of attacks is now an integral part of any network security framework for both individuals and companies. Protecting yourself from intrusions and attacks requires securing your main layers of defense by utilizing Security Awareness Training and antivirus/anti-phishing software.

If you consider a computer network (even a simple one, like your home computer) to consist of a series of layers that any malware or virus needs to penetrate, the outermost layer would consist of your users themselves. After all, it takes a user’s interaction in order to initiate or allow a network intrusion. Only AFTER a user has clicked or visited a malicious link, will your secondary and tertiary layers (firewalls and antivirus) come into play. Thus, the very first layer you will need to harden is that of the human operator. It is only in recent years that the importance of this layer of security has come to be recognized. In the past, software has been relied upon as a catch-all for these types of situations. Software just by itself is not enough anymore, users must be trained to prevent such attacks from happening in the first place.

Continue reading

The man who cared about your online privacy has died

Caspar Bowden, the privacy advocate who was warning about the activities of the NSA before Edward Snowden, has died. The co-founder of the Foundation for Information Policy Research lost his battle with cancer, and tributes have been paid by the world of technology.

Bowden, the former head of privacy at Microsoft, had long-warned about potential backdoors in software and services. He campaigned passionately for the privacy of the individual and voiced grave concerns about the NSA and the FISA Amendment Act. He sat on the board of Tor and was one of the most knowledgeable and well-loved figures on the privacy scene.

Continue reading

Google launches Gmail Postmaster Tools to eliminate spam

Spam is a problem that is not going away for anyone who receives email -- and who doesn't? Over the years Google has taken steps to try to reduce the amount of junk that reaches Gmail inboxes and today the company is taking things a step further with Gmail Postmaster Tools and enhanced filter training for Gmail.

Part of the problem with spam -- aside from the sheer volume of it -- is that the detection of it is something of an art rather than a science. It is all too easy for legitimate email to get consigned to the junk folder, and this is what Gmail Postmaster Tools aims to help with. Rather than helping recipients banish spam, it helps senders ensure that their messages are delivered to inboxes rather than filtered out.

Continue reading

New OpenSSL vulnerability could be the next Heartbleed

Security breach lock

The OpenSSL Project team has issued a warning about a new "high severity" flaw. More details about it will be released on Thursday.

"The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.0.2d and 1.0.1p. These releases will be made available on 9th July. They will fix a single security defect classified as 'high' severity. This defect does not affect the 1.0.0 or 0.9.8 releases". This alert and update information was released on Monday.

Continue reading

Major threat: Hacking Team warns its spying tools are now in the hands of terrorists

Following a massive security breach over the weekend, Hacking Team has issued a warning that its surveillance and remote access software could now be used by anyone -- including terrorists. The Italian security and surveillance firm fell victim to an attack that relieved it of 400GB of company data, including source code for its software.

Whoever was responsible for the security breach made this data available via torrent, meaning that anyone was able to get hold of it. Hacking Team's software is favoured by governments around the world for mounting NSA-style surveillance and monitoring programs and the company has now issued a stark warning: "Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so".

Continue reading

Wi-Fi Sense in Windows 10 could result in privacy and security problems

Hacker detection

Windows 10 is about to arrive and with it comes a host of new features, like Cortana. There's also Wi-Fi Sense which is designed to allow a Windows Phone to connect automatically to any open network it knows about, and even accept the terms of use automatically. It's a nod towards convenience, and that's something Microsoft needs in its Windows 8x replacement.

Security firm AVG, makers of very good anti-virus software, both free and paid, see the inherent problems with this, and there are several.

Continue reading

Securing networks is harder than it was two years ago

Enterprises face evolving security challenges and solutions due to the introduction of cloud infrastructures. Growing cloud adoption has been identified as one of the key reasons why a majority of IT and security professionals find securing their networks more difficult today than two years ago.

Network security company Tufin has produced an infographic, based on a recent research report with ESG, looking at why 56 percent of professionals believe network security is getting harder.

Continue reading

Adobe recognizes major Flash vulnerability, will patch it today

Flash, a product that has only been in the press for bad reasons lately, is back in the news. For a similar reason, of course. Adobe has issued a security bulletin to notify its users about a vulnerability -- referred to as "the most beautiful Flash bug for the last four years" by hackers -- in all versions of its Flash product for Windows, Mac, and Linux.

The vulnerability, first spotted by security firm Trend Micro, is the aftermath of a mega security breach at Hacking Team. The infamous group that offered hacking services to spy agencies was hacked earlier this week, and most of its internal documents -- consisting of 400GB of emails, source code, client lists, invoices etc -- were made available to the public.

Continue reading

No shit! Experts say backdoors and encryption limits are security risks

Adding backdoors so governments can access data is a "major security risk". This is the (perhaps slightly obvious) conclusion of security experts and cryptographers writing in a report entitled Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications.

The report from the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Lab criticizes plans to allow law enforcement agencies unfettered access to encrypted data through the use of either front doors or backdoors. More importantly it poses the question: "if we want to maintain the security of user information, is this sort of access even technically possible?"

Continue reading

Malware-as-a-service is cyber criminals' new lucrative business

cyber criminal

Organized criminal gangs (OCGs) are increasingly using software services of the type more usually associated with legitimate corporations to grow their operations. By offering malware-as-a-service, OCGs are employing business models similar to those developed by legitimate companies in order to extend their global reach.

The companies providing the software used by OCGs to break into organizations’ IT systems, commonly called malware, now employ business models frequently comprising a revenue stream, a budget, market researchers, a global pool of developers, software quality assurance and testing, help desk support, and even money-back guarantees. This process is now being referred to as the industrialization of cyber crime.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.