Articles about Security

Facebook ups the ante with new Security Checkup tool

Facebook ups the ante with new Security Checkup tool

Security and Facebook are not words that generally sit well together. This is something that the social network is only too aware of, and in recent years has taken various steps to try to improve the security and privacy of individuals' accounts. The latest tool in its arsenal is the new Security Checkup.

At the moment the tool is not being made available to everyone, but those who have been chosen to test drive it will be able to use simple on-screen prompts to change their password, turn on login alerts, and clean up login sessions, all from one handy location.

Continue reading

Security software market grows more than 5 percent in 2014

Lock and money

Security is always in the news so it hardly comes as a surprise that the market for security products is growing. According to research specialist Gartner the worldwide security software market was up 5.3 percent in 2014.

In terms of value the market is worth $21.4 billion, however, the make up of that market is shifting. Low growth in endpoint protection platforms and a decline in consumer security software -- possibly because of improved built-in security in the latest versions of Windows -- are balanced by high-growth areas, such as security information and event management (SIEM), secure Web gateway (SWG), identity governance and administration (IGA) and enterprise content-aware data loss prevention (DLP).

Continue reading

Forensic investigations: Retrieving data from the cloud

cloud encryption

Cloud data represents a virtual goldmine of potential evidence for forensic investigators. Together with mobile device data, cloud data sources often present critical connections investigators need to solve crimes.

However, there are a number of challenges that investigators face when it comes to data retrieval from the cloud.

Continue reading

Mac OS X tops vulnerabilities chart for April

Security breach lock

Security company Secunia has released its latest quarterly Vulnerability Update covering the period from February to April 2015.

It looks at the top 20 products with the most vulnerabilities each month and finds that there have been a total of 1,691 new vulnerabilities appearing in the top 20 over the three month period.

Continue reading

Piper.nv: An impressive night vision home security system [Review]

Home security is getting ever smarter, and Piper.nv (the more expensive night vision version of Piper) is an excellent example of this. It’s a smart camera that you access and control via your smartphone (iOS or Android). It displays 180-degree 1080p HD live video, and automatically switches to night vision when the room gets dark.

There’s much more to Piper than just a camera though. It comes packed with features to ensure your home stays safe when you’re asleep or away, and it’s very easy to set up and use.

Continue reading

Antivirus products for Linux compared

Penguin with shield

Though Linux is often seen as being immune to malware it's still important to have protection, partly because Linux malware does exist, even if it’s rare, and partly to prevent the passing on of viruses to more vulnerable operating systems like Windows and Android.

Independent testing organization AV-Comparatives has been looking at the leading Linux anti-malware offerings to gauge their ease of installation, features and more.

Continue reading

Google Play hosts over 30 malicious Minecraft apps

Malware is still a worry on the Google Play store, even though the rate of malware is dropping to its lowest levels since the inception of the store in 2008.

One of the easiest ways to push malicious apps is by masquerading them under popular names, in this case Minecraft. Guides, tutorials, tricks and other apps would offer help, but quickly turn into a user’s worst nightmare with malware and adware spam.

Continue reading

ProtectWise streamlines data breach analysis

It often takes time for data breaches to be uncovered and that can present problems when it comes to analysing them and tracing their cause.

Denver-based startup ProtectWise has an answer in the form of its new technology that can record all network activity and store it in the cloud for analysis and playback at a later date.

Continue reading

DDoS for hire services: What you need to know

DDoS attack start

Think back to when you were a kid. No matter how well-adjusted and even-tempered you were (or weren’t) there was at least one other kid you just could not stand. You hated his face, his hair, his teeth, the way he talked, the way he looked at you, and the way he just existed. Remember the way he’d eat his sandwiches? He ate his sandwiches like a jerk.

Chances are, though, that no matter how much you couldn’t stand him, you didn’t go marching over to throw a dozen eggs at his house. The chances of getting caught were too high. You’d get in trouble. Everyone would know you did it and your parents would be mortified. But what if there had been a machine you could have secretly put a dollar in from several blocks away, and it would have rolled up in front of that kid’s house and started firing eggs? All that mess and damage, with none of your fingerprints on the eggshells. It would have been a strong consideration, right?

Continue reading

US Govt proposes to classify cybersecurity or hacking tools as weapons of war

vulnerability

Until now only when someone possessed a chemical, biological or nuclear weapon, it was considered to be a weapon of mass destruction in the eyes of the law. But we could have an interesting -- and equally controversial -- addition to this list soon. The Bureau of Industry and Security (BIS), an agency of the United States Department of Commerce that deals with issues involving national security and high technology has proposed tighter export rules for computer security tools -- first brought up in the Wassenaar Arrangement (WA) at the Plenary meeting in December 2013. This proposal could potentially revise an international agreement aimed at controlling weapons technology as well as hinder the work of security researchers.

At the meeting, a group of 41 like-minded states discussed ways to bring cybersecurity tools under the umbrella of law, just as any other global arms trade. This includes guidelines on export rules for licensing technology and software as it crosses an international border. Currently, these tools are controlled based on their cryptographic functionality. While BIS is yet to clarify things, the new proposed rule could disallow encryption license exceptions.

Continue reading

Android's factory reset leaves private information behind on 630 million devices

Insecure Android smartphone

Sensitive data, such as user credentials, can be easily recovered from an Android handset after performing a factory reset, according to a University of Cambridge report. The feature, which is claimed to "erase all data" from the device and is especially recommended come resale time, will not work as advertised on up to 630 million Android handsets.

A factory reset will not properly wipe the data partition, where "credentials and other sensitive data are stored", on up to 500 million handsets, while on a further 130 million devices it will not properly clean the user-accessible storage. Even worse, relying on encryption to secure sensitive data does not help.

Continue reading

Top lessons from data breach investigations

Security breach lock

Data breaches are an all too common part of our landscape today, but are we learning the lessons from them to make our systems more secure?

The 2015 Verizon Data Breach Investigations Report found that there were nearly 80,000 security incidents -- including more than 2,100 confirmed breaches spanning 61 countries in the past year. Security solutions company Rapid7 has produced an infographic of expert takeaways from the report.

Continue reading

Hackers leak the sexual preferences of millions of online daters to the dark web

The details of millions of users of Adult FriendFinder -- the dating site with the tagline "hookup, find sex or meet someone hot now" -- have been leaked by hackers. Channel 4 reports that details of nearly 4 million users were exposed on the dark web after a security breach.

As well as information such as names, email addresses, and dates of birth, hackers also gained access to personal information such as users' sexual preferences and details of their willingness to conduct extramarital affairs. The compromised data includes accounts that had been deleted by their owners, and the hackers are now threatening to hit out at victims.

Continue reading

Google finds security questions are crap because your answers are fake

Google finds security questions are crap because your answers are fake

Apple and other handset manufacturers might be trying to push users to securing their data with biometrics, but the vast majority of services still rely on the good old password. Lots of sites use the idea of memorable data either as a means of locking down accounts, or as a way to gain access to a forgotten password -- the likes of your mother's maiden name, town of birth, favorite color of underwear, and so on.

Research by Google shows that the security question system is failing, and it should come as no surprise that the blame is laid firmly at the door of the likes of you and I. We already know that people are rubbish at picking passwords, but there is also a problem with the answers they provide to security questions. Answers are either too easy for others to guess, or they are made up -- and people are forgetful buggers prone to failing to remember the answers they dreamt up.

Continue reading

Are our industrial and infrastructure systems safe from cyber threats? [Q&A]

Cooling towers

Industrial control systems like those used to run the electricity distribution grid are vital to the economic well being of any country. But protecting those systems needs a different approach from normal enterprise security.

In the US the North American Electric Reliability Corporation (NERC) is the body charged with ensuring grid reliability. But the NERC's critical infrastructure protection (CIP) standards call for only standard firewall use. Is this putting the grid at risk from hackers or terrorists? We spoke to Andrew Ginter, vice president of industrial security at Waterfall Security Solutions to find out more.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.