Articles about Security

AVG introduces Crumble for Chrome, claims you can surf without surveillance

In today's world privacy has become a premium and companies and governments are the ones in the hotseat thanks to Edward Snowden, WikiLeaks and others. People are searching out ways to avoid being tracked, a difficult task in this current society. AVG is the latest to offer a solution.

The security firm is announcing Crumble, a new extension for Chrome that promises you can "surf without surveillance". The app comes from the Innovation Labs and is still in beta at the moment, but users can start testing it out now.

Continue reading

The Apple Watch becomes an enterprise security tool

Everyone, it seems, is jumping on the Apple watch bandwagon today with new apps, but one of the more interesting developments comes from enterprise security specialist MicroStrategy.

It's launched a version of its Usher platform allowing the Apple Watch to be used as a secure digital key, enabling wearers to log into business systems, unlock devices, validate personal identity, and open physical doors with a simple gesture or tap.

Continue reading

Samsung Galaxy S5 could be leaking your fingerprints

I’m usually not the paranoid one in a relationship, but the fingerprint scanner on smartphones always used to freak me out.

And now, a pair of researchers from security firm FireEye breathes new life into my paranoia, as they claim hackers can steal your fingerprint data before it gets encrypted in the device. One of the potentially dangerous devices, ‘leaking’ fingerprints is the Samsung Galaxy S5.

Continue reading

Conficker remains top of the threats as existing malware for Windows dominates

Threat

Though we're constantly being warned about the threat offered by new malware it seems that, for Windows systems at least, the old favorites continue to catch us out.

The latest threat report from security company F-Secure shows that Conficker continues to be the number one Windows threat, kept alive by the number of unpatched legacy systems still around.

Continue reading

Groupon refuses to pay security expert who found serious XSS site bugs

Groupon refuses to pay security expert who found serious XSS site bugs

Bounty programs benefit everyone. Companies like Microsoft get help from security experts, customers gain improved security, and those who discover and report vulnerabilities reap the rewards financially. Or at least that's how things are supposed to work.

Having reported a series of security problems to discount and deal site Groupon, security researcher Brute Logic from XSSposed.org was expecting a pay-out -- but the site refuses to stump up the cash. In all, Brute Logic reported more than 30 security issues with Groupon's site, but the company cites its Responsible Disclosure policy as the reason for not handing over the cash.

Continue reading

Bag yourself $15,000 as an Azure or Project Spartan bounty hunter

Bag yourself $15,000 as an Azure or Project Spartan bounty hunter

It's not unknown for technology companies to run bounty programs that reward bug hunters for unearthing problems with software. Discover a security vulnerability and you could be in line for a nice cash bonus. Microsoft is one firm that runs such a program, and today the Microsoft Bounty Program is being expanded -- with a particular focus on Azure and Project Spartan.

Microsoft has already been asking for feedback about Windows 10 Technical Preview, but this is the first time a financial reward has been offered for pointing out security issues with any of its components. The maximum pay-out has been increased to $15,000 USD, so there's more incentive than ever to seek out problems and report them to Microsoft.

Continue reading

You're more likely to be struck by lightning than hit by mobile malware

We constantly see stories about the latest threat from malware, particularly relating to mobile devices. But is it really as bad as it's made out to be?

No, says threat detection and containment specialist Damballa which is unveiling new research based on its big data analysis of almost half of US mobile traffic.

Continue reading

Cybercrime gets smarter and more complex

Hacker detection

There are 85,000 new malicious IPs launched every day and the top phishing targets are technology companies and financial institutions.

These are among the findings of a new report from threat intelligence and security company Webroot. The Webroot 2015 Threat Brief provides the latest cyber threat trends collected from tens of millions of users and over 30 security technology partners.

Continue reading

iOS 8 vulnerability can send iPhones, iPads into reboot loop

At the 2015 RSA Conference, security researchers from Skycure showcased a new iOS 8 vulnerability which, if properly exploited, can send iPhones and iPads connected to a malicious hotspot into a reboot loop. The vulnerability affects both the operating system as well as apps which use SSL to communicate.

All that an attacker has to do to exploit the vulnerability is to set up a router in a "specific configuration", and allow anyone to connect (basically make it an open hotspot). The iOS 8 devices that connect will be affected, without the attacker having to have access to them.

Continue reading

IBM brings threat analytics to the cloud

Last week we reported on IBM's decision to open up its threat intelligence data in X-Force Exchange to help fend off cyber attacks.

Today the company is making its threat intelligence system QRadar available as a cloud service, giving companies the ability to quickly prioritize real threats and free up critical resources to fight cyber attacks.

Continue reading

New solution improves protection for business email and documents

Recent security breaches like that at Sony Pictures highlight the difficulty of protecting unstructured information that's held in things like emails and documents.

Security company TITUS is offering a solution with a new version of its TITUS Classification Suite that uses a blend of content and context to automatically classify and protect information as it's handled by users.

Continue reading

New cloud agent brings enterprises greater security and asset control

Increased use of the cloud and hybrid systems is bringing new challenges for businesses needing to ensure their systems are secure and compliant.

A new Cloud Agent Platform (CAP) from cloud security specialist Qualys provides organizations with a flexible solution to assess the security and compliance of their IT assets in real time, whether they're on-site, cloud-based or mobile endpoints.

Continue reading

D-Link says sorry for shoddy security and sloppy patching of its routers

D-Link says sorry for shoddy security and sloppy patching of its routers

D-Link has issued an apology to its customers for an on-going security issue with many of its routers. A problem with the Home Network Administration Protocol (HNAP) means that it is possible to bypass authorization and run commands with escalated privileges.

The list of routers affected by the issue is fairly lengthy, and D-Link has already issued one patch. But rather than fixing the problem, last week's update left routers wide open to exactly the same problem. As it stands at the moment, a firmware patch is still being produced for a total of 17 routers. In the meantime, all D-Link has to offer is an apology.

Continue reading

New firewall provides stronger protection for hybrid cloud systems

firewall

As more apps move to the cloud business infrastructures are increasingly fragmented. This can make traditional on-site security tools ineffective in fighting off cyber attacks.

The threat of attacks remains, however, and a new release from security software company Radware is aimed at protecting both on-premise and cloud-based applications, using just one solution.

Continue reading

US electronic voting machines incredibly easy to hack

Electronic voting machines used for US elections between 2002 and 2014 would have been extremely easy to hack, according to reports.

The AVS WinVote machines were used during three presidential campaigns in the state of Virginia and would receive an "F-minus" for security, with many using "abcde" or "admin" as passwords.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.