Articles about Security

Red Canary seeks to bring simpler endpoint security to businesses

endpoint shield

The endpoint is the most vulnerable link in enterprise security, constantly under attack and prone to human error. Yet the security products designed to protect it are subject to high levels of false positives.

The result is that providing effective protection can be complex and stretch the resources and budget of even quite large organizations.

Continue reading

WildPackets becomes Savvius and switches focus to security

security alert

Internet performance specialist WildPackets is changing its name to Savvius and at the same time is also launching its first security appliance.

"This name change comes at a defining moment in our history," says Tim McCreery, CEO of Savvius. "We are deepening our commitment to network performance management solutions and expanding our focus to include support for security forensics. Our team is united in providing great solutions and world-class support to our customers and partners".

Continue reading

IBM opens up threat intelligence data to help combat cyber attacks

IBM logo

With cyber attacks often being driven by organized crime rings and the tools and expertise behind them widely shared, threat intelligence is more important than ever to fend them off.

Announcing today that it's opening up more than two decades' worth of cyber threat intelligence IBM is seeking to unite, mobilize and rally the private sector to defend itself against increasingly sophisticated and organized cyber threats.

Continue reading

Where the money is… or was

Yesterday was Tax Day in the United States, when we file our federal income tax returns. This has been an odd tax season in America for reasons that aren’t at all clear, but I am developing a theory that cybersecurity failures may shortly bring certain aspects of the U.S. economy to its knees.

I have been writing about data security and hacking and malware and identity theft since the late 1990s. It is a raft of problems that taken together amount to tens of billions of dollars each year in lost funds, defensive IT spending, and law enforcement expenditures. Now with a 2014 U.S. Gross Domestic Product of $17.42 trillion, a few tens of billions are an annoyance at most. Say the total hit is $50 billion per year, well that’s just under three tenths of one percent. If the hit is $100 billion that’s still under one percent. These kinds of numbers are why we tolerate such crimes.

Continue reading

2014: The year data breaches came of age

On screen lock

There were 783 reported data breaches in 2014, up 27.5 percent over the previous year and the most in any year of the past decade. The average cost of each of those breaches was $3.5 million, up 15 percent over 2013.

These are among the statistics highlighted in a new infographic from user behavior intelligence specialist Exabeam. Ten breaches each led to more than a million records being reported stolen, the biggest being Home Depot with 56 million records.

Continue reading

New malware family attacks retail systems

Only two weeks ago we reported on the underlying vulnerabilities that put point-of-sale systems at risk. Now acting as part of an investigation by the US Secret Service, researchers at security services company Trustwave have identified a new family of PoS malware.

Cyber criminals are already using the malware -- which researchers have named "Punkey" in an obscure '80s sitcom reference -- to infect businesses. Payment card information and more than 75 active victim IPs were found as part of the investigation.

Continue reading

Attackers switch tactics to gain access to corporate networks

In the current information security climate it seems that falling victim to some form of cyber attack is just a matter of time. If you haven't been hit yet chances are you will be soon.

The latest Internet Security Threat Report from Symantec shows that five out of six large companies were targeted in 2014, a 40 percent increase over the previous year, and that attackers are shifting their tactics when targeting corporations.

Continue reading

Kaspersky releases CoinVault Decryptor

Kaspersky Labs has released CoinVault Decryptor, is a free tool which may help victims of the CoinVault ransomware to decrypt their files.

The program works by using a set of decryption keys recovered by the Danish police. Unfortunately it isn’t a full set, and so the Decryptor won’t work for everyone.

Continue reading

It's your own fault phishing scams are successful

There is no need for cybercriminals to launch sophisticated attacks, or exploit vulnerabilities, to gain access to valuable information; a simple phishing email is all that's needed to convince a worrying number of people to hand over their login credentials. This is just one of the findings of a new security report due to be published by Verizon.

The telco reports that more than two thirds of security breaches involving phishing tactics. The number of people who fall for this type of scam means that phishing remains successful and popular as a means of extracting data from people. In this age of technological enlightenment, it might come as a surprise that more than one in 10 people who receive a phishing email open attachments or click the links they contain.

Continue reading

Windows remains vulnerable to serious 18-year-old SMB security flaw

Password threat

A serious security hole leaves millions of Windows users open to attack, making it possible to extract encrypted credentials from a target machine. Researchers at Cylance say the problem affects "any Windows PC, tablet or server" (including Windows 10) and is a slight progression of the Redirect to SMB attack discovered by Aaron Spangler way back in 1997.

Redirect to SMB is essentially a man-in-the-middle attack which involves taking control of a network connection. As the name suggests, victims are then redirected to a malicious SMB server which can extract usernames, domains and passwords. Cylance also reports that software from companies such as Adobe, Oracle and Symantec -- including security and antivirus tools -- are affected.

Continue reading

Symantec is wrong -- antivirus software isn't dead

security alert

Each time someone reports that antivirus is dead, a hacker gets his wings (and I get furious). With our industries becoming increasingly data-driven, the need to protect our networks, devices, and archives has become more important than ever.

In a world of weaponized emails and polymorphic, self-replicating malware, entertaining the idea that endpoint antivirus protection is dead is both ignorant and dangerous.

Continue reading

SysCloud launches security and backup solution for Google Apps

Placing your data in the cloud doesn't mean that you remove the need to properly protect it. For Google Apps users, New York-based SysCloud is launching a comprehensive security and backup solution in the form of SysCloud 360.

In addition to offering Google Apps security and protection in a single interface, the system features real-time backup and compliance capabilities.

Continue reading

Botnets and how they're linked to corporate data breaches

Data breaches that result in the loss of large volumes of information continue to make the headlines. One of the ways companies can guard against attack is by understanding what makes them vulnerable.

Security ratings firm BitSight has performed an analysis of the risk factors that make up its BitSight Security Ratings against publicly disclosed data breaches. What emerges from its study is the important role which botnets play in attacks.

Continue reading

LG 'Split Screen' software disables UAC

Back in January we wrote about the malware "Easy Disk Drive Repair", and how we first realized that something was wrong when it blatantly turned off UAC on launch.

It seems it isn’t only malware which weakens system security in this way, unfortunately. Blogger Christopher Bachner has reported that LG’s "Split Screen" software (a split screen display manager) appears to do the very same thing.

Continue reading

Dell diagnostic software getting flagged as malware due to security problems

Computers come with a lot of pre-installed software these days -- it's a trade-off for low pricing that forces OEMs to make deals with companies like McAfee, Norton and others. However, some of what comes with that new desktop or laptop is actually there to help you. Dell pre-installs diagnostic software to aid in a problematic situation.

Apparently Malwarebytes doesn't see it that way. The security software is recognizing this as a problem for your system -- and it is, or was. The problem is that older versions had a vulnerability that could allow malicious code execution. Dell has since updated its software to close the hole, which was recently discovered by a security researcher.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.