Articles about Security

Is cyber insurance your last line of defense?

The recent spate of payment card breaches that have plagued the retail industry this year has prompted many merchants to consider investing in cybersecurity liability insurance policies to offset the costs associated with a breach recovery. These companies often make this choice based on the belief that the money they’ve spent to comply with industry security standards has failed to prevent these breaches from occurring, and there seems to be no other alternative. At least one recently filed claim has led to a lawsuit that will put these cybersecurity insurance policies to the test.

The key element of such lawsuits is determining liability -- who is at fault -- to determine whether the claims are justified and if the insurance companies will pay out. Finding a party liable for something means determining if the party was taking reasonable steps to prevent such actions from happening.

Continue reading

Mastercard and Visa working on new online payment verification system

Credit card giants Visa and Mastercard are planning to get rid of their current online security verification system, and replace it with something a bit more modern and secure.

You’re probably familiar with either Verified by Visa or MasterCard SecureCode, which pop up when you make an online purchase, just before the payment is officially put through. They ask you to input letters from an extra password to verify that it’s actually the card owner making the purchase -- but in contemporary terms, this is a relatively unsophisticated security measure.

Continue reading

State Department email system shut down after hacker attack

State Department email system shut down after hacker attack

Reports from Associated Press reveal that the State Department has closed down its email system following a security attack. The news comes after the details of a hack attack on the White House in October were made public. It seems that the State Department's unclassified email system was attacked at the same time, and technicians are currently working to repair the damage.

It was suggested that last month's White House hack was linked to Russia, but it is not yet clear whether the attack on the email system is part of the same security breach. The email closure is described as "unprecedented", but officials insist that classified data systems have not been affected.

Continue reading

WatchDox finds and protects sensitive documents anywhere

With more and more data stored in the cloud or accessed from corporate systems on mobile devices, security and regulation becomes a major concern.

Enterprise file sharing specialist WatchDox has announced a new solution to both detect and protect sensitive files everywhere, on every device.

Continue reading

Facebook proposes privacy policy changes in simplified, prettified paperwork

Facebook proposes privacy policy changes in simplified, prettified paperwork

Facebook gets something of a bad rap when it comes to its privacy policy. Delve into the social network's terms and you're almost certain to find something you disagree with. This is the same with many companies, particularly those with an online presence, but users seem to be continually surprised to discover how their data and activities are being used and tracked. Part of the problem is that -- just like with software EULAs -- very few users bother to read through policies in full.

Mark Zuckerberg's social network is looking to change that. Facebook is introducing Privacy Basics which provides easy-to-follow guides to controlling how your online content is shared with others. But there are also a number of changes proposed to its privacy policy. Facebook is looking for feedback, and assures users that "you’re in charge." But you'll need to be quick -- there's only a week to give your opinion.

Continue reading

Beware the rise of the digital doppleganger

Identity theft

Data breaches in large organizations have made the headlines in recent years and that’s led to a huge increase in the amount of personally identifiable information being traded online.

According to UK credit report company CreditExpert there's been a 300 percent jump in the amount of personal information being traded online since 2012.

Continue reading

It's your data: how to protect it now

It seems as if every week there’s another breaking story about an exploited network vulnerability that resulted in a security breach. The penetrations vary: Some are wide-scale orchestrated attacks, a la the Home Depot hack. Some hack events are less sensational, accompanied merely by the announcement that vast amounts of personal information were exposed -- or compromised -- because trusted technology providers offered lax security measures.

In some cases, we learn that passwords to accounts (that often hold vital personal information) have been leaking for some time before the security flaw was discovered and patched.

Continue reading

Gain your customers' trust with ethical data use

security threats

Nick Bromley, a privacy consultant for the Greater London Authority, spoke at the NextGen 2014 conference about the importance of being an ethical company when it comes to gathering data on your customers, and how to retain their trust when it comes to data.

Here is what he had to say on the subject.

Continue reading

The true cost of DDoS attacks on business

DDoS attack start

DDoS attacks can be extremely disruptive to business but it can be hard to quantify that disruption in financial and business terms.

A new report by security company Incapsula collates responses from 270 North American organizations of varying sizes to gauge the true impact of attacks. The findings indicate that DDoS attacks are relatively common with 45 percent of the respondents indicating their organization has been hit at some point. Of these, almost all (91 percent) reported an attack during the last 12 months, and 70 percent were targeted two or more times.

Continue reading

Cloud application security suite protects against DDoS and other attacks

cloud security

Moving business applications to the cloud doesn't remove the need for securing them, in fact it potentially makes them more vulnerable.

Cloud application delivery service Instart Logic has announced a new Security Suite offering customers multi-layered protection against DDoS attacks and other cybersecurity threats.

Continue reading

Companies add more physical security to combat BYOD risks

photo by Slavoljub Pantelic, Shutterstock

According to a new survey carried out for security device specialist Kensington, 73 percent of executives recognize that BYOD presents greater risks for the organization.

However, 59 percent still approve the use of personal devices for business use and to address concerns 55 percent are planning to invest more in physical security.

Continue reading

Security breach reveals personal details of USPS employees and customers

Security breach reveals personal details of USPS employees and customers

The latest high-profile security breach has exposed the personal details of hundreds of thousand of USPS workers, as well as customers. The attack, which is suspected to originate from China, took place in the middle of September, but details are only just emerging. An investigation by the FBI started straight away and is still on-going.

USPS says that employee information such as "names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information" was compromised. The security breach also affects customers as call center data was obtained by the attackers, including "names, addresses, telephone numbers, email addresses".

Continue reading

US government's top security contractor took months to notice it had been hacked

The US government's leading security clearance contractor has been the victim of a cyber-attack that took months to even be noticed, according to recent reports. USIS, which specializes in "providing information and security services to government agencies and commercial enterprises", has come under fire for failing to spot the potentially harmful infiltration into its computer systems.

The breach, which was first revealed by the company and government agencies in August, is said to have compromised the personal records of at least 25,000 employees at the Homeland Security Department, and is reported to have cost the company hundreds of millions of dollars in lost government contracts.

Continue reading

Darkhotel steals data from traveling executives

Darkhotel sounds like it ought to be one of those budget hotel chains you find on the outskirts of towns -- possibly one built without windows to keep costs down.

In fact researchers at Kaspersky Lab have revealed that it's an espionage campaign, which has been operating for almost a decade, that steals sensitive data from corporate executives traveling abroad.

Continue reading

Fileless malware runs entirely from memory to make detection harder

Hacking

Traditional malware infections usually require a file object to be placed on the system which makes it relatively easy for them to be detected and removed.

Now though there’s a stealthier threat uncovered by security company Malwarebytes. Poweliks is an infection that runs without a filesystem object, completely from the registry and memory using rundll32.exe, javascript and a create on-the-fly dll.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.