95 percent of employers are concerned about security risks from BYOD
Allowing employees to use their own devices is an increasingly popular trend, but BYOD opens up security threats that can leave company data vulnerable. A new survey commissioned by security specialists Webroot looks at the reality of mobile security.
In particular it focuses on the difference in perception between companies and employees when it comes to securing mobile devices. Whilst there are some areas of agreement there are also signs that some employees don't take adequate steps to protect company data.
Vysk QS1 phone case brings encrypted calls to paranoid Samsung and Apple users
Phones hit the headlines for lots of reasons -- the biggest, the most expensive, the shiniest, or just the newest. We live in times in which security and privacy are major concerns for people in all walks of life. The activities of the NSA, as revealed by Edward Snowden, served only to heighten paranoia -- the prospect of having one's phone calls and text messages intercepted is something that fills few people with joy. Enter Vysk communicastions' Vysk QS1 phone case which can be used with an iPhone 5 or 5s, and a Samsung Galaxy S5 or S4. The selling point here is that it's not just your phone that's protected, but also your privacy.
The privacy features come in mechanical and software forms. On the mechanical front there are "shutters" that can be used to obscure your phone's front and rear cameras, and there's also a jamming system for microphones. This is described by Vysk as "Lockdown Mode", but you can take things a step further. For $9.95 you can subscribe to "Private Call Mode". This introduces encryption to your texts and phone calls, with an onboard processor taking care of encryption on the fly and sent via the Vysk encrypted network. As Vysk puts it: "No one -- not even Vysk -- will know the identity of the caller or the recipient. No data is collected -- no phone numbers, call times or content - so there is no data to record. Because nothing is recorded, nothing is at risk."
Verizon releases new transparency report, reveals location data requests
We're growing accustomed to companies releasing transparency reports -- all seem to want to get in on the action and make themselves look good for the public. The latest report rolls out of US mobile carrier Verizon, and reveals the usual amount of troubling data requests. The most prominent being for customer location data.
Unlike some reports, the carrier provides actual numbers, as opposed to estimates. We see that the company received 72,342 subpoenas in the first half of 2014 (a number that is actually down compared to the second half of 2013), and 14,977 warrants. As for other requests, we only get estimates there -- for instance between zero and 999 national security requests were received.
Ransomware is still a major concern for IT professionals
Ransomware has proved to be a successful business model for cybercrooks and a recent study shows that IT professionals still see it as a major and growing area of concern.
In a study by security awareness training specialist KnowBe4 88 percent of the 300 professionals surveyed said they expected ransomware to grow over the rest of this year. Attacks are also shifting from desktops to mobile devices, leading to problems for BYOD users.
Android SMS bot sets new infection record
Earlier this week we covered the debate on whether Android users need malware protection. If further fuel for the argument was needed it comes in the form of Russian security firm Dr.Web's monitoring of Android threats.
Until recently embedded advertising modules have topped Dr.Web's malicious program rankings, but statistics for recent months indicate that an Android SMS bot Trojan has been spreading at an alarming rate.
Microsoft hands back all seized domains to No-IP
Microsoft has been forced into a climb-down by returning 23 domains that were seized for allegedly being behind malware infecting Windows computers across the globe.
No-IP’s domains, which were seized on June 30 after a court order allowed Microsoft to do so, were implicated in an investigation into various domains being used by cybercriminals to operate the Bladabindi and Jenxcus malware families.
Cyberrisks present new challenges to insurers
All businesses insure against risks like fire, flood and theft. Insuring against cyberrisks though is a relatively new field and it's hard to know how much cover is adequate.
According to a new report from NSS Labs, US retailer Target had $100 million worth of cybersecurity coverage at the time of its breach last year. But with losses estimated at $88 million by May this year and a number of lawsuits still pending it looks like that cover won't be enough.
Patch Tuesday: Microsoft issues critical fixes for all versions of Internet Explorer
It’s Patch Tuesday, and Microsoft has issued six security bulletins including two which are rated "critical" and allow for Remote Code Execution (RCE), and three which are labeled "important" and allow for elevation of privilege inside Windows. The final patch is rated "moderate" and fixes a Denial of Service vulnerability in the Service Bus for Windows.
The patches affect all versions of Internet Explorer, as well as most versions of Windows. XP users are at risk from these vulnerabilities, but are not covered by the updates.
Do Android users really need malware protection?
Adrian Ludwig, lead engineer for Android security at Google, spoke to journalists prior to Google's I/O developers' conference and said that Android users who install antivirus and other security apps on their devices are no better off than those who don’t. The risk of potentially harmful applications is "significantly overstated" he believes, and there’s no need for anyone to install any form of third party protection.
"I think ... paying for a product that you will probably never actually receive protection from is not a rational reduction of risk -- but people buy things for lots of reasons", he said. Security expert Graham Cluley, who worked for Sophos for 14 years, disagrees. In a blog post he says Ludwig is "wrong, wrong, wrong". Two very opposing views. So who’s right?
Innocent victims: NSA gathered data about more ordinary web users than targets
We already knew that the dragnet style of data collection employed by the NSA resulted in a huge level of collateral damage. As revealed by whistle-blower Edward Snowden the agency had been intercepting huge amounts of web traffic -- often with the assistance of web firms -- on an almost unbelievable scale. The NSA has tried to improve its public image by playing the national security card, as well as releasing a "transparency report" but there's no getting away from the fact that countless innocent web users got caught up in the net. But an investigation by the Washington Post reveals the true extent of the impact on the average internet users -- and it's far worse than many thought.
A four-month investigation by the newspaper found that the number of average internet users who had their data intercepted far outweighs the data of targeted individuals. And not just by a bit -- by a factor of nine. Data provided to the Washington Post by Edward Snowden shows that an astonishing 900 percent more innocent users than intended targets fell victim to the NSA's surveillance. (For the purposes of accuracy the exact figures are closer to an 11 to 89 percent split). These are staggering revelations. There has already been very vocal opposition to the NSA's activities but these were essentially "blind" complaints. Without knowing the scale of operations, it was difficult to know just how upset to be. Nine out of ten people who had their data collected were nothing more than collateral damage caught in the extremely wide net cast by the agency.
Is Russia on the verge of creating its own controlled, closed internet?
The idea of a closed internet is hardly new; turn your eyes to East Asia, and the Great Firewall of China looms large. The Chinese government is well known for the control it likes to exert over the levels of access its citizens have to the internet, and there have been numerous well-publicized cases of censorship and access being restricted to pages that refer to certain events in the county's history. The country is highly defensive of its image, and goes to great lengths to fight off western influence -- including going as far as banning Windows 8 on government computers lest machines furnished with Microsoft's most recent operating system be used for spying on the People's Republic of China. Now it looks as though Russia could be going down a similar route.
Russian parliament has just passed a law that requires internet companies to store data about Russian citizens within the county's boundaries. The move can be viewed in a couple of ways. It is no secret that the Russian government, and Vladimir Putin in particular, is no fan of social media -- social networks were used by Russians to voice their disapproval at Putin's activities. It is thought that the move to contain citizen's data without Russia is a bid to create a Russian version of China's closed internet.
Watch as global cyber warfare unfolds before your eyes
We've all heard that the scale and number of cyber attacks are constantly increasing, and that the bad guys are only getting smarter -- but can you actually picture what the unfolding exchange of cyber attacks looks like around the world?
Well now you can, with security company Norse's real-time online map of global cyber attacks. The map uses honeypot servers around the world to entice attackers into launching their attacks, and then displays them in real time on the map. The result is pretty mesmerizing, and shows the true scale of the worldwide cyber war going on all around us.
The top 10 data breaches and how they happened
Security breaches happen all the time but it's the biggest ones that hit the headlines and send ripples through the IT community. Security consultancy TSC Advantage has looked at the top ten breaches from the last five years and what effect they've had.
Top of the list is the Adobe hack of 2013, made possible by weak password requirements and affecting 152 million customers. In second place comes the recent eBay hack involving stolen employee credentials and affecting 145 million users.
CosmicDuke malware mashup steals login data to take over networks
Security company F-Secure has uncovered a new malware attack that blends together elements of two earlier threats in an attempt to compromise enterprise networks.
CosmicDuke includes elements from the MiniDuke advanced persistent threat (APT) Trojan combined with the info-stealing Cosmu family. MiniDuke first appeared last year and was used in attacks against NATO and some European government agencies.
Check files for malware before they’re downloaded with VTzilla/ VTchromizer
VirusTotal is an excellent free web service which scans any file for malware against 50+ of the top antivirus engines. But it can take a moment to use, as you must visit the site, choose the type of scan you need (file or link), then point VirusTotal in the right direction.
VTzilla and VTchromizer are Firefox and Chrome add-ons which simplify this process by integrating VirusTotal scanning options into the browser, enabling you to check any file or URL with one or two clicks.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.