It seems like data breaches are seldom out of the news these days, but whilst that means we're more likely to be aware of their existence it also means there's a risk that individual threats begin to fade into the general day-to-day techy chatter and we don't give them the attention they deserve.
The growing number of breaches -- up 10 percent over last year according to a recent study by the Ponemon institute -- means they're less likely to catch our attention. Security training firm KnowBe4 refers to this phenomenon as "breach fatigue" and warns that it may be placing companies at risk.
According to data released by security company Trustwave which has analyzed evidence from almost 700 security breaches that took place in 2013, retail is the most compromised industry, accounting for 35 percent of attacks investigated.
The food and drink industry ranks second on 18 percent followed by hospitality on 11 percent. Perhaps not surprisingly e-commerce is most at risk, making up 54 percent of assets targeted whilst data centers account for only 10 percent. Point of sale breaches made up 33 percent of Trustwave’s investigations.
For an increasing number of celebrities who have seen their nude photos being leaked online, The Fappening will always be a never-ending nightmare, which will come back to haunt them for a long time to come. Once it's online, it stays there, ready for the world to see. Meanwhile, for others it will serve as a source of frequent enjoyment, in no small part thanks to Apple. Its iCloud service appears to be the source of the leaks for most files, and this includes the latest batch, called The Fappening part 3, which just surfaced.
Reddit and 4chan have served as the gateways to the new leaked photos, with download links showing up this past weekend. It's a recurring theme, as the two community forums have been involved in propagating hundreds of such images since The Fappening hit in early-September. Threads on the topic have been banned and new policies have been implemented, but, despite these efforts, it is all for naught apparently.
Apple's recently released iPhone 6 is susceptible to the same fingerprint forging attack as the iPhone 5s, according to the latest security research.
Mark Rogers, principal security researcher for mobile security firm Lookout, used techniques which are well-known to police officials and prototypers to access the device.
Apple has admitted that most OS X users have nothing to be concerned about when it comes to the bug that has been dubbed "worse than Heartbleed".
In a statement the firm admitted that it is already working on a software update for advanced UNIX users that repairs the major exploit that can be used by hackers to gain access to connected devices by inserting malicious code into the "Bash" command shell in OS X and Linux.
A worrying new security vulnerability has muscled its way onto the Internet, and world-leading security experts are saying it's even worse than this year's Heartbleed fiasco. Called "Bash" or "Shellshock", the security flaw is inherent to a computer's shell. This is the user interface that accesses operating systems like Command Prompt, and means that many Linux, UNIX, and some BSD systems (including Apple's OS X) are vulnerable. Worryingly, the ubiquitous nature of the bug means that a large percentage of software is engaged in constant interaction with the shell. Consequently the bug can infiltrate software in a number of different ways.
So what can you do to protect yourself against this frightening new bug, and how can you avoid Shellshock? Well, the answer is basically the same as it's always been. There's no special tool or patch that'll keep you protected from Shellshock. It's just pure, common-sense cyber security.
Ever since yesterday’s news of the Shellshock Bash bug broke cyber security experts have been lining up to make clear how bad it really is.
Unlike Heartbleed, which affected mainly servers, Shellshock leaves a whole host of systems vulnerable including Apple OSX systems and many internet of things devices with embedded code that’s based on Unix or Linux.
Apple and Google do not want the US Government to be able to access your private data, even when search warrants are involved. It's a bold stand they're taking, which has been applauded by privacy advocates and, quite probably, criminals as well. But, guess what? That does not sit well with the authorities. FBI Director James Comey is troubled by the idea that the all-mighty agency that he runs can be stopped dead in its tracks when trying to see your intimate photos, videos and whatnot. Imagine that.
Here's what the fuss is all about. If encryption is turned on, the encryption key, that is needed in order to access the data that is stored on an Android or iOS 8 device, is in the user's control, instead of Google's or Apple's. As such, this allows the companies to be unable to comply with search warrants. It's clever: you can't give what you don't have.
A worrying new security vulnerability means that all Apple Mac computers, about half of all websites, and even internet connected home appliances are all vulnerable to hackers. Security experts are saying it's even worse than this year's Heartbleed fiasco. But what is Shellshock exactly, and what does it mean for the security of your business?
Shellshock exploits a vulnerability in Bash. Bash, an acronym for Bourne Again Shell, is a command-line shell used by many UNIX computers. UNIX is an operating system on which many others are built, such as Linux and Mac OS. So if any part of your business runs on a Unix-based operating system, it could be vulnerable.
Xiaomi has found itself under scrutiny due to concerns that it may be a security threat, with the Taiwanese government expected to make a decision on the smartphone company within three months. It is unclear whether this could lead to a ban on Xiaomi's low-priced smartphones in Taiwan.
A statement on the website of Taiwan's executive branch on Tuesday referred to the fact that some of the company's smartphones automatically send user data back to the Xiaomi servers in Beijing, resulting in a risk of security breaches.
Although it seems that the Heartbleed bug wasn't exploited before its existence was disclosed, that doesn’t mean the security world can rest on its laurels.
The latest problem to be revealed is a bug in the commonly used Bash command interpreter that poses a critical risk to Linux and Unix systems. And since these form the backbone of the internet and are in many other systems as well it's a threat to the rest of us too.
eBay is being put under intense pressure by leading security researchers to take action over the dangerous listings that are tricking customers into giving away their personal data.
Whilst smaller businesses are keeping pace with mobile adoption trends they don't always have the security knowledge needed to protect themselves.
This is among the findings of a survey by Kaspersky Lab which asked 3,900 IT professionals worldwide about the challenges encountered by their businesses over the last year.
Although mobile devices are becoming essential in many workplaces security budgets are failing to reflect the growing numbers of devices that need protection.
This is among the findings of a new report by electronics and systems specialist Raytheon. According to the research around one-third of employees use mobile devices exclusively to do their work and this is expected to increase to an average of 47 percent of employees in the next year.
As we all carry out more of our day-to-day transactions online and access the internet through a wider range of devices, we're opening ourselves up to greater potential risk.
Add in the constant battle of security providers to stay ahead of hackers and malware writers and it's easy to doubt if you can ever stay truly safe online. Joe Siegrist CEO of password management specialist LastPass thinks that although it's not 100 percent possible to hack-proof yourself, you can significantly reduce your risk, we spoke to him to find out how.