Articles about Security

Amazon launches DDoS protection service AWS Shield

Amazon logo

Following the massive attack that took down the servers of the DNS service provider Dyn and a number of high profile websites including Netflix, Twitter, Spotify and Reddit last month, Amazon Web Services (AWS) has announced a new technology to protect sites against distributed denial of service (DDoS) attacks.

The new tool, which is called AWS Shield, was announced at the company's re:Invent developer event in Las Vegas. Amazon's own site was affected by the attack on Dyn and the company has now decided to launch its own DDoS protection service to ensure that its site and those that use AWS are able to withstand future attacks.

Continue reading

Social engineering attacks are a real threat to most organizations

Security attack keyboard

Social engineering, as a method of cyber-security attacks, is very popular and quite widespread, according to a new report by cybersecurity firm Agari. It had polled 200 professionals from healthcare, government, financial services and education sectors.

Six in ten (60 percent) of security leaders say their organization either was, or "may have been" a victim of at least one targeted social engineering attack, on the last year alone. Two thirds of those attacks (65 percent) led to employees’ credentials getting compromised.

Continue reading

Mirai malware spreads to routers in new countries


According to security firm Flashpoint, the latest strain of the Mirai malware responsible for infecting Deutsche Telekom routers has spread to devices in at least 10 countries other than Germany.

The firm has discovered that the new strain of Mirai has infected routers in places like the UK, Brazil, Iran and Thailand. It is still unknown how many devices have been infected in total, but Flashpoint estimates that five million devices could be vulnerable to the malware.

Continue reading

Ransomware attacks to decrease in 2017


Ransomware is expected to deflate a bit next year, but hackers won’t be resting on their laurels, that’s for sure. Instead, they might just move to dronejacking, for a "variety of criminal or hacktivist purposes".

This is according to McAfee Labs, whose new report, the McAfee Labs 2017 Threats Predictions Report, identifies 14 cyber-security trends to watch in 2017.

Continue reading

Half of IT professionals more concerned about internal threats than external ones

Hidden threat

Hackers and cyber criminals are often seen as the biggest threat to company IT systems, but a report from behavioral firewall company Preempt shows that insiders, including careless or naive employees, are now viewed as an equally important problem.

The survey carried out for Preempt by Dimensional Research finds that 49 percent of IT security professionals surveyed are more concerned about internal threats than external threats.

Continue reading

Most enterprise attempts at email authentication fail


A new study shows that 75 percent of large businesses attempting implementation of the DMARC email authentication standard are not presently capable of using it to block unauthorized email.

This means that enterprises are putting their own security, compliance, and brand protection at risk. Automated mail authentication specialist ValiMail looked at email authentication policies for more than a million business domain names, including those of Fortune 1000, NASDAQ 100, and FTSE 100 businesses.

Continue reading

The 'age of automation' can benefit the security landscape

Security Lock

Artificial intelligence (AI), machine learning and automation are technology trends dominating discussions in many different industries at the moment and cyber security is no exception.

As cyber criminals become more advanced and the threat landscape continues to develop, businesses are looking to new technologies that can help secure their organization in a more proactive way.

Continue reading

Symbol-to-accept strengthens multi-factor authentication


One of the more popular ways of securing logins in recent times has been the use of push-to-accept technology, sending a verification message to a user's mobile device.

However, this runs the risk of users inadvertently approving login requests that they didn't initiate. Adaptive access company SecureAuth is launching its new Symbol-to-accept technology to boost security without sacrificing convenience.

Continue reading

60 percent of enterprises have fallen victim to social engineering in 2016

hand arm laptop security phishing lure scam

A new study from cyber security company Agari reveals the scale of social engineering attacks on industrial organizations across the US.

Of over 200 security leaders surveyed 60 percent say their organizations were, or may have been, victim of at least one targeted social engineering attack in the past year, and 65 percent of those who were attacked say that employees' credentials were compromised as a result. In addition, financial accounts were breached in 17 percent of attacks.

Continue reading

Sentiment analysis helps sales teams measure customer reaction

sales business analytics

One of the problems sales teams face is knowing how their pitches, presentations and marketing materials are perceived by the customer.

Cloud-based sales and content management platform Pitcher is hoping to offer teams better insight with its newly patented Sentiment Analysis Module (SAM).

Continue reading

Deutsche Telekom hack affects 900,000 customers

Deutsche Telekom

German telecommunications giant and T-Mobile parent company Deutsche Telekom was the victim of a cyber-attack over the weekend, which left some 900,000 users affected, the company confirms in a blog post.

This weekend, a hacker (or more likely, hackers) infiltrated the company, and tried to infect users' home routers with malware. Deutsche Telekom said its network was not affected "at any time".

Continue reading

It is terrifyingly easy to bypass BitLocker in Windows 10

Windows 10 finger

The BitLocker feature of Windows is supposed to offer a degree of peace of mind that files are going to be secure -- but one expert points out that a simple key combo is all it takes to bypass the security feature.

A bug has been discovered in the way Windows 10 handles a Feature Update -- the installation of a new build of the operating system. By taking advantage of the bug, it is possible to access a Command Prompt and gain unrestricted access to the contents of the hard drive.

Continue reading

Mitigating the risks of third-party access to your data

Risk puzzle piece

If your office was broken into, you would fear what the intruders might take. Being so concerned about the possibility, you fit all the right locks and alarms and have good door and window security. However, do all the service providers that access your office do the same? If they’re not as security conscious, and they get broken into, the intruders could get hold of the access card or key to your office and then they’re in.

It would be galling because, despite having done all the right things to protect your company’s assets, your defenses were still breached. There was a weakness but it wasn’t your security. You gave a vendor the means to access your business to do you a service, and that access was exploited by someone with the skills to take advantage of their weak security.

Continue reading

The Snooper's Charter is now law, giving the UK some of the most extensive, invasive and draconian web surveillance powers in the world


The Investigatory Powers Act 2016, the Snooper's Charter, legalized spying: call it what you will, the UK now officially has some of the most extreme internet surveillance powers in the world. The Investigatory Powers Bill was today given royal assent, meaning it has now passed into law.

Unsurprisingly, there have been huge protests from privacy groups, and an online petition against the new powers has already gained more than 136,000 signatures. The Investigatory Powers Act 2016 not only requires ISPs to store records of their customers' browsing history, but also make this data available to dozens of government agencies, and even permits state hacking of phones and computers.

Continue reading

Sophisticated social engineering attacks target hotel chains


In the run up to one of the hospitality industry's busiest periods, cyber criminals are targeting hotel chains with a series of targeted attacks.

Cyber security company Trustwave has investigated the attacks, which combine social engineering with sophisticated malware, against a number of its clients in the past month.

Continue reading

© 1998-2016 BetaNews, Inc. All Rights Reserved. Privacy Policy.