Articles about Security

EFF sets out privacy and security plans for the first 100 days under President Trump


The Electronic Frontier Foundation has set out its plans for the first 100 days under Trump, during which time it says it will continue to fight for the rights of internet and technology users.

The digital rights group has already drawn up a wishlist for covering its privacy and security dreams for 2017, but the 100-day plan sees the EFF setting out its agenda for the first few months under Trump. Having claimed that "our civil liberties need an independent defense force" and that "free speech and the rights to privacy, transparency, and innovation won’t survive on their own", EFF is prepared to go to court -- again -- to hold the new administration to account when necessary.

Continue reading

UK health trusts hit by ransomware attacks


The UK's National Health Service is being targeted by ransomware according to a new study which shows that 30 percent of NHS Trusts have suffered an attack, potentially placing patient data and lives at risk.

The findings come from a Freedom of Information Act study conducted by endpoint security company SentinelOne. It submitted FOI requests to 129 NHS Trusts, of which 94 responded.

Continue reading

Even ransomware stops for Christmas

gift hacker criminal present

An 81 percent drop recorded in Locky ransomware infections in December is thought to be down to the cyber criminals behind the malware taking a Christmas break.

Threat prevention company Check Point recorded the big drop in Locky infections as part of an eight percent overall decrease in the number of recognized malware attacks on organizations in December.

Continue reading

The list of most common passwords of 2016 includes a few surprises


Security breaches and data leaks are, obviously, a major concern, but they do have something of a silver lining. Leaks of passwords may open up the risk of individual accounts being targeted, but they also serve as a fascinating insight into the level of security people use for online services.

We all know someone who insists on using 'password' as their password, or something equally insecure such as '123456'. Keeper Security has published a list of the most common passwords used in 2016, and these old favorites remain firmly placed in the top 10. But there are a few surprises along the way, such as the weird popularity of '18atcskd2w'.

Continue reading

FBI-helping phone-cracking firm Cellebrite hit by 900GB hack


Cellebrite -- the Israeli security company famed for helping the FBI crack the iPhone at center of the San Bernardino case -- has been hit by hackers. The attack resulted in the theft of 900GB of data.

While the website Motherboard -- which was handed a copy of the data -- reports that "the cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite's products", the company has downplayed the incident.

Continue reading

How to protect yourself from the WhatsApp 'backdoor'


Earlier today we reported about a security problem in WhatsApp that means it is possible for messages to be intercepted and read by others. The so-called 'backdoor' takes advantage of the fact that WhatsApp's implementation of end-to-end encryption makes it possible to resend encrypted messages using different security keys, allowing for third parties to read them.

What is concerning many people is the fact that (by default, at least) WhatsApp does not alert users when a message is resent using a different key -- which would be a warning of something going on. Here's what you need to do to ensure you are told when the key changes.

Continue reading

'Backdoor' in WhatsApp's end-to-end encryption leaves messages open to interception [Updated]


Facebook has long-claimed that its WhatsApp messaging service is completely secure and messages cannot be intercepted thanks to its use of end-to-end encryption. But researchers have unearthed what they call a serious security flaw that makes it possible to read encrypted messages.

Based on Open Whisper Systems' Signal Protocol, the unique security keys used to implement end-to-end encryption should keep messages secure. But WhatsApp can force offline users to generate new keys and this could allow Facebook -- and third parties -- to read messages.

Continue reading

European businesses are not ready for ransomware attacks


Ransomware was the number one way hackers attacked businesses in 2016, a new report by Radware confirms. Entitled Global Application and Network Security Report 2016-2017, it says 49 percent of European businesses confirmed cyber-ransom as the biggest motivator last year.

That basically represents a 100 percent increase compared to a year before, when it stood at 25 percent.

Continue reading

Yahoo's security is a huge mess

Yahoo sign logo building

The latest reports on the data breach revelations at Yahoo, suggest that the company lost data for more than one billion users as far back as August 2013 and that the data is suspected to contain names, email addresses, hashed passwords, security questions and associated answers. In addition, Yahoo has stated that the attackers have accessed Yahoo proprietary code used to generate cookies for user access without credentials.

This major breach raises a number of questions, including: why did it take so long to identify and notify authorities about it? What are the implications for Yahoo users? What might this mean for Yahoo going forward? And what can other companies learn from these events?

Continue reading

Europe: we need more details from Yahoo about scanning emails for US intelligence


The European Union is not happy with the explanation Yahoo has given for scanning user emails for US intelligence. There is concern about how such surveillance could impact upon not only privacy, but also business between the EU and US, and trust has to be built from scratch as Donald Trump becomes president.

Yahoo -- which is on the verge of being sold to Verizon -- is not signed up to the EU-U.S. Privacy Shield agreement that blocks the US from spying on European data. As such, the company has been acting on a previously-secret court order, gathering data for the NSA and FBI. Speaking with Reuters, the EU Justice Commissioner said she wants more information about what was gathered and why.

Continue reading

New platform detects and blocks attacks using behavior patterns

Security alert

Traditional security solutions rely on detecting an attack based on existing information, which allows zero-day threats to slip through the net.

Israel-based Nyotron is launching a new generation of its PARANOID security platform designed to block attacks before they occur, regardless of threat type or method used to access the network.

Continue reading

Unsanctioned cloud use remains a problem for enterprises

Cloud server IT

A new report from cloud security company Netskope reveals that while enterprise cloud adoption continues to rise, unsanctioned use of services remains a problem.

The results show that half of all users of officially sanctioned cloud storage services like Box and Dropbox also have a personal instance of the same service. This can make detection of unauthorized copying of data more difficult.

Continue reading

Complaints about two-factor authentication are on the rise


Of companies that use two-factor authentication, 74 percent admit that they receive complaints about it from their users -- and nearly 10 percent of them just ‘hate it.’

This rather surprising information comes from a studty by access control company SecureAuth, carried out in conjunction with Amplitude Research, which surveyed 300 IT decision makers and cybersecurity professionals on industry perspectives and concerns over 2FA.

Continue reading

Public cloud has the greatest security implications say execs

Cloud login

A new survey reveals that 65 percent of senior IT and security executives think that the biggest security risks for business come from public clouds.

The study from IT solutions company BMC in conjunction with Forbes Insights also shows that 69 percent of respondents say digital transformation is forcing fundamental changes to existing cybersecurity strategies.

Continue reading

Cyberattacks against IoT devices tripled in 2016

Security attack keyboard

It only takes one successful cyber-attack to seriously hurt a company, so it’s shocking to see that UK businesses suffered, on average, almost 230,000 cyber-attacks in 2016.

This is according to Beaming. The ISP says a third of attacks was targeting company databases, but two thirds were, in fact, attacking connected devices, such as security cameras or building control systems. Such devices can be controlled remotely, through the internet.

Continue reading

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.