British banks are afraid that if they disclose the full picture of the cyberattacks they're under, they might suffer public backlash resulting in reputational damage and loss of customers. That's why they never fully report when they're under cyberattack. And the attacks are getting more frequent.
This is all according to Reuters, which cites Israeli-based cyber security firm Illusive Networks, Barclays, and others.
It seems as no one wants to buy NSA’s exploit tools. Or maybe ShadowBrokers, the group selling the tools, overpriced the deal.
The group, allegedly formed by Russian, state-sponsored hackers, decided to pull the auction on the tools. Instead, it turned it into a crowdfunded sale, aiming for 10,000 bitcoin, or slightly over $6 million.
There's an expectation that public Wi-Fi will be available pretty much everywhere we go these days. We access it almost without thinking about it, yet public networks rarely encrypt data leaving users vulnerable.
A new survey of more than 2,000 business users by networking company Xirrus finds that while 91 percent of respondents don't believe public Wi-Fi is secure, but 89 percent use it anyway.
The economics of cyber security are completely lopsided. There are a seemingly infinite number of cyber security risks out there, with more and more popping up every day. Hackers appear to have unlimited resources, and cybercriminals are literally reinvesting their lucrative profits into new and innovative ways to exploit, extort, and steal from your organization.
But... in order to foil, frustrate, and impede the nefarious schemes of these very well-equipped and well-funded adversaries, we as cyber security professionals are grudgingly allocated a hopelessly limited budget. The meagerness of which we are then asked to stretch ever so thinly across every conceivable threat vector out there in order to assure the business (management, executives, and the board) that, "We’re doing everything possible".
Ransomware is increasingly big business and more than 43 percent of malware types are used to deliver it. It can also be unwittingly spread via the use of cloud services.
To protect against the threat, cloud security company Netskope is adding ransomware detection and recovery capabilities to its Netskope Threat Protection product.
San Diego, Calif. The cop convention is in town this weekend, and I have never seen so many men in blue-grey suits or uniformed officers strutting sidearms. Quite possibly the safest-feeling place in San Diego through October 18th is the Convention Center and the areas around it—that is unless you're a lawbreaker or someone as afraid of men and women in uniform as clowns. What the hell is this clown craze anyway? Yeah, that's off-topic.
The International Association of Chiefs of Police holds its 123rd annual conference, which I blasted through (poor choice of words, I know) yesterday for a specific, and interesting product launch: Patriot One's NForce CMR1000; self-described as a "covert primary screening device for the detection of on-body concealed weapons at access points including hallways and doorways of weapons-restricted buildings and facilities". I met with CEO Martin Cronin and Chief Science Advisor Natalia Nikolova.
Following the $81 million cyberattack in February, a second hacking group has emerged with the intention of exploiting the SWIFT money transfer system to rob banks.
A report from the security firm Symantec has revealed that these cyberattacks have occurred since January and have targeted companies located in the US, Hong Kong, Australian and other countries. The firm has detected 74 different computer infections that suggest that around 100 organizations have been affected by these attacks so far.
There is a 12 year old vulnerability in OpenSSH that hackers are now using to attack Internet of Things (IoT) devices and remotely generate traffic. Akamai Technologies' researchers Ory Segal and Ezra Caltum have identified the old vulnerability and dubbed it SSHowDowN Proxy.
The researchers say hackers are using it to target CCTV, NVR, and DVR devices, satellite antenna equipment, networking devices such as routers or hotspots, and internet-connected NAS devices.
Credentials for privileged access accounts are a prime target for cyber attackers and they can often be stolen from vulnerable endpoints.
Privileged account management specialist Thycotic is tackling this problem by launching Privilege Manager for Windows, which allows IT admins to implement a wide array of policies and controls that best match their needs.
Many industries have found that the rapid expansion in demand for digital information has outpaced efforts to keep the data secure. This is a particular issue for healthcare organizations which handle confidential records yet have seen some headline breaches in recent years.
UpGuard, the company behind the CSTAR security preparedness score for enterprises, has released a new report which provides fresh data on the security failings of companies in the healthcare industry.
2016 has been a long year for retailers, with a number of them being relieved of customer data by hackers looking mostly for credit card information. Wendys, Eddie Bauer, Hard Rock Hotel and Casino Las Vegas and others have all been forced to step forward in an effort to protect customers, though largely done after the fact.
Now the latest victim has been announced as retailer Vera Bradley reveals it too has suffered a serious breach of its payment processing system.
Echoing the findings we reported earlier that companies leave cloud protection to third-parties, a new study from cloud security company Netskope reveals most companies don't scan their cloud services for malware either.
The study conducted with the Ponemon Institute shows 48 percent of companies surveyed don't inspect the cloud for malware and 12 percent are unsure if they do or not. Of those that do inspect 57 percent of respondents say they found malware.
Facebook's recently rolled-out Secret Conversations heralded the arrival of not only end-to-end encryption for users, but also disappearing messages. Not to be outdone, Edward Snowden's favorite messaging service, Signal, has followed suit.
The company behind the app, Open Whisper Systems, points out that the feature is not really designed to further improve security and privacy; rather it is a way "to keep your message history tidy".
A lack of visibility into an organization's use of cloud providers can lead to unauthorized access to data, improper handling and storage of data and unauthorized data removal. As a result, organizations are left exposed and vulnerable to a data breach.
This is among the findings of a new report from the Blancco Technology Group. Based on a survey of almost 300 IT professionals around the world it finds that 26 percent of organizations are either 'not confident' or only 'somewhat confident' about their IT teams' knowledge of the use of all cloud storage providers.
Yahoo has had a dramatic fall from grace in the last couple of weeks. While far from the most popular email service out there, it maintains a relatively healthy user base -- but all of this changed with news of a security breach resulting in the theft of 500 million account details, and the revelation that the company secretly scanned emails for the NSA.
While there has not exactly been a mass exodus away from Yahoo, many users have started to question their loyalty to the company and investigate the alternatives. If you are thinking about abandoning Yahoo, the company has put something of an obstacle in the way -- it has disabled email forwarding, saying the feature is now 'under development'.