Articles about Security

Payment card industry must meet new security standards by end of June

Chip and pin card reader

Companies that accept credit card payments and process cardholder data are facing some significant changes that they will need to comply with by June 30th.

This is a result of new Data Security Standard requirements from the Payment Card Industry Security Standards Council, known as PCI DSS 3.0. This will see many of the things that were previously only seen as best practice become mandatory.

Continue reading

China military bans smartwatches to lower security risks

Big smartwatch worn on right wrist

China has warned its soldiers not to use smartwatches and wearable gadgets as they could be in breach of army security protocols.

The country’s military issued a statement against the use of Internet connected devices after a recruit attempted to take a photograph using a smartwatch. Restrictions surrounding mobile phone use are already in place.

Continue reading

It's far too easy to steal an Apple Watch

It's far too easy to steal an Apple Watch

The problem with a lot of technology is that it acts as a beacon to thieves. Use a phone or tablet in public and you run the risk of having it swiped from under your nose. To overcome this, Apple and Google have built in security features that make it possible to render useless iPhones, iPads and Android devices. The same, however, cannot be said of the Apple Watch.

While the Apple Watch does feature a passcode system that is used as a locking mechanism when the wearable is removed from the wrist, it is incredibly easy to bypass. A thief can grab a Watch, factory reset it and pair it with their own iPhone. The risk of arrest aside -- and, you know, morals -- there is no deterrent to helping oneself to a Watch and claiming it as your own.

Continue reading

Bots generate more internet traffic than humans


According to a new survey from cloud security provider Distil Networks humans accounted for only 40.9 percent of web traffic in 2014 with the remainder accounted for by bots.

This compares with 50.8 percent human traffic in 2013, however the good news is that 'bad bot' traffic is down from 24.22 percent to 22.78. The rise in good bot traffic that makes up the difference is thought to be from more aggressive indexing by Bing and new search engines in 2014.

Continue reading

More than 1,000 companies join IBM in the battle against cybercrime


Last month IBM launched its X-Force Exchange opening up access to threat intelligence data to help in the fight against cybercrime.

With 80 percent of cyber attacks now coming from organized gangs it's important that the good guys get organized too. IBM has announced today that more than 1,000 organizations across 16 industries are participating in the new threat intelligence community.

Continue reading

Millennials are a bigger risk to mobile security than other age groups

business mobile

Around half of the workforce will be millennials by 2020, but according to a new survey by endpoint security specialists Absolute Software they're likely to present a bigger risk to data security.

The survey questioned more than 750 Americans over the age of 18 who work for a company with 50 or more employees and use an employer-owned mobile device.

Continue reading

Internet of Things cannot remain a security blind spot

Internet of Things

The network is more exposed than ever before with the expanded attack surface IoT brings, leading to increasing support for securing interconnected devices. As the Industrialization of Hacking evolves, so does the number of vulnerable end points on the network including physical systems, mobile devices and wearable technologies.

The biggest challenge is a lack of visibility. The key to seeing an attacker’s every move, from control networks to the data center to the cloud, is contextual visibility by monitoring events and actions across the entire threat landscape before, during and after an attack. Only then will IT be able to continuously detect threats and address them in real time, decreasing the risk that the malicious activity will go undetected.

Continue reading

The challenges of protecting the hybrid cloud [Q&A]


With more and more companies storing apps in the cloud and others remaining in-house, security can become something of a headache. On-site security tools are ineffective against web attacks leaving organizations with multiple protection solutions in place.

The launch of hybrid cloud solutions such as Radware's WAF (Web Application Firewall) means it’s possible to protect all systems with just one application but what implications does this have for the enterprise? We spoke to Carl Herberger, VP of Security Solutions at application delivery and security specialist Radware to find out more about the benefits of hybrid WAF solutions and how they can be implemented.

Continue reading

Jamie Oliver is trying to steal your passwords


Celebrity chef Jamie Oliver’s website seems to serve three main purposes these days -- provide tasty recipes to try in the kitchen, keep visitors informed about his latest campaigns and, oh yes, infect your PC with password stealing malware.

Three months ago, Malwarebytes discovered a well hidden malicious injection on the official website of Jamie Oliver which redirected unsuspecting visitors to an exploit kit. This was apparently dealt with, but then a month later the issue resurfaced. So surely, after having been infected twice, the site is now clean? I think you can guess the answer to that.

Continue reading

Home and small office routers are being hijacked for DDoS attacks

Wi-Fi router

The router security message really should have been driven home years ago, but it seems that a lack of basic security practices by ISPs, vendors and users has resulted in large numbers of hacker-controlled routers being used to launch DDoS attacks.

A New report from web security specialist Incapsula says it has uncovered a DDoS botnet comprising tens of thousands of hijacked routers. It's now sharing the attack details in an attempt to raise awareness about the dangers posed by under-secured, connected devices.

Continue reading

Safety is an essential concern for the future of wearables


Wearables, from smart wristbands to smart clothing, hold vast potential to enhance everyday life, from a person’s health to workplace productivity.

Their potential is vast as demonstrated by predictions of the market growth for wearables, anticipated to exceed more than $100 billion (£64 billion) in annual sales by 2018, according to Generator Research. The recently launched Apple Watch only adds momentum to this promising new technology category.

Continue reading

The ILoveYou legacy -- how malware has changed in the past 15 years

Malware virus detected

Where were you when the 'ILoveYou' bug started spreading on 4 May 2000? Was your computer one of the tens of millions of PCs the Love Letter attacked?

Fifteen years ago, email messages with the subject line 'ILoveYou' and the message 'Kindly check the attached LOVELETTER coming from me' started propagating to millions of inboxes. The malware-laced attachment was named LOVE-LETTER-FOR-YOU.txt.vbs. Since the vbs extension was hidden by default, it seemed to recipients that the attachment was a harmless txt file. Once the attachment was opened, a VBS script would overwrite image files and send the LoveLetter email to all contacts in the victim’s Outlook address book.

Continue reading

Cybersecurity firm accused of hacking potential clients, extorting them to buy its services


There have been numerous instances in the past where anti-virus companies have been accused -- and in many cases caught -- of creating malware their products combat. We’re learning of yet another similar case. A former employee of cybersecurity firm Tiversa is accusing the company of fraud.

Richard Wallace, one of the former investigators at the firm has testified against the firm in a Washington DC courtroom. Wallace says that Tiversa employees would hack their potential clients to force them to buy services from the firm.

Continue reading

Anonymous Tor Cloud project closes down

Anonymous Tor Cloud project closes down

The Tor browser is used by many to stay anonymous online -- and it's something that has been embraced by the likes of WikiLeaks as a way to safely gather information whilst hopefully avoiding the surveillance of the NSA. One lesser known project from the same stables is the Tor Cloud service, and Tor has announced that it is closing down.

Based on the Amazon EC2 cloud computing platform, Tor Cloud provided a way to share computing resources and allow faster uncensored access to the internet. However, the project is plagued with "at least one major bug ... that makes it completely dysfunctional" and after failing to find anyone to undertake the work, the decision was taken to shutter Tor Cloud. This does not mean that Tor itself is dead -- far from it -- and developers are being encouraged to create their own forked versions of Tor Cloud.

Continue reading

Is it time for apps to protect themselves against threats? [Q&A]


Most security researchers now acknowledge that it is only a matter of time before a business suffers some form of compromise as the bad guys follow the money and conventional security tools struggle to keep pace. A recent report from Gartner stresses the need for apps to become self protecting rather than rely on security tools.

But how easy is it to produce a self-protecting app and how effective are they against malware? We spoke to Gordon Young, UK Sales Director of security specialist Promon to find out more.

Continue reading

© 1998-2015 BetaNews, Inc. All Rights Reserved. Privacy Policy.