People are risking a lot when they connect to a free Wi-Fi, which is particularly important knowing how many people use mobile devices for work. According to a new report by NordVPN, a company selling VPN services, Wi-Fi networks can be hacked easily and attackers could steal valuable data, including corporate information, credit card information or identities.
"Hackers often position themselves as Wi-Fi hotspots and easily steal personal information of each individual that logs in", says NordVPN. "In addition, identity thieves have lately been using wireless sniffers, a software designed to intercept and decode data when it is transmitted over a network".
A new report from Kaspersky Lab has found that large businesses that struggle to attract sufficiently skilled security experts end up paying up to three times more to recover from a cyber security incident.
The much talked-about skills gap in the security industry continues to cause problems for businesses, as increasing wages, a general shortage of expert availability and the need for more specialists are all prevalent.
Every open source research project -- no matter how simple or complex -- starts with browsing the internet. But researchers should know that their identity can be obtained through a number of basic techniques, which could have consequences ranging from modified data to directed cyber attacks or worse.
Even the simplest of website visits will expose significant details about your location and your device, and pretty much any site you visit will drop code on your computer to track what you’re doing as you traverse the internet. Most of the time, this exchange is benign, but there can be times when content will be modified or attacks launched based on the identity of the user.
Virtual private networks (VPNs) are an effective way of masking your internet activity when using public networks.
However, they've always seemed a bit geeky, which puts many everyday internet users off using them. VPN specialist Hide My Ass! (HMA!) is aiming to change that with a new version of its product aimed at people who haven't previously used a VPN.
Windows' User Account Control (UAC) feature was designed to help keep computers safe from malicious software installations, but there are already at least a couple of ways to bypass it. A new technique for circumventing UAC not only makes it possible to execute commands on a computer, but to do so without leaving a single trace.
Security researchers Matt Nelson and Matt Graeber discovered the vulnerability and developed a proof-of-concept exploit. The pair tested the exploit on Windows 7 and Windows 10, but say that the technique can be used to bypass security on any version of Windows that uses UAC.
The NSA has (or had...) a collection of malware in its cyber arsenal. It has been stolen by hackers. It is now available to buy.
A group of hackers going by the name of Shadow Brokers claims to have stolen a range of hacking and malware tools from Equation Group's servers -- Equation Group is itself closely linked with the NSA. The group is offering the tools for auction and will sell them to the highest bidder. If bidding reaches one million Bitcoins, however, the group says it will make the tools publicly available to all.
There are a number of high profile ransomware programs doing the rounds at the moment and we know that it can generate lucrative returns for the people behind it.
But just as in the legitimate commercial world, the as-a-service model is starting to gain traction with attackers. Security vendor Check Point is releasing details of Cerber, which it believes is the world's biggest ransomware-as-a-service scheme.
Phishing is one of the major security threats that enterprises now face, but according to new research from Duo Security users are putting 31 percent of organizations at risk of a data breach due to phishing attacks.
Based on feedback from the Duo Insight phishing simulation tool, the company finds that 31 percent of users clicked the link in a phishing email and worse still 17 percent entered their username and password, giving an attacker in a real-world scenario the keys to corporate data.
Professional social network LinkedIn is suing 100 anonymous individuals for data scraping. It is hoped that a court order will be able to reveal the identities of those responsible for using bots to harvest user data from the site.
The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data. Its lawsuit seeks to use the data scrapers' IP addresses and then discover their true identity in order to take action against them.
Android has had something of a rough time of things lately with the discovery of the Quadrooter vulnerability and the revelation that a flaw in version 3.6 of the Linux kernel also affects Google's mobile operating system.
Security firm Lookout estimates that 80 percent of Android devices (around 1.4 billion devices) are affected. While initial reports suggested that devices up to Android 4.4 KitKat are at risk, further testing shows that the problem still exists all the way up to Android 7.0 Nougat.
Keeping patients’ confidential records secure is of utmost importance to healthcare organizations and the vendors who work alongside them. Not only is the proper safeguarding of information a good practice, it’s the law.
The Health Insurance Portability and Accountability Act (HIPAA) seeks to protect the sensitive data of patients and to empower healthcare practitioners to keep that information safe through strong security and privacy policies.
Back in the day, people had to walk into a bank in order to rob it. They also had to walk into a car in order to steal it. Nowadays, people rob banks from the comfort of their home (or their parents’ basements), and it’s only a matter of time before they start hijacking cars the same way.
According to a couple of researchers, whose work has been covered by Wired recently, we’re already halfway there -- a new vulnerability has been found which allows hackers to remotely unlock 100 million Volkswagen cars.
Asian nations are not very secure places to keep your digital data, a new report by secure data centre Artmotion suggests.
The report was built on data from the UN, World Economic Forum and Transparency International, among other groups. Titled Data Danger Zones, it ranks more than 170 nations on how good they are at keeping data secure.
Security researchers at the University of California, Riverside, have uncovered a major Linux vulnerability that enables hackers to hijack Internet traffic which, if exploited, can be used to intercept communications, launch targeted attacks, and lower Tor's anonymity. The vulnerability impacts iterations of the open-source kernel released in the past four years.
The security researchers believe that this security issue "affects a wide range of devices and hosts" -- the open-source kernel is well known for powering a significant number of servers and being at the heart of Android, the most popular mobile operating system today. The vulnerability was introduced in a TCP specification that is found in Linux versions starting with 3.6, which was released in September 2012.
Phishing attacks are on the increase and are becoming increasingly sophisticated. This means that older technologies such as blacklisting known phishing sites are struggling to keep up with the threat. The Anti Phishing Working Group detected a 250 percent jump in phishing sites between October 2015 and March 2016.
Fraud protection company Easy Solutions is helping to combat the problem with the public beta launch of its Swordphish predictive phishing and malware risk assessment technology.