In the past few years the adoption of new methods to access corporate data has led to traditional endpoint security being less effective. At the same time there are concerns about the number of employees who have access to data and how much of a threat they present.
Data security specialist Vormetric has released its latest Insider Threat Report which reveals that 93 percent of US organizations polled believe that they’re vulnerable to insider threats.
Stop me if you think that you've heard this one before, but not everything that appears online is one hundred percent true. In fact, there's a huge amount of content that is twaddle, pish, balderdash -- and lots of people fall for it. Facebook is introducing a new feature that lets you report a story as being fake, and if enough other people do the same, the power of crowd sourcing means the story will be culled.
Did you resolve to increase your security in 2015? If the list of top passwords used in 2014 is anything to go by, a lot of people should have had this right at the top of their list of New Year's resolutions. Security and password firm SplashData has published its annual list of the most common (worst, in other words) passwords that are in use.
If there's anything positive to be taken from this terrifying list of insecurity, it's that 'password' is still not the most used password out there. It only slipped to second place last year to be replaced by '123456'. The top two positions remain the same this year, so there's not really that much cause for celebration. But the list makes for interesting reading, particularly when you consider these (supposedly) security-conscious times we live in.
The past few weeks have not been kind to hacking group Lizard Squad. They've managed to raise the ire of the last possible group of folks you'd wish to anger -- Anonymous. The organization is also experiencing arrests of its members, thanks to poor procedures put in place for identity protection. But the latest blow may come as poetic justice to many people.
The loosely-knit hacker communicative has been trying to sell its wares online -- namely DDoS for hire services. Unfortunately for it, and rather fortunately for the rest of us, the offering has been hacked. According to multiple reports LizardStresser.su was compromised.
Minecraft is a phenomenon. The online game is incredibly popular with well over 100 million PC downloads to date. When Microsoft bought developer Mojang last September it had to shell out a cool $2.5 billion to do so.
So it’s perhaps no surprise that players of the game have been the target of hackers keen to get their hands on poorly guarded gaming credentials. Armed with a valid user name and password, anyone can log into a game, or download a full copy of Minecraft.
While the news of the recent Sony hack has died down, it certainly isn't forgotten. The simple fact remains that we still have no clear answer on who was responsible. The US government blamed North Korea and initiated sanctions on the nation, though no real evidence was put forth to support this alleged misdeed, leaving the move to reek of political motivation.
The simple fact that the hackers originally asked for money, as if it were a hostage situation, seems to point away from state-sponsored wrongdoing, but we simply don't know the real truth, and perhaps never will. All we really know is there's a lack of evidence for this case. We'd be safe in speculating a jury would be unlikely to convict the country.
When Sony Pictures was hacked, the US was quick to point the finger of blame at North Korea. Security experts may have disagreed, but newly declassified documents show that the NSA had been monitoring the nation as far back as 2010 -- and there are even hints that the US was aware of the possibility of North Korea launching some form of cyberattack.
With the help of allies such as South Korea, US intelligence services were able to tap into North Korean web traffic. The NSA also went as far as installing malware on North Korean computers with a view to monitoring the activity of key systems. New papers published by Der Spiegel show that it is this spying that helped to pin the blame for the Sony attack on NK.
"Easy Disk Drive Repair" looked like a promising program. "An incredibly easy to use, yet powerful drive repair and maintenance tool", the developer claimed. Works with all drive types. More than one million downloads, five star awards plastered all over their product pages, and listed at big sites like Softpedia and ZDNet.
Sounded great, but we don’t like to copy and paste a developer’s description onto our own pages. We wanted to try it out, first.
When it comes to fixing security problems, it's better for everyone involved if a patch can be released as quickly as possible. A few days ago, a critical vulnerability was discovered in Verizon's FiOS app by Randy Westergren when he found it was possible to access the mail account of any Verizon customer with relative ease.
In stark comparison to the unhurried approach adopted by Microsoft to fixing problems identified in Windows -- on more than one occasion failing to hit a public disclosure deadline set by Google -- Verizon acknowledged, investigated and fixed the problem within two days. The problem itself was worrying, but the speed of reaction is impressive.
Earlier in the week, Google managed to raise the ire of Microsoft by publishing details of a vulnerability in Windows before a patch had been published. Now the same thing has happened again, but this time it's a double whammy. Google Security Research has revealed two more security holes that Microsoft is yet to fix.
Just as was the case a few days ago, Microsoft had been warned about the security problems and Google agreed to keep details private for a period of 90 days. Now the three months is up, details of the security issues have been automatically published, running the risk that users could be targeted.
Cyber crime investigators have arrested an 18-year-old man in the UK for the attacks of the Xbox Live and PlayStation Network that took place over Christmas. This is something that Lizard Squad has claimed responsibility for, but at the moment it is not clear whether the man who has been arrested is associated with the group.
South East Regional Organised Crime Unit (SEROCU) worked in conjunction with the FBI and the UK's National Cyber Crime Unit to home in on the unnamed man believed to have been involved in the DDoS attacks. Thousands of gamers had their Christmases spoiled after the gaming networks were rendered inaccessible, leading Sony to offer compensation to those affected.
Those who travel regularly count on the frequent flyer miles that almost all airlines offer. Customers use these to build up for free trips or upgrades to a better class seating section. But what happens when these miles get swiped away from you? American and United airlines are finding out.
Both flight providers have experienced theft of these miles, carried out by hackers that got hold of access from customer account information. The miles were used to book free trips and upgrades.
Perhaps best known for its SystemCare products for Windows, software company IObit is launching a new version of its Android app, AMC Security.
AMC Security is a combined security and device optimization app. Among the new premium features included in this release is Payment Guard, which is designed to protect mobile users' financial data and the mobile payment and banking process.
False positives are often accepted as a fact of life with anti-virus programs but a new survey commissioned by breach detection specialist Damballa reveals that they have a significant cost for businesses.
The study produced by the Ponemon Institute reveals that enterprises spend $1.3 million a year dealing with false positive cyber security alerts, which equals nearly 21,000 hours in wasted time.
The US and UK usually get on pretty well, but plans are afoot for the two nations to stage cyberwar on each other. Later this year, Wall Street and the City of London will be subjected to a series of attacks that is being described as "unprecedented".
But this does not signal a breakdown in the "special relationship" that extends across the Atlantic, rather the "war games" are part of a venture between the two countries to help improve security. The aim is to expand information sharing in a bid to stave off real cyber attacks that could be launched by other nations.