Articles about Security

UK government wants to fine companies for data breaches

Google to cough up $19 million in kids' in-app purchases case

Even though the TalkTalk hack happened last October, it’s still sending ripples through the cyber-security world. The Department for Culture, Media and Sport has given a number of recommendations, following the breach.

Among the recommendations is the idea of fining companies that fail on cyber-security, as well as the idea of linking the CEO’s pay to effective cyber-security.

Continue reading

USB devices still represent a major security threat for enterprises

man hand usb flash laptop drive business suit

With the increasing move to the cloud, it may seem that USB storage devices are becoming obsolete. However, research by endpoint protection company CoSoSys suggests that USB still has a place.

The survey of 2016 Infosecurity Europe visitors looks at the use of USB storage devices in the enterprise and the policies governing them.

Continue reading

Warning! GoToMyPC hit by password hackers

hacked

By their very nature, remote access tools represent something of a security risk. It's only a couple of weeks since TeamViewer users complained about account hijacking, and now GoToMyPC has been hit by hackers.

The service has been hit by what is being described as a "very sophisticated password attack", and the company is advising all users to reset their passwords. Details are a little thin on the ground at the moment as an investigation is currently underway, but users are warned to monitor their account and change their passwords.

Continue reading

Acer store hacked and customer credit card data stolen

Hacker-detection2

The internet seems to be a series of high-profile attacks stealing all sorts of data. We've seen this event carried out across websites and retail locations, Login information, passwords, credit cards, it's all fair game to those who wish to do harm.

The latest is with the Acer store, which is claiming the credit card information, user names and passwords for some 34,500 users has been stolen. The company has sent out emails to customers to notify of the breach.

Continue reading

Hackers selling more than 70,000 compromised servers

hacker username password login

Pssst! Hey, kids, wanna buy a remote desktop protocol server, cheap? I guess I should say "Вы хотите купить сервер?"

Security researchers from Kaspersky Lab say they’d found a global forum, run by a Russian-speaking group, where hackers could buy access to compromised servers for as little as $6 (£4.25) per server.

Continue reading

Hackers steal 45 million forum account credentials

Hacker desk laptop hoodie hacking hooded

The Canadian media company VerticalScope, which operates a number of support forums on a range of topics, was targeted by hackers who were able to obtain user information from around 45 million accounts.

Although news of the massive security breach has just surfaced thanks to LeakedSource, which collects information on data breaches, the actual hack took place in February when over 1,000 support forums and websites on tech, sports and other topics were infiltrated by unknown attackers.

Continue reading

Average data breach cost rises to $4 million

sad woman calculator

The average cost of a data breach has jumped 29 percent since 2013, a new report by IBM Security and the Ponemon Institute says. This brings the figure up to $4 million per breach.

The number and the severity of these incidents keeps on growing, the two companies said in the report.

Continue reading

Why organizations need a risk-based approach to securing payment card data [Q&A]

Credit card theft

The Payment Card Industry Data Security Standard (PCI DSS) has done much to cut credit card fraud by ensuring that businesses comply with the rules.

But Charles White founder and chief executive of UK-based risk consultancy Information Risk Management (IRM) argues that it has now become little more than a tick box activity which enterprises go through to gain accreditation.

Continue reading

App collusion is not a myth anymore

smartphone man magic

Up until today, app collusion for malicious purposes has been in the domain of myths and urban legends, but according to a new report by Intel Security, no more.

The security firm released its latest security report, entitled McAfee Labs Threats Report: June 2016, in which it says that it had found some apps capable of app collusion.

Continue reading

AT&T fends off 200,000 malware attacks every day

Google stops developers and Mac users installing unofficial Chrome extensions

AT&T has revealed that its network is constantly under the threat of attack by cybercriminals looking for ways to breach its security.

Each day the company detects over 30 billion malicious scans being deployed to find weaknesses in its network. Cybercriminals often use such scans to detect security vulnerabilities that could be exploited in future attacks. Researchers at AT&T also noted how the number of ransomware attacks increased significantly, with as many as 1.5 million new attacks occurring between 2013 and 2015.

Continue reading

Major websites are vulnerable to advanced bots

Google finds security questions are crap because your answers are fake

Pretty much every top website, in retail, financial services, consumer services, OTA members (Online Trust Alliance), news and media, and top US government agencies, is vulnerable to advanced bots, new research says.

Bot detection and mitigation company Distil Networks, analyzed 1,000 top websites in these verticals, and how they behave against crude, simple, evasive and advanced bots. All of the verticals performed quite well against crude bots, (75 percent in consumer services, 70 percent in government, 65 percent in financial services, 64 percent in news and media, 78 percent in retail and 67 percent in OTA members), but when it comes to advanced bots, one percent is the best result found.

Continue reading

Most countries unprepared for General Data Protection Regulation

Globe content sharing

The EU's General Data Protection Regulation (GDPR) intended to strengthen data protection is due to come into force in May 2018, yet new research from content management company Metalogix shows IT professionals in many countries aren't prepared for it.

Among the top IT considerations for a cloud archiving solution, GDPR readiness ranked only fourth, named by 26 percent, behind security (79 percent), administrative control (50 percent), and service level agreements (44 percent).

Continue reading

Apple: Developers must use App Transport Security by 2017

apple_store_front

Apple has announced that the deadline by which app developers must enable App Transport Security (ATS) in all apps is 1 January 2017. ATS is not a new feature of iOS 10, having been introduced in iOS 9 and it increases the security of data transferred over the web by apps.

With ATS enabled, apps are forced to use the far more secure HTTPS rather than HTTP, and this is something we've become accustomed to looking out for when browsing the web. At the moment, developers are able to disable ATS, but from the end of the year this will no longer be possible.

Continue reading

Retailers aren't spending on the right areas to protect data

Security money currency yen euro dollar

The retail sector has been the subject of some of the most high profile data breaches in recent years. Add to this the willingness of customers to switch allegiance in the event of a breach and it's clear the industry needs to take security seriously.

A new survey from enterprise data protection specialist Vormetric in conjunction with 451 Research focuses on retail companies, detailing IT security spending plans, perceptions of threats to data, rates of data breach failures and data security stances.

Continue reading

IT vs security pros: Handling appsec

web_security_padlock

A new report into corporate app security, conducted by runtime application security visibility and protection company Prevoty, shows significant discrepancies between IT and security professionals, when it comes to app security.

The report, entitled "The Real Root Cause of Breaches -- Security and IT Pros at Odds Over AppSec", is based on a poll of more than 1,000 IT and security professionals and says there are major divides in how these two groups handle app updates, app security tuning and backlogging.

Continue reading

© 1998-2016 BetaNews, Inc. All Rights Reserved. Privacy Policy.