Articles about Security

AI platform better predicts cyber attacks thanks to human experts

artificial intelligence

Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have collaborated alongside the machine learning startup PatternEx to demonstrate how an artificial intelligence platform that makes use of continuous input from human experts would be able to predict cyber attacks better than the systems that exist today.

CSAIL and PatternEx are calling their new AI platform AI² due to how it combines the intuition of analysts with artificial intelligence.

Continue reading

Frustration with conventional password management leads to risky behavior

123456_password_sticky_note

One in three Americans indulges in some form of risky password practice, such as writing them down, according to the results of a new survey.

The report from access control specialist SecureAuth finds that Americans are exasperated with conventional online password management. It reveals that 74 percent rely on means other than memory to manage their online passwords, 35 percent write passwords down and 25 percent use the same password across several accounts.

Continue reading

EFF sues Justice Department to discover if secret orders are used to decrypt user data

data_encryption_tablet

EFF (the Electronic Frontier Foundation) has filed a Freedom of Information (FOIA) lawsuit against the Justice Department. The digital rights group wants to learn whether the government has made use of secret court orders to force tech companies to provide access to encrypted user data.

After the Apple vs the FBI battle, there has been renewed interest in how companies handle not only encryption, but government requests for access to such data. With services such as WhatsApp enabling end-to-end encryption, attention has now switched to what might be happening in the background without users' knowledge. While Apple very publicly refused to provide decryption keys, EFF -- and others -- are concerned that secret court orders may be used to hide what is really happening.

Continue reading

Only 23 percent of businesses can effectively respond to cyber attacks

Exclusive: Widespread security flaw affects hundreds of UK news sites

NTT Com Security today released its annual Global Threat Intelligence Report (GTIR), which examines the threat landscape by analyzing the attacks, threats and trends from the previous year.

This year’s report is the most comprehensive to date, featuring key findings from partners including Lockheed Martin and the Center for Internet Security and pulling information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks and nearly 8,000 security clients across six continents.

Continue reading

Google's second annual Android security report shows how app and device scanning keep you safe

android_6.0_marshmallow_google

As Apple releases its transparency report, Google today releases its second Android Security Annual report. The report covers all things Android, from the security of the operating system itself, to the security of Google Play and the apps it provides access to. Of course, Google is keen to highlight everything it does to improve security for its users.

As such, the report shows how the company performs more than 400 million automatic security scans per day on devices with Google Mobile Services. Aided by machine learning, these scans help to home in on what are referred to as Potentially Harmful Applications (PHAs). Google points out that just 0.5 percent of scanned devices feature PHAs, and this dropped to 0.15 percent for devices that only installed apps from Google Play.

Continue reading

ISPs offer inadequate DDoS protection

DDoS attack start

A new report from Corero Network Security, which provides security solutions against distributed denial of service (DDoS) attacks, shows that 85 percent of enterprise end users want their Internet Service Providers (ISPs) to offer better protection against DDoS attacks.

To compile its research, the security company polled more than 100 ISPs and 75 enterprise customers in regards to their DDoS mitigation strategies. Corero found that a high number of ISPs still rely on outdated technologies to protect their customers from these attacks.

Continue reading

Apple transparency report sheds some light on government data requests

apple_store_front

Reinvigorated interest in privacy, security and surveillance means that the transparency reports published by tech companies are always greeted with some enthusiasm. How much data are governments around the world asking for from companies? How much user data are companies handing over to the authorities?

Apple's latest transparency report reveals that the iPhone manufacturer has complied with an increased number of requests for data -- including 80 percent of requests in North America, and 97 percent in Latin America. But while the report makes for interesting reading, it also highlights a problem that Microsoft recently sued the Department of Justice over: even if companies want to be transparent about data requests, when it comes to National Security Requests it is not even possible to report the precise number of requests that have been received.

Continue reading

Viber introduces end to end encryption

Microsoft's VC3 security is encryption for the cloud

The major messaging services are now placing a greater emphasis on their users' privacy and security, following the heated encryption debate started by Apple and the FBI. Viber has just announced end-to-end encryption support, making it the second leading player this month to introduce this feature after WhatsApp.

Viber has over 700 million users across the globe, but its end to end encryption feature will not be available everywhere right away. The company is focusing on Belarus, Brazil, Israel and Thailand first, with other markets to get the same treatment in the weeks that follow.

Continue reading

How the cyber crime business model is changing

Cybercrime scene

Cyber crime is an increasingly serious business and a new report released today by Trustwave looks at the top trends from the past year based on real-world data from data breach investigations.

Key findings from the report include that 97 percent of applications tested by Trustwave in 2015 had at least one vulnerability. In addition 10 percent of the vulnerabilities discovered were rated as critical or high risk.

Continue reading

Kaspersky introduces Industrial CyberSecurity solution

web_security_padlock

Security firm Kaspersky Lab today announced a new, specialized security solution, aimed at critical infrastructure and industrial facilities.

The solution, called Kaspersky Industrial CyberSecurity, is built to protect technological processes in industrial environments from cyber-attacks because, as the company says, these threats now have the potential to cross the realms, from the virtual one into the physical one, threatening not only businesses, but humanity and nature, as well.

Continue reading

Google set to improve transparency and privacy for Chrome extensions

privacy_policy_table

Google is looking to take steps that will enable Chrome users to make more informed decisions about the extensions they install. Specifically, developers will have to provide more information about data collections in the interests of transparency.

In addition, developers will have to produce a privacy policy for their extensions, and must ask for permission before collecting data about users. Google's new User Data Policy introduces these extra requirements in the wake of increased demands from users for more information about what is going on in the background.

Continue reading

Identify the ransomware that's encrypted your data

Anti-Ransomware.200.175

It’s no secret that the best way to deal with ransomware is to avoid getting infected in the first place, and tools like BDAntiRansomware, Malwarebytes Anti-Ransomware and WinAntiRansom can do a lot to keep you safe.

If your defenses are bypassed and some data lost, there may still be hope, as companies and individual researchers are producing recovery tools all the time.

Continue reading

Stop using shortened URLs to share private content

hand stop

Generating a shortened URL to share content may seem like a good idea, but it may also expose you to unnecessary security risks, a new research paper shows. Titled Gone in Six Characters: Short URLs Considered Harmful for Cloud Services, it explains how short URLs can be used by malicious players to plant malware, copy personal files, and retrieve all sorts of personal information, like your home address, among other things.

URL shorteners, as their name suggest, are meant to bring long links, that can contain dozens of characters, usually down to just a few letters and numbers. That has some clear benefits: shortened URLs suit SMS messages and tweets better, look nicer in conversations, and allow services to track the number of clicks for a specific link, among other things. But the fact that they only contain a handful of characters makes them susceptible to brute-force search.

Continue reading

Facebook video scam targets Chrome users

facebook_magnifying_glass

Researchers at security company ESET have released details of a new piece of malware that spreads disguised as video posts on Facebook.

Malicious links appear as a video post you were tagged in on a timeline, or as a message sent to you via Facebook Messenger by a friend. They use the titles, 'My first video', 'My video', 'Private video' or a string of randomly generated characters.

Continue reading

For sufficient data protection, companies must do more than just mirroring

Cracked mirror

Many folks question all sorts of things within the IT world, one them being about backup and recovery solutions. Often questions arise that are compelling and need a good answer. One of the more popular queries is why someone would need to install a backup and recovery program when mirroring is already taking place. This is an excellent question, and comes up more often than you may think. Below you will find out why mirroring alone is not enough to ensure total protection regarding your data.

Though not entirely crazy, the stance of relying upon mirroring alone for data protection seems to come from an idea that is not fully informed regarding the potential problems that could arise. In fact, the truth of the matter is that issues will often spark during the restore process, and so individuals must be well-educated and prepared regarding why mirroring is not enough to grant the protection they may be looking for.

Continue reading

© 1998-2016 BetaNews, Inc. All Rights Reserved. Privacy Policy.