Researchers at Kaspersky Lab have uncovered a new strain of malware spreading via The Pirate Bay torrent tracker site.

Named after the classic Russian doll, PirateMatryoshka aims to infect users' computers with adware and tools that spreads further malware onto the device. It carries a Trojan-downloader disguised as a hacked version of legitimate software used in everyday PC activity.

Continue reading →

Researchers at email and data security company Mimecast have uncovered a bug in Microsoft Word that can be used to bypass security systems.

The bug incorrectly handles integer overflows and can be used to circumvent security systems and fool parsers to deliver remote code that can take complete control over a compromised machine.

Continue reading →

Given the number of high profile security breaches that make the headlines, you'd expect people to be wary about online security.

But a new study by Malwarebytes Labs shows a mismatch between people's confidence in their own privacy and security practices and their actual behavior.

Continue reading →

It's well known that there is a skills shortage in cyber security, with a predicted global shortfall of 1.8 million cybersecurity professionals by 2022.

But new research, commissioned by cybersecurity training organization the SANS Institute and conducted by respected research firm Vanson Bourne  polled 4000 students across the UK and EMEA and reveals a lack of awareness of careers in the sector.

Continue reading →

Levels of attack traffic observed by F-Secure's network of decoy honeypots in 2018 increased by 32 percent over the previous year, and increased fourfold in the latter half of 2018 compared with the first half of the year.

The report suggests that many companies may not have the visibility they need to catch attacks that make it past preventative measures like firewalls and endpoint protection.

Continue reading →

Open source breaches have increased by 71 percent over the last five years, while 26 percent of companies have reported a confirmed or suspected web application breach in the past year alone according to a new report.

The study from open source governance specialist Sonatype also shows 41 percent of executives admit their company doesn’t follow an open source governance programme.

Continue reading →

The World Wide Web Consortium (W3C) and the FIDO Alliance have today announced that the Web Authentication (WebAuthn) specification is now an official web standard.

W3C's WebAuthn recommendation, a core component of the FIDO Alliance's FIDO2 set of specifications, is a browser/platform standard for simpler and stronger authentication.

Continue reading →

We recently reported on how formjacking has become a popular and lucrative form of online fraud. It’s difficult for the consumer to detect which makes it a particular hazard.

But in the UK the new Open Banking standard, aimed at making it easier for consumers to share financial data across organizations, could make formjacking and other frauds obsolete. We spoke to Luca Martinetti, CTO and co-founder of financial API provider TrueLayer  to find out more

Continue reading →

If you want to secure your future in the IT industry then it seems that blockchain and security are the areas you need to be in.

A report from career marketplace Hired shows that in the past year there has been a 517 percent increase in demand for blockchain engineers year on year, and a 132 percent jump for security engineers.

Continue reading →

Despite the fact that in recent months we've seen cybercriminals focusing their efforts on businesses, 68 percent of infections are seen on consumer endpoints, compared to 32 percent on business endpoints.

This is one of the findings of the latest Webroot Threat Report, which also shows that legitimate websites are frequently compromised to host malicious content, with 40 percent of malicious URLs hosted on good domains.

Continue reading →

If you've ever tried to book tickets for a concert, festival or event you will know that it can be something of a frustrating experience, and bots could be making it even more so.

New research from Distil Networks finds 39.9 percent of traffic on ticketing sites comes from bots used by brokers, scalpers, hospitality agencies, and sundry criminals to execute a number of attacks, including denial of inventory, spinning and scalping, scraping seat map inventory, fan account takeover, and fraud.

Continue reading →

A new study reveals that 87 percent of cybersecurity professionals believe separating privileged environments from corporate, internet-exposed environments is highly critical for protecting sensitive information.

But the Privileged Access Workstations (PAW) survey carried out by Cybersecurity Insiders for endpoint security company Hysolate also finds that time-consuming access processes and the inability to install apps, browse the web or plug in external devices, are key implementation roadblocks.

Continue reading →

Public cloud adoption is growing fast, but it's not without problems. A new report from network verification company Veriflow uncovers a disconnect between network and other teams involved in the management and oversight of the public-cloud portion of their networks.

IT teams are struggling with network infrastructure challenges caused by the cloud, such as impaired visibility and more frequent security threats.

Continue reading →

Optimizing existing cloud use for cost savings is the top initiative for users in 2019 for the third year in a row, increasing to 64 percent from 58 percent in 2018.

This is one of the findings of the RightScale 2019 State of the Cloud Report from Flexera. Among other highlights are that enterprises plan to spend 24 percent more on public cloud in 2019 compared to 2018.

Continue reading →

Thanks to the huge volume of stolen credentials now available online, credential stuffing has become a major issue for the retail industry.

A new report from edge platform specialist Akamai shows that hackers directed credential abuse attempts at retail sites more than 10 billion times from May to December last year.

Continue reading →