Articles about Security

Healthcare sector accounts for most cyber security incidents


The healthcare industry accounted for 26 percent of security incidents in the second quarter of 2017 according to a new report.

The study from McAfee Labs sees healthcare surpass the public sector to report the greatest number of security incidents in Q2. The health, public, and education sectors combined comprised more than 50 percent of total incidents in 2016-2017 worldwide.

Continue reading

Dirty COW Linux vulnerability reappears as ZNIU malware threat to Android users


It has been quite some time -- nearly a year in fact -- since we were talking about the Dirty COW vulnerability affecting the Linux kernel. Now the vulnerability is back, but this time it is Android users who need to be concerned.

The privilege escalation vulnerability has been exploited by a piece of malware by the name of ZNIU, or AndroidOS_ZNIU. The malware uses the Dirty COW exploit to root devices and install a backdoor which can then be used to collect data and also generate profit for the attackers through a premium rate phone number.

Continue reading

macOS High Sierra launch blighted by password-stealing keychain 0-day vulnerability


Apple has only just released macOS High Sierra, but before the update was even out of the door, a 0-day vulnerability had been discovered. A flaw in the Mac keychain makes it possible for malicious applications to steal the contents of the keychain, including plaintext passwords. It affects not only High Sierra, but also older version of macOS.

The way keychain works means that it should not be possible for the keychain to be accessed without providing the master password, but the vulnerability bypasses this requirement. The problem was discovered and demonstrated by security researcher Patrick Wardle from Synack, who is also a former NSA hacker.

Continue reading

Ransomware attacks affect five percent of SMBs


Five percent of all small and medium-sized companies in the entire world were victims of a ransomware attack in 2016 alone, with the money paid out to reclaim data reaching new highs, new research has revealed.

Datto's new State of the Channel Ransomware Report found that an estimated $301 million (£222 million) was paid to ransomware hackers from 2016-2017.

Continue reading

Hackers hit accountancy firm Deloitte, stealing plans, emails and passwords


Global accountancy firm Deloitte -- known as one of the "big four" -- has been hit by a sophisticated hack. With echoes of the Equifax data breach and CCleaner hack, the cyberattack went undetected for months and results in confidential emails being accessed, as well as company plans, and the private information of high-profile, blue-chip clients.

Deloitte says that only a small number of its clients have been affected, but the size and importance of those that it deals with -- including US government departments -- means that even a limited number could have great impact. The firm is said to have discovered the hack in March, but it is possible that attackers gained access as long ago as October 2016.

Continue reading

Maintaining Windows 10 tops list of enterprise security challenges

Windows 10 finger

Keeping Windows up to date with the latest fixes is a major challenge for enterprise IT teams and can leave endpoints vulnerable, according to a new report.

The study from systems management company Adaptiva reveals that 59 percent of companies take up to a month or longer to complete Windows OS updates.

Continue reading

Symantec: We're not smarter than cybercriminals

Boardroom security

One of the UK’s leading security experts has called for a major shake-up in the way businesses train their employees in online safety.

Symantec CTO Darren Thomson said that workers can effectively be an extra layer of protection for companies looking to prevent themselves falling victim to cyber-attack.

Continue reading

Warning issued: Russia tried to hack election systems in at least 21 US states and was successful in some


Russian hackers successfully compromised election systems in some states during the 2016 election. There have long been suggestions that Russia tried to influence the outcome of the Trump vs Clinton election, and now the Department of Homeland Security has informed 21 states that their systems were targeted.

This means that the DHS has concerns about almost half of the states of America, but so far only Illinois has been confirmed as having been successfully compromised.

Continue reading

Over one million phishing websites are created every month


Every month, almost 1.5 million new phishing websites are created. This is according to a new report by Webroot, showing just how big of an industry phishing really is.

The Webroot Quarterly Threat Trends Report says that 1.385 million new phishing sites are created every month. May was the busiest of them all, with 2.3 million sites created.

Continue reading

Americans see criminal hacking as the top threat to their health, safety and prosperity

laptop thief hacker

Hacking outranks other threats including climate change, nuclear power, hazardous waste, and government surveillance in Americans' perceptions according to a new survey.

The study by cyber security company ESET asked randomly selected adults to rate their risk perception of 15 different hazards. Six of the hazards were cyber-related while the rest were other forms of technology hazard.

Continue reading

Two billion data records were stolen or lost in 2017 so far

open digital lock

Almost two billion data records were either lost or stolen in the first half of this year, according to a new report by Gemalto.

The company found that 1.9 billion records were lost or stolen during the first half of 2017 -- more than in the whole of last year, and equivalent to 10,439,560 records per day -- or roughly 3,000 whilst you read these few sentences.

Continue reading

Security researchers warn that GO Keyboard is spying on millions of Android users

mobile spying

Security researchers from Adguard have issued a warning that the popular GO Keyboard app is spying on users. Produced by Chinese developers GOMO Dev Team, GO Keyboard was found to be transmitting personal information about users back to remote servers, as well as "using a prohibited technique to download dangerous executable code."

Adguard made the discovery while conducting research into the traffic consumption and unwanted behavior of various Android keyboards. The AdGuard for Android app makes it possible to see exactly what traffic an app is generating, and it showed that GO Keyboard was making worrying connections, making use of trackers, and sharing personal information.

Continue reading

WhatsApp refused to add a backdoor for the UK government


The UK government has made no secret of its dislike of encrypted messaging tools, and it has made frequent reference to the problems WhatsApp causes it with regard to investigations into terrorism. Calls have been made by the government to force companies to allow access to encrypted content when asked.

In the wake of Theresa May's "more needs to be done about extremist content" speech, it has emerged that WhatsApp refused to add a backdoor that would allow the government and law enforcement agencies to access private conversations.

Continue reading

GNOME partners with Purism on Librem 5 Linux-based privacy-focused smartphone


The Librem 5 smartphone by Purism has a long and difficult road ahead of it. Competing against the likes of Apple and Google on the mobile market has proven to be a death sentence for many platforms -- including Microsoft with its failed Windows 10 Mobile. With that said, I am rooting for Purism and its Pure OS, as the world would benefit from a device that uses Linux and focuses on both privacy and security. Such an alternative to iPhone and Android would be a breath of fresh air.

Luckily, Purism has found itself a new partner on this project -- one of the most important organizations in the Linux community -- The GNOME Foundation. Yes, the maker of the absolute best desktop environment is offering to assist with the Librem 5 -- if it is successfully crowdfunded, that is. To date, it is only about 33-percent funded, although there is still more than a month to go.

Continue reading

New security platform uses live attacks to evaluate risk

Risk dial

One of the hardest things for security teams to do is accurately evaluate the level of risk that their organization is facing.

Cyber security firm Nehemiah Security is launching the latest version of its AtomicEye RQ (Risk Quantifier) platform that can calculate a system's exploitability and generate comprehensive risk reports.

Continue reading

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.