Articles about Security

Windows 10 has a dangerous print spooler bug, and there is no fix

Colorful Microsoft logo

An unpatched vulnerability in the Windows Print Spooler exists that could be exploited by an attacker to run malicious software with elevated system privileges.

The issue affects Windows 7, Windows 8.x, Windows 10 as well as versions of Windows Server. It is being tracked as CVE-2020-1048 and CVE-2020-1337 and has a severity rating of "Important". Despite having been acknowledged by Microsoft back in May, a working patch is yet to be rolled out.

Continue reading

Emotet returns to top the malware charts after a five month break

Malware spy

Following a five month absence, Emotet has returned to number one spot in the malware charts in the latest Global Threat Index for July from Check Point Research.

Since February 2020, Emotet's activities -- primarily sending waves of malspam campaigns -- started to slow down and eventually stopped, until re-emerging in July. This pattern echoes 2019 when the Emotet botnet ceased activity during the summer months but resumed in September.

Continue reading

Attackers bypass multi-factor authentication to hijack email accounts

Malicious email

Researchers at Abnormal Security have detected an increase in business email compromise attacks that successfully compromise email accounts despite the use of multi-factor authentication (MFA) and Conditional Access.

This is possible because legacy email protocols, including IMAP, SMTP, MAPI and POP, don't support MFA. In addition many common applications -- such as those used by mobile email clients (for example, iOS Mail for iOS 10 and older) -- don't support modern authentication.

Continue reading

94 percent of businesses hit by cyberattacks in the last year

Cyber attack

Cyber exposure company Tenable has published a global industry study, carried out by Forrester Consulting, that reveals the vast majority of organizations (94 percent) have experienced a business-impacting cyberattack in the past 12 months.

Yet despite this only four out of 10 security leaders say they can answer the fundamental question, 'How secure, or at risk, are we?' with a high level of confidence.

Continue reading

Visits to high risk apps and websites increase 161 percent

endpoint security

There's been a huge shift to remote working this year, but new data shows that there has also been a 161 percent increase in visits to high-risk apps and websites as personal use of managed devices has nearly doubled.

The study from cloud security company Netskope finds that 64 percent of workers are now remote. Along with this increase in remote work has come an 80 percent increase in the use of collaboration apps as remote workers seek to remain connected with their colleagues

Continue reading

Enterprise IT staff spend one month a year managing identity and access

password on tablet

Anyone who's worked on a help desk or in tech support will know that a high percentage of requests relate to granting access to systems or resetting passwords.

In fact IT personnel expend a full month of work (21 days) each year on mundane identity and access management (IAM) tasks such as resetting passwords and tracking app usage, according to a study by password management company 1Password.

Continue reading

Malware attacks using machine identities continue to increase

Attack button

Malware attacks using machine identities doubled from 2018 to 2019 and have increased eight fold over the last decade.

New threat analysis from machine identity management company Venafi looks at security incidents and third-party reports in the public domain, including high-profile campaigns such as, TrickBot, Skidmap, Kerberods and CryptoSink.

Continue reading

Money (That's what email attackers want)

Cybercriminal with cash

A new report from email security and cyber resilience company Mimecast, released to coincide with this year's virtual Black Hat conference, reveals that threat actors are motivated by monetary gain more than stealing data or intellectual property.

It also finds that COVID-19 continues to be a major theme in current attacks, especially in certain sectors, and that opportunistic and malware-based campaigns are being launched at volumes never seen before, with manufacturing, retail/wholesale, finance/insurance, and media and publishing being the hardest hit.

Continue reading

First time SOC staff frustrated by routine tasks

Frustrated computer user

Half of first-time security analysts working in Security Operations Centers (SOCs) plan to leave after just three months in the job, according to a study from SIRP Labs.

None of them plan to remain in their current role for longer than 18 months, and of all the 250 security analysts interviewed nearly half (48 percent) are considering leaving their role, within 11 months. The average amount of time spent in the same post is just 30 months.

Continue reading

The Linux Foundation aims to improve open source software security

open source

Open source software has become commonplace in all sorts of environments. But its very nature means that those responsible for their users' or organization's security need to be able to understand and verify its security.

Today The Linux Foundation is announcing the formation of the Open Source Security Foundation (OpenSSF). This is a cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community with targeted initiatives and best practices.

Continue reading

New platform helps businesses make better security decisions

security meter

Businesses were already facing increasingly complex security environments thanks to cloud use and digital transformation projects, and with the advent of COVID-19 things have become more difficult still.

Breach and attack simulation specialist AttackIQ is launching its new Security Optimization Platform to equip cybersecurity leaders with better insights and help them make better decisions and improve business outcomes.

Continue reading

Mobile device use opens up businesses to extra risk

business mobile

Mobile devices have become an extension of our everyday lives, but if they are used to access business networks they could be exposing sensitive information to risk.

A new report from Gigamon reveals that most mobile devices run an average of 60-90 applications, facilitating access to email, SaaS-based solutions, cloud storage, social networks, games, news feeds and more.

Continue reading

Ancestry.com claims no harm from security vulnerability in Family Tree Maker

If you’re at all familiar with genealogy then you'll likely know both Ancestry and Family Tree Maker -- they an integral part of the pastime. Unfortunately, independent review site WizCase recently discovered an open and unencrypted ElasticSearch server that belonged to Software MacKiev, the owners of Family Tree Maker.

The leak exposed thousands of records including email addresses, user locations, and other sensitive personal information. FTM was owned by Ancestry.com until 2016 when Software MacKiev took it over, and the software is still used to upload databases to the Ancestry online trees.

Continue reading

How cybercrime impacts the charity sector [Q&A]

Charity Donation

Charities handle billions in funds every year and hold financial and personal information that cybercriminals increasingly see as a tempting target. Yet, according to the UK's Charity Commission only 58 percent of charities think they are at risk from cybercrime.

But for a sector, whose success is built on its reputation and the goodwill of its supporters, the loss of any sensitive information or fraud through phishing attempts can be devastating.

Continue reading

Huge BootHole flaw in GRUB2 bootloader leaves millions of Windows and Linux systems at risk from hackers

Grub

A serious vulnerability dubbed BootHole has been discovered in the GRUB2 bootloader. Millions of systems run the risk of being exposed to hackers -- primarily those running Linux, but Windows is also affected. Discovered by security researchers at Eclypsium, the BootHole vulnerability has been assigned CVE-2020-10713 ("GRUB2: crafted grub.cfg file can lead to arbitrary code execution during boot process") and a CVSS rating of 8.2.

The flaw can be exploited to gain arbitrary code execution during the boot process, even when Secure Boot is enabled and virtually all Linux distributions are affected. But more than this, the vulnerability also leaves Windows systems that make use of Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority open to attack.

Continue reading

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.