Articles about Security

North Korean leaders abandon western social media

North Korea keyboard

Chances are you're not currently friends with Kim Jong Un on Facebook. And it's not likely to happen any time soon according to researchers at Recorded Future who have been looking at the internet usage patterns of North Korea's leaders.

In July last year they found that the country's ruling elite were plugged into contemporary internet society, were technologically savvy, and had patterns of internet use that were very similar to users in the West.

Continue reading

Security flaw could allow hackers to create hotel master keys

Hotel lock

Most hotel chains these days rely on some sort of electronic key card mechanism rather than more traditional locks.

Researchers at F-Secure have found that hotels worldwide are using an electronic lock system with a flaw that could be exploited by an attacker to gain access to any room in the building.

Continue reading

Endpoints still vulnerable despite advances in protection technology

Endpoint protection

Although endpoint security solutions have improved, a new survey of IT security professionals finds that three quarters believe their existing anti-malware solutions would be able to prevent no more than 70 percent of infections.

The study from anti-evasion specialist Minerva Labs shows nearly half of the respondents surveyed (48 percent) say that they have seen about the same number of malware infections than previous years while 32 percent claim to have seen an increase in infections.

Continue reading

90 percent of malware given unhelpful labels by AV tools

virus label

According to a new study, 90 percent of malicious files are given generic labels by AV tools, such as 'trojan.generic', providing limited guidance for successful remediation and leaving enterprises exposed to subsequent attacks resulting from compromised credentials.

The study by breach protection specialist Lastline analyzed tens of millions of samples that were for the most part scanned and released by other security solutions.

Continue reading

Online banking security improves but only a third are free of critical vulnerabilities

Bank card security

The percentage of critical vulnerabilities in online banking systems is falling, but two thirds still contain at least one critical vulnerability according to a new report.

Enterprise security specialist Positive Technologies has released its Financial Application Vulnerabilities Report, drawn from audits performed by the company.

Continue reading

Martin Lewis suing Facebook over fake ads

Facebook icon on iPhone 8

We reported just over a week ago that fake ads promoting cryptocurrency scams were using the names of leading UK business figures.

Now one of those whose names has been featured, consumer advice expert Martin Lewis, is suing Facebook for defamation over the use of his face and name.

Continue reading

Google's Project Zero reveals security flaw in Windows 10 S after Microsoft fails to fix it

Windows 10 S logo

Details of a security flaw in Windows 10 S have been revealed by Google's Project Zero after Microsoft failed to issue a patch within the 90-day disclosure deadline.

The "WLDP CLSID policy .NET COM Instantiation UMCI Bypass" vulnerability is described as being of medium severity, and it allows for the execution of arbitrary code on systems with Device Guard enabled.

Continue reading

Cybercrime revenues hit $1.5 trillion a year

bag of money

We reported earlier this month on the ways in which cyber criminals spend their ill-gotten gains.

The company behind those findings, Bromium, has now released more details from its research, which exposes a huge cybercrime-based economy and the professionalization of cybercrime.

Continue reading

Cyber attacks could cause catastrophic failure say 70 percent of energy security pros

Cooling towers

A new study looking at industrial control systems (ICS) security in the energy industry reveals a majority of respondents are worried about potentially catastrophic effects from a successful cyber attack.

The study carried out for security and compliance specialist Tripwire by Dimensional Research included 151 IT and operational technology (OT) security professionals at energy and oil and gas companies.

Continue reading

TaskRabbit returns after security breach and reveals 'personally identifiable information' was exposed

TaskRabbit

The CEO of TaskRabbit has informed users that "certain personally identifiable information may have been compromised" in a security incident that saw the website and app taken offline earlier in the week.

TaskRabbit -- a service that puts "taskers" in touch with people who need help with jobs around the home -- is now back online, and the company is now on a damage limitation exercise, issuing a statement in the name of "trust, openness, and transparency". Stacy Brown-Philpot says that an investigation is still underway to determine what happened, but explains that "preliminary evidence shows that an unauthorized user gained access to our systems".

Continue reading

Honeypot project reveals attackers are turning to automation

Honeypot

Most businesses are seeking to automate the more tedious aspects of their operations and some new research from security analytics platform Cybereason reveals that hackers are no exception.

The company set up a honeypot system masquerading as a financial services company and introduced security flaws in several stages.

Continue reading

Microsoft brings Windows Defender Browser Protection extension to Google Chrome

Microsoft sign on building

Recognizing that comparatively few people are using its Edge browser, Microsoft has released a new security tool for those who have opted to use Google Chrome -- the Windows Defender Browser Protection extension.

The add-on offers real-time protection against a variety of online threats such as phishing attacks and malicious websites. As these security options are already available in Chrome, it's not clear quite who the extension is aimed at.

Continue reading

Fake Chrome ad blockers used to create botnets

Ad blocker

More than 20 million Chrome users have been tricked into installing fake ad blockers that could see their machines recruited into a botnet, according to a new report.

A fake AdBlock Plus extension fooled many users last year. As many Chrome users discover ad blocking by browsing available extensions, so creating cloned fakes has become a popular tactic for cyber criminals according to AdGuard.

Continue reading

Password manager RememBear exits beta with official launch

RememBear

After around six months in beta -- and two years in the making -- the team behind the TunnelBear VPN tool has officially launched its password manager, RememBear.

Vying for attention in an already somewhat crowded marketplace, RememBear takes a leaf out of TunnelBear's book, and concentrates on offering functionality that's simple to use. There's also the same quirky use of animations throughout, but this should not distract from the fact that this is a powerful and secure place to store passwords.

Continue reading

Microsoft, Facebook and Symantec are among 34 companies pledging not to help governments launch cyberattacks

Man and woman shaking hands

More than 30 technology companies have signed the Cybersecurity Tech Accord, making a number of pledges relating to cyberattacks. Microsoft, Facebook, Dell, HP and LinkedIn are just a few of the companies signing on the dotted line, promising -- among other things -- never to help a government launch cyberattacks against innocent citizens and enterprises.

The overall aim of the accord is to protect customers against malicious attacks by cybercriminal enterprises and nation-states. It is described as a "watershed agreement", and it sees a number of very big names coming together -- although there are a few notable exceptions.

Continue reading

© 1998-2018 BetaNews, Inc. All Rights Reserved. Privacy Policy.