Articles about Security

Small security teams need to innovate to deal with threats

Business security

Companies with small security teams, generally SMEs, face a number of unique challenges which place them at greater risk than their larger enterprise counterparts.

This is among the findings of the 2021 CISO Survey of Small Cyber Security Teams from Cynet which also reveals that all of these companies are outsourcing at least some aspects of security threat mitigation in order to safeguard their IT assets.

Continue reading

Why the financial sector is especially vulnerable to cyberattacks [Q&A]

Piggy bank theft

There's a famous quote attributed to career criminal William Francis Sutton Jr., when asked why he robbed banks he is said to have replied, "Because that's where the money is."

For today's cybercriminals the motivation to make money is much the same, so the banking and financial services sector is a prime target. We spoke to Paul Prudhomme, cyber threat intelligence advisor at IntSights to find out more about the threats the industry faces and how they can be addressed.

Continue reading

81 percent of financially motivated attacks are ransomware

Ransomware sign

Ransomware made up 81 percent of all financially motivated cyberattacks in 2020, according to a new report from Atlas VPN.

The remainder of attacks comprised a variety of approaches including point-of-sale intrusions, eCommerce attacks, business email compromise, and cryptocurrency mining.

Continue reading

2021 set to be the year of the vaccine scammers

Vaccination

The roll out of vaccines is seen as the light at the end of the tunnel of the COVID-19 crisis, but like any major event it's also an opportunity for scammers and cybercriminals.

Deep learning-powered fraud prevention company Bolster has released a new report which finds that leading indicators foreshadow a raft of COVID-19 vaccine scams.

Continue reading

2020 saw fewer data breaches but more records exposed

data breach

The number of publicly reported breach events decreased by 48 percent in 2020. However, more than 37 billion records were compromised, an increase of 141 percent.

A report released today by Risk Based Security reveals that this is by far the most records exposed in a single year since the company began reporting in 2005.

Continue reading

Millions of Nitro PDF users' passwords exposed in leaked database

Data breach

It is a few months since Nitro PDF was hit by hackers in a huge data breach. While the stolen data was initially put up for sale, now it has been made available free of charge.

What this means is that a database containing over 77 million user records is now freely available for just about anyone to download. The database weighs in at around 14GB and includes not only names and email addresses, but also passwords.

Continue reading

Careless scammers leave stolen passwords exposed online

Hacker typing username and password

Hackers responsible for a large-scale phishing campaign unintentionally left over a thousand sets of stolen log-in credentials accessible to the public via a simple Google search.

The error was uncovered by researchers at Check Point. and Otorio. The stolen credentials were stored in designated web pages on compromised servers.

Continue reading

How market forces determine data value on the dark web

Lit up keyboard

We all know that following a data breach the stolen information is likely to turn up for sale on the dark web. But what's this information worth and how is its value arrived at?

Researchers at consumer website Comparitech have analyzed over 40 dark web marketplaces to find out how much credit card, Paypal, and SSN details are worth to cybercriminals.

Continue reading

Over a quarter of retail apps have serious security flaws

A side effect of the pandemic over the last year has been that online shopping has boomed. But a new study from Veracode reveals that 76 percent of apps in the retail and hospitality sector contain flaws, with 26 percent having high-severity issues that require urgent attention.

Compared to other industries, however, retail and hospitality ranks second-best for overall fix rate with half of flaws remediated in just 125 days, nearly one month faster than the next-fastest sector. While this may seem lengthy, half of flaws across all industries remain unfixed for much longer and some may never be fixed at all.

Continue reading

CISO priorities for 2021

As we move into 2021, CISOs continue to have to deal with securely connecting a remote workforce while addressing other pressing initiatives to protect their organization from an evolving range of threats.

Continuous compromise assessment company Lumu has produced an infographic based on a survey of cybersecurity leaders across North and Latin America looking at how they plan to prioritize their investments.

Continue reading

FreakOut malware targets Linux users by exploiting multiple vulnerabilities

FreakOut

Linux-based systems are generally touted for their high levels of security, but this does not mean that they are completely immune to threats. Illustrating this, security firm Check Point Software has shared details of a series of attacks based on the FreakOut malware.

The company says that the aim of the malware appears to be the creation of an IRC botnet which could be used to launch DDoS attacks, run crypto miners, and more. Linux users running certain products are being warned to get their systems patched as soon as possible to avoid problems.

Continue reading

Serious Windows 10 flaw could corrupt your hard drive if you open a folder

Scratching a hard drive

A security researcher has revealed details of a strange bug that could result in an NTFS hard drive becoming corrupt in Windows 10, as well as the unsupported Windows XP. What makes the bug so serious and unusual is that it can be triggered without the user having to open a file.

The bug -- which has been shown to have been around for three years or so -- can cause a hard drive to be corrupted if a user simply views the contents of a folder that includes a specially crafted file. Although Microsoft is aware of the issue affecting the $i30 NTFS attribute, a fix has yet to be produced.

Continue reading

Over half of organizations suffer malware incidents on remote devices

Hacking

According to a new report from mobile security specialist Wandera 52 percent of organizations experienced a malware incident on a remote device in 2020, up from 37 percent in 2019.

The report is based on captured data from Wandera's global network of 425 million sensors across both corporate-owned and BYOD assets, making it the world’s largest and most insightful mobile data set.

Continue reading

Over 22 billion records exposed in breaches in 2020

data breach

From January through October 2020 there have 730 publicly disclosed events resulting in over 22 billion records exposed worldwide according to a new report from Tenable's Security Response Team (SRT).

Of breaches analyzed 35 percent were linked to ransomware attacks, resulting in major financial cost, while 14 percent of breaches were the result of email compromises.

Continue reading

Why testing is vital to securing modern enterprises [Q&A]

penetration testing

Security testing has gained in visibility in recent years and can undoubtedly help improve the security posture of a business.

But cybercriminals frequently shift tactics and develop new ideas, so testers can’t afford to stand still and must keep up with and anticipate trends.

Continue reading

© 1998-2021 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.