The rapid growth in numbers of IoT devices has seen them become a favored attack route for cyber criminals. This has left companies looking for a way to integrate strong security into millions of devices.
To address this problem, security platform Mocana is launching a new developer kit that provides businesses, who may not have deep cybersecurity or cryptography expertise, with a way to simplify the integration of hardware-based security features into IoT devices.
With the right training and knowledge, many cyber attacks can be avoided. Addressing this human aspect of security is the idea behind a new platform from British start-up CybSafe.
Human error is a major cause of data breaches and security training needs to be able to positively change user behavior.
Businesses of all sizes are under increasing pressure to protect corporate email records and make them easily accessible for audits and legal discovery.
Data protection and recovery specialist Arcserve has acquired email archiving technology FastArchiver and is making it available through its Arcserve UDP solution portfolio. UDP Archiving efficiently stores archived on-premise, public or private cloud email in a location independent of the primary mail system.
This week South Korea takes the first steps towards becoming a coinless society as shoppers will be handed pre-paid cards instead of change in a country-wide trial. If the trial is successful, bank officials will allow change to be transferred straight into the shoppers' bank accounts by next year.
But a new report from global law firm Paul Hastings shows that security fears are preventing many British consumers embracing new payment technologies. The study of over 2,000 consumers finds 77 percent are worried about using new payment methods.
Malware is something of a recurring problem for Android users, and it seems as though Google is fighting a never-ending battle to keep the blight out of the Play Store. The latest large-scale batch to be discovered takes the form of adware known as FalseGuide.
As you may have guessed from the name -- and your own experience of Google Play -- this malware spreads by fooling people into installing apps purporting to be guides to popular games. The apps themselves are fairly innocuous -- and often are guides as they claim to be -- but they then download additional modules which can be used to bombard users with ads.
Cyber attacks are constantly evolving and consequently businesses are always seeking new ways of defending themselves. This is as much about understanding the nature of attacks as about preventing them.
One of the latest developments is the use of deception, employing camouflaged traps and tokens to throw the attackers off balance by detecting and understanding the nature of the attack and their plans.
Apps that come with open-source code are putting organizations at risk, according to a new report by Black Duck. As you might imagine, many companies are using apps with open-source code.
Black Duck’s Center for Open Source Research & Innovation analyzed 1,071 apps audited during 2016 and found that 96 percent of them had open source. Of those, more than 60 percent had open source security vulnerabilities.
Every eighth person in England has had their healthcare data breached. This is the conclusion of a new report just released by Accenture. Based on a poll of 1,000 people it says that more than half of those who experienced a data breach (56 percent), were in fact, victims of medical identity theft.
The report also says that these data breaches are fairly expensive, too. On average, more than three quarters (77 percent) have had to pay roughly £172 in out-of-pocket costs, per incident.
People are the biggest threat when it comes to enterprise cyber-security, not technology or processes. This is according to a new report by The Institute of Information Security Professionals (IISP), which says there are a couple of ways people are putting organizations at cyber risk.
The first, and most obvious one, is not being careful enough when opening links in emails, downloading attachments and visiting threat-carrying sites. The second one, less obvious, is the lack of technical skill. And finally, the third one, is the risk from senior business stakeholders making "poor critical decisions around strategy and budgets."
The Internet of Things is gaining in popularity just as many pundits have predicted for years. Having a connected home is easy and cost effective, thanks to devices like Amazon Echo, WeMo lights, and Nest thermostats. It really is an exciting time to be a tech-enthusiast consumer.
Unfortunately, while IoT is exciting, it can also be confusing and scary. Many devices do not work together due to fragmentation, and even worse, there can be security exploits that put the consumer's home network at risk. In other words, an internet connected refrigerator or webcam could be abused by hackers. Today, The Linux Foundation launches the open source EdgeX Foundry -- an attempt to unify and simplify the Internet of Things.
The cloud is a dynamic environment and the threats it faces are equally fluid, whether they're sophisticated cyber attacks or insider threats.
Cloud security company Lacework is launching a new tool called Polygraph that detects breaches, manages insider threats, delivers insights into workloads, and offers graphical investigation tools for public, private and hybrid cloud workloads.
Increasing workforce mobility and the shift of systems to as-a-service models has meant greater need for a reliable means of controlling access and identifying legitimate users.
Identity management specialist SailPoint is launching a new service called IdentityNow Access Request that provides a simple, mobile-ready interface for delivering a self-service access request process to employees, contractors, and business partners. It's aimed at improving IT efficiency and reducing the risk of inappropriate access by consistently enforcing organizational access policies.
WikiLeaks continues to release documents that reveal various hacking tools used by the CIA. After the HIVE revelations just over a week ago, the group has followed up with details of operations that were mentioned in the very first batch of Vault 7 leaks -- hacking Samsung televisions to listen in on people.
The documents suggest that the CIA's work is based on a tool developed by MI5 in the UK called Extending. The CIA went on to transform this into its own utility by the name of "Weeping Angel." WikiLeaks has published the guide to using the tool in a file marked "SECRET STRAP 2 UK EYES ONLY," and it describes how an implant is configured on a Linux PC before installing it on a target Samsung F Series smart TV.
The Internet of Things (IoT) has undergone an amazing transformation, from a pipe dream to a marketing buzzword, and now an impending reality. Recent estimates expect the number of Internet-connected devices to reach 26 billion by 2020, with some studies suggesting an even higher output.
With an exponential increase in devices communicating with us, other devices, and with the internet at large, how can anyone keep private information safe?
Many organizations don’t enforce proper security measures in their DevOps environments, putting both the company and the product at risk. This is according to a new report by Venafi looking into security practices among DevOps adopters.
Using the same passwords for multiple machines or not even bothering to secure communications between machines are some of the most common issues, usually among organizations in the middle of adopting DevOps practices.