Articles about Security

Microsoft no longer supports Windows 10 version 1809, but the lovely folk at 0patch do

Protected by 0patch

It's only a week since Microsoft stopped supporting some older versions of Windows 10 -- specifically the Home and Pro editions of Windows 10 versions 1803, 1809 and 1909 -- but it won't be long before the effects are felt.

While Windows 10 version 1809 reaching "end of servicing" means there will be no more official patches and updates from Microsoft, the operating system will not be left completely unsupported. For anyone unwilling or unable to upgrade to a more recent build of Windows 10, micro-patch service 0patch has stepped up to the plate to lend a hand.

Continue reading

New operating system aims to simplify business security

A new technology agnostic and fully customizable security operating system that consolidates an organization's entire technology stack into a single pane of glass is being launched by managed security services company Nuspire.

Called myNuspire, it will give CISOs and security analysts a clear picture into the security program and posture of their organizations in real-time, together with on-demand threat intelligence capabilities.

Continue reading

Pandemic and SolarWinds highlight flaws in cybersecurity

Security breach lock

A survey of 300 security leaders in the US by Scale Venture Partners shows 94 percent say that C-level executives have a better understanding of cybersecurity risks than a year ago.

This is probably due to the twin impacts of the pandemic and the SolarWinds attack. Half say they will increase security budgets to address the impact of SolarWinds, while 40 percent have increased their cyber headcount during the pandemic.

Continue reading

Beyond Identity looks to a passwordless future

Login zero trust

The death of the password has been predicted for a long time, yet it remains the most common way of logging into systems.

Identity management company Beyond Identity is looking to solve what is one of the biggest challenges in IT security and aims to re-establish trust in authentication chains by finally eliminating passwords as the weakest link.

Continue reading

Get 'Cybersecurity Fundamentals -- Risks, Procedures, & Integration' ebook for free

The core of the Internet is getting weaker as we connect ever more of our lives -- phones, tablets, cars, refrigerators -- to it. Meanwhile, the attacks are getting stronger.

Cybercrime is a global pandemic. Cybersecurity is mainstream today because we’ve seen the repercussions personally, professionally and financially from not keeping our corporate and customer data secure.

Continue reading

Why the human factor is key to cybersecurity [Q&A]

endpoint security

There are many things to consider when it comes to making systems secure, but one thing that is often overlooked is the human angle.

George Finney, CISO, CEO and founder of Well Aware Security believes that cybersecurity is a people problem first and foremost -- people are the ones who write and employ processes and people are the ones who create and use technology. No surprise then that people are behind some 95 percent of cybersecurity incidents.

Continue reading

Most developers admit releasing vulnerable applications

A new study shows that 81 percent of development teams have knowingly pushed vulnerable code live, with 20 percent of senior managers even admitting to doing so often.

The report from Immersive Labs based on work by Osterman Research shows low confidence in application security in general, with only half of CISOs believing secure applications could be developed and just 44 percent of all security teams believing their company could withstand a SolarWinds style attack on their build environment.

Continue reading

New platform wants to simplify application security

Business security

The transition to agile development, the rise of microservices, and an increased reliance on cloud services for business operations due to the pandemic have all contributed to an explosion in software development and a dramatic reduction in software delivery time.

But as the speed and complexity of application development skyrockets, application security professionals increasingly find themselves unable to keep up. Silicon Valley startup ArmorCode has produced a next-generation application security solution that consolidates three key AppSec needs into a single intelligent platform and it's raised $3 million in seed financing to develop it further.

Continue reading

Virtual room technology delivers secure customer interactions for the finance sector

One of the problems the finance and banking sector has had during the pandemic has been reduced branch access and the inability to hold face-to-face meetings.

Identity specialist OneSpan has introduced a technology called Virtual Room. Using this, financial institutions and their customers can digitally review and sign documents together without having to combine multiple tools and apps.

Continue reading

COVID-19 leads to a year of cybersecurity challenges

covid cybercrime

Over the past 12 months, the COVID-19 pandemic has created the perfect environment for cybercrime to flourish, according to Verizon's 2021 Data Breach Investigations Report.

The report analyzed 29,207 quality incidents, of which 5,258 were confirmed breaches. With large numbers of people working remotely, phishing attacks increased by 11 percent, while attacks using ransomware rose by six percent.

Continue reading

Microsoft releases KB5003173 cumulative update for Windows 10 20H2 and 2004

Windows key on keyboard

Anyone running Windows 10 version 2004 or 20H2 has a new cumulative update to install in the form of KB5003173. The update takes Windows build numbers up to 19041.985 and 19042.985.

Cumulative updatse like this are rarely über-exciting, and KB5003173 is no different. Although Microsoft has not introduced any major changes with the update, the release remains an important security update, and it's a good idea to get it installed.

Continue reading

More than half of IT environments still contain WannaCry/NotPetya vulnerabilities

security flaw

A new report from cloud-native network detection and response company ExtraHop shows that on the fourth anniversary of the WannaCry attack a high percentage of IT environments are still running known vulnerabilities.

It shows the continuing use of ill-advised and insecure protocols, including Server Message Block version one (SMBv1), which was exploited by the WannaCry ransomware variant to encrypt nearly a quarter of a million machines worldwide, and is still found in 67 percent of environments.

Continue reading

Cloud misconfigurations make 90 percent of companies vulnerable

Broken umbrella in storm

A large majority of companies that move to multi-cloud environments are not properly configuring their cloud-based services according to a new report from Aqua Security.

Over 12 months, Aqua's research team analysed anonymised cloud infrastructure data from hundreds of organizations. These were divided into SMBs and enterprises based on the volume of cloud resources they scanned.

Continue reading

HP adds security by design for home and business users

HP is launching a newly integrated portfolio of secure by design PCs and printers, hardware-enforced endpoint security software, and endpoint security services to protect its customers from growing cyber threats.

The HP Wolf Security portfolio builds on the company's security research to offer a unified portfolio focused on delivering comprehensive endpoint protection and cyber-resiliency.

Continue reading

Nearly half of IoT projects don't test for software security

Internet of things

Despite the fact that third party code in IoT projects has grown 17 percent in the past five years, only 56 percent of OEMs have formal policies for testing security.

A report from security testing and software research company GrammaTech, based on findings from a VDC Research survey, reveals that this is despite 73.6 percent of respondents saying security is important, very important or critical.

Continue reading

© 1998-2021 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.