Articles about Security

New authentication service spells the end for customer passwords


A new authentication service is completely password-free, needs no software or dedicated hardware on the customer's part and can be used across any channel or device.

Launched today by identity specialist Transmit Security, BindID allows users to authenticate and access their accounts using the embedded fingerprint or face scanner in their devices, or use their mobile device to securely and easily authenticate to other devices and channels that don't have an embedded biometric reader.

Continue reading

SaaS applications and what they mean for security management [Q&A]


The move to using SaaS applications has been accelerated by the pandemic, with many businesses turning to the cloud to enable their staff to work remotely.

But this raises new issues around keeping the business secure. We spoke to Shailesh Athalye, vice president of compliance at security and compliance platform Qualys to discover more about the issues and how to approach them.

Continue reading

Google funds two Linux kernel developers to focus on security

Linux kernel

Google and the Linux Foundation are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development.

Gustavo Silva and Nathan Chancellor will focus on maintaining and improving kernel security and associated initiatives in order to ensure the world's most pervasive open source software project is sustainable for decades to come.

Continue reading

How cybercrime has adapted to the pandemic

A new report from BlackBerry shows that as our digital habits have changed over the past year cybercriminals have become increasingly successful at finding and targeting vulnerable organizations.

The greater adoption of digital offerings has exposed companies to inadequate protections for employees and customers amongst an ever-growing and under-secured attack surface.

Continue reading

A quarter of people use work emails or passwords to login to other sites

Hacker typing username and password

Employees working from home on a company-provided computer are putting businesses at risk with one in four consumers admitting to using their work email or password to log in to consumer websites and apps such as food delivery, online shopping and even dating apps.

A new study from automation platform Ivanti surveyed 1,000 Americans working from home during the pandemic on a company-provided computer to examine how consumer and enterprise cybersecurity habits have changed.

Continue reading

Pandemic sees organizations of all sizes and industries invest in cyber threat intelligence (CTI)

After a year full of unknowns and new normals, knowledge is power. The spike in cyber breaches in the past year, compounded by COVID-related attacks, has only increased the importance of cyber threat intelligence (CTI) in the past year. The 2021 SANS Cyber Threat Intelligence survey, sponsored by ThreatQuotient, explores the state of play in the global use of CTI and outlines why the difficulties of the past year have contributed to the continued growth and maturity of CTI. 

The 2021 survey saw the number of respondents reporting they produce or consume intelligence rise by 7 percent, more notably, this was the first time the number of respondents without plans to consume or produce intelligence was 0 percent, down from 5.5 percent in 2020. Analyzed CTI helps organizations understand the capabilities, opportunities, and intent of adversaries conducting malicious cyber activities. In turn, this paints a picture about how threat actors are targeting an organization’s systems, information, and people. It is this contextual information that helps organizations and individuals respond to threats, understand risks, design better cyber defenses, and protect their organization. 

Continue reading

5 ways to talk about cybersecurity with anyone

Ever tried explaining cybersecurity to someone who isn’t tech-savvy? Just last year, my 67-year-old mother came to me in a fluster because her laptop was hijacked by a full-screen pop-up that looked like ransomware.

Thank goodness I figured out the problem before it got worse. But when you can’t be there 24/7, how do you help those around you understand basic cybersecurity principles so they can stay safe online?

Continue reading

New breed of cybercriminal breaches organizations then sells access

money exchange

Entrepreneurial cybercriminals are operating as middlemen by breaching as many companies as possible and then selling on access to the highest bidder rather than infiltrating systems themselves.

New research from Digital Shadows reveals that these 'Initial Access Brokers' are flourishing during the pandemic as employees increasingly log in to systems remotely.

Continue reading

Cloud misconfigurations take an average 25 days to fix

Weather cloud

On average it takes 25 days for companies to fix cloud infrastructure misconfigurations, according to a new report from cyber resilience specialist Accurics.

The research highlights security risks identified in cloud native environments. It shows that even organizations that establish a secure baseline when infrastructure is provisioned will experience 'drift' over time, when configuration changes occur in runtime, and these take an average of eight days to fix.

Continue reading

Final quarter of 2020 sees massive spike in ransomware

Ransomware sign

The last quarter of 2020 saw a 10,000 percent increase in ransomware activity according to a new report from managed security services provider Nuspire.

The company's latest Year in Review Threat Landscape Report -- sourced from its 90 billion traffic logs -- outlines new cybercriminal activity and tactics, techniques and procedures.

Continue reading

Digital forensics is the best offense and defense for cyber attacks

The majority of CEOs and COOs view digital forensics as an afterthought to cybersecurity. In the eyes of many business leaders, it is just a clean-up process for a data breach or cyber attack. But if you establish an effective digital forensics and incident response (DFIR) program, you can begin to use digital forensics as a tool for both recovery and prevention.

While cybersecurity and digital forensics work hand-in-hand, their close relationship can often obfuscate their individual objectives. For instance, cybersecurity’s main goal is to reduce an organization’s exposure to cyber attacks while also preventing their success. Cybersecurity has become even more important over the last decade and a half as industry leaders make the transition to digital applications. This is particularly true of the healthcare and automotive industries who have been lacking in their cybersecurity and forensic preparedness.

Continue reading

Executives' social media accounts put enterprises at risk

Executive social media

Information security often focuses on what's going on within the enterprise perimeter, but as businesses invest more in executive communication programs, there are risks which are sometimes overlooked.

According to a new survey from SafeGuard Cyber oversight of executive social media use is lacking, record-keeping is often manual, and the responsibility for risk management isn't clear.

Continue reading

New platform helps protect video conferencing sessions

video conference

As more work has moved online the security security issues surrounding collaboration and video conferencing applications have been thrown into the spotlight.

StrikeForce Technologies is launching a new desktop privacy protection suite called PrivacyLok, designed to address the problem by preventing unwanted applications from accessing sensitive data while protecting users from a range of threats.

Continue reading

SolarWinds-style email compromise attacks go mainstream

Malicious email

The supply chain attack involving SolarWinds software last year has caused ripples throughout the cybersecurity industry, not least because it went undetected for nine months.

The attack was able to bypass traditional email security by exploiting trusted communications routes between vendors and customers. A worrying new report from Abnormal Security shows that this technique is becoming a mainstream attack vector.

Continue reading

Emotional intelligence becoming key to CISO roles

Greater emphasis on emotional intelligence and other skills required to work with different stakeholders is placing new demands on Chief Information Security Officers (CISOs) according to a new study.

But it's also creating opportunities for CISOs to become leaders of their organizations, according to the report from cyber security provider F-Secure, in conjunction with Omnisperience.

Continue reading

© 1998-2021 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.