Articles about Security

How the dark web creates a fraud pandemic

Hackers laptops

The statistics continue to chill. Two point three million estimated fraud victims in the UK alone in 2015 according to the ONS. 173,000 confirmed reports of identity theft amongst CiFas members (largely utilities and finance companies) in 2015.

From a consumer perspective the chances are that over a period of three to four years you are now more likely than not to be a victim of a successful fraudulent act of some kind.

Continue reading

CIA's internal hacking tools rival those of the NSA

central intelligence agency website cia

Debate and discourse around WikiLeaks’ announcement about a series of leaks from the CIA continue unabated. Codenamed "Vault 7," WikiLeaks claims this is the largest classified information leak to have come from the CIA to date. Added to that, only one percent of documents have been made public so far.

From the leaked documents it’s become clear that the CIA has created its own internal hacking capabilities to rival that of the NSA. It may be more tactical than strategic -- but with exploit sets including Android, IoS, Samsung TVs, Linux, Mac, zero day attacks and more, it could certainly give the NSA a run for its money.

Continue reading

European information security execs face major challenge from insider threats

Insider threat

New research shows that 35 percent of employees across the UK, France, Germany and Italy admit to have been involved in a security breach.

This presents CISOs with a significant challenge when it comes to protecting company data, particularly in light of the forthcoming European General Data Protection Regulation (GDPR) which comes into effect in early 2018.

Continue reading

Microsoft's Docs.com search feature leaks sensitive files

microsoft-logo-magnifying-glass

Users of Microsoft's Docs.com website took to Twitter to complain after files marked as private were made public by the sites' search function.

In response, Microsoft pulled the search feature from the site, but it is now back up and running. Even during the time it was not possible to search the site directly, Google and Bing searches could still be conducted to reveal social security numbers, job applications, contact details, and other private information.

Continue reading

Encrypted messaging service WhatsApp criticized as 'a secret place to hide' for terrorists

whatsapp-phone-logo

WhatsApp has been criticized for failing to help police following the revelation that Khalid Masood used the encrypted messaging service shortly before running down numerous people and stabbing a policeman to death in London last week.

The UK home secretary Amber Rudd spoke out over the weekend, saying that police and other agencies should be granted access to encrypted messages with a view to countering future terrorist attacks. Later this week, Rudd is due to meet with technology leaders to talk about how the government should be able to access messages protected by end-to-end encryption -- something already dropped from the controversial snooper's charter.

Continue reading

Three-quarters of organizations not confident in dealing with SSL-based attacks

steal-data-binary-hand

Despite 39 percent of businesses suffering an SSL-based attack in 2016, only 25 percent feel confident in their ability to deal with one according to a new study.

The report from cyber security company Radware shows that cyber attacks are becoming the norm, with 98 percent of organizations experiencing some form of attack in 2016.

Continue reading

Uncovering the cost and profitability of DDoS attacks

DDoS keyboard

DDoS attacks are a popular cyber criminal technique, used either to cause a distraction for a different crime or demand a ransom for calling off or not launching an attack.

New research from Kaspersky Lab reveals how profitable this activity can be. Researchers studied the DDoS services on offer on the black market and looked at how far the illegal business has advanced, as well as the extent of its popularity and profitability.

Continue reading

Instagram ups security with two-factor authentication

instagram-logo

Just about every app and online service offer two-factor authentication (2FA) as a security measure these days, and Instagram is the latest to join the party.

After numerous instances of hacking for other services, it's little surprise that Instagram wants to offer its users an extra level of protection. Once enabled, users are required to enter a six-digit code that is sent to their mobile via SMS, greatly eliminating the risk of unauthorized access.

Continue reading

Apple says it has already fixed CIA's Mac and iPhone hacks revealed by WikiLeaks

apple-logo

Yesterday WikiLeaks published the second batch of its Vault 7 documents, Dark Matter, revealing information about Apple-related hacks used by the CIA. This time around, the documents focus on hacks for MacBooks and iPhones, and comes two weeks after the initial batch of documents came to light.

Apple previously said that it had addressed "many of the issues" from the first Vault 7 leaks, and now the company has said much the same regarding the second batch. Despite promises from Julian Assange, it seems that WikiLeaks has not been in contact with Apple to provide further details about the exposed vulnerabilities.

Continue reading

WikiLeaks' Dark Matter documents reveal CIA hacks for Macs and iPhones

wikileaks-dark-matter

It's only a couple of weeks since WikiLeaks unleashed the first batch of its Vault 7 CIA documents, revealing the agency's spying and hacking capabilities. Now the organization has released a second cache of files dubbed Dark Matter, and they show that the CIA has developed tools for hacking Apple products.

Bold and exciting names like Sonic Screwdriver, DerStarke, Triton and DarkSeaSkies are the monikers given to attack the firmware of MacBooks and iPhones. What's particularly interesting about the documents is that they appear to show that the CIA had the ability to exploit Apple hardware and software a full decade ago.

Continue reading

eBay now recommends mobile over token-based two-factor authentication -- should you switch?

ebay

Two factor authentication strikes the right balance between convenience and security, which is why so many services offer it nowadays. But its implementation differs. Many companies have SMS or app-based systems, others prefer tokens, and some offer both as an option.

eBay falls in the third category, allowing users to receive the security code for the second authentication stage via SMS or a token. However, the company is now recommending users switch to the former method, touting its convenience as the main reason to abandon the token. But, should you take the advice?

Continue reading

New generation of cyber highwaymen could threaten parcel drones

ParcelHero pirate drone

Robbing the mail has a long and dishonorable history dating back to the days of the stagecoach. But UK-based online parcel broker ParcelHero is warning that automated delivery drones and droids could see the rise of a new breed of high-tech highwaymen.

The development of devices that alter the drone or droid's instructions, or simply stop them dead, is seen as inevitable. With UK online retail sales now worth more than £130 billion a year, if deliveries are to become largely automated and just one percent of items are waylaid using new technology, that's over £1bn of goods stolen a year.

Continue reading

Apple: iCloud is safe, but your passwords may not be

apple_store_front

A group of hackers that goes by the name Turkish Crime Family, claims to have access to hundreds of millions of iCloud accounts, and it wants Apple to pay $75,000 in Bitcoin or Ethereum or $100,000 in iTunes gift cards to delete the compromised credentials.

This may lead one to believe that the collective has managed to hack iCloud, but according to Apple there "have not been any breaches" in any of its systems. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services."

Continue reading

New platform protects industrial IoT devices

Internet of Things

Internet of Things devices are the latest threat vector that businesses have to deal with, introducing a potential extra weakness into corporate networks and leading experts to warn of increased risk.

To help guard against the threat, Mocana Corporation is introducing a new security platform designed to protect IoT devices and associated device-to-cloud communications.

Continue reading

71 percent of Android phones on major US carriers have out of date security patches

Android logo phone

Slow patching of security flaws is leaving many US mobile users at risk of falling victim to data breaches according to the findings of a new report.

The study from mobile defense specialist Skycure analyzed patch updates among the five leading wireless carriers in the US and finds that 71 percent of mobile devices still run on security patches more than two months old.

Continue reading

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.