The healthcare industry accounted for 26 percent of security incidents in the second quarter of 2017 according to a new report.
The study from McAfee Labs sees healthcare surpass the public sector to report the greatest number of security incidents in Q2. The health, public, and education sectors combined comprised more than 50 percent of total incidents in 2016-2017 worldwide.
It has been quite some time -- nearly a year in fact -- since we were talking about the Dirty COW vulnerability affecting the Linux kernel. Now the vulnerability is back, but this time it is Android users who need to be concerned.
The privilege escalation vulnerability has been exploited by a piece of malware by the name of ZNIU, or AndroidOS_ZNIU. The malware uses the Dirty COW exploit to root devices and install a backdoor which can then be used to collect data and also generate profit for the attackers through a premium rate phone number.
Apple has only just released macOS High Sierra, but before the update was even out of the door, a 0-day vulnerability had been discovered. A flaw in the Mac keychain makes it possible for malicious applications to steal the contents of the keychain, including plaintext passwords. It affects not only High Sierra, but also older version of macOS.
The way keychain works means that it should not be possible for the keychain to be accessed without providing the master password, but the vulnerability bypasses this requirement. The problem was discovered and demonstrated by security researcher Patrick Wardle from Synack, who is also a former NSA hacker.
Five percent of all small and medium-sized companies in the entire world were victims of a ransomware attack in 2016 alone, with the money paid out to reclaim data reaching new highs, new research has revealed.
Datto's new State of the Channel Ransomware Report found that an estimated $301 million (£222 million) was paid to ransomware hackers from 2016-2017.
Global accountancy firm Deloitte -- known as one of the "big four" -- has been hit by a sophisticated hack. With echoes of the Equifax data breach and CCleaner hack, the cyberattack went undetected for months and results in confidential emails being accessed, as well as company plans, and the private information of high-profile, blue-chip clients.
Deloitte says that only a small number of its clients have been affected, but the size and importance of those that it deals with -- including US government departments -- means that even a limited number could have great impact. The firm is said to have discovered the hack in March, but it is possible that attackers gained access as long ago as October 2016.
Keeping Windows up to date with the latest fixes is a major challenge for enterprise IT teams and can leave endpoints vulnerable, according to a new report.
The study from systems management company Adaptiva reveals that 59 percent of companies take up to a month or longer to complete Windows OS updates.
One of the UK’s leading security experts has called for a major shake-up in the way businesses train their employees in online safety.
Symantec CTO Darren Thomson said that workers can effectively be an extra layer of protection for companies looking to prevent themselves falling victim to cyber-attack.
Warning issued: Russia tried to hack election systems in at least 21 US states and was successful in some
Russian hackers successfully compromised election systems in some states during the 2016 election. There have long been suggestions that Russia tried to influence the outcome of the Trump vs Clinton election, and now the Department of Homeland Security has informed 21 states that their systems were targeted.
This means that the DHS has concerns about almost half of the states of America, but so far only Illinois has been confirmed as having been successfully compromised.
Every month, almost 1.5 million new phishing websites are created. This is according to a new report by Webroot, showing just how big of an industry phishing really is.
The Webroot Quarterly Threat Trends Report says that 1.385 million new phishing sites are created every month. May was the busiest of them all, with 2.3 million sites created.
Hacking outranks other threats including climate change, nuclear power, hazardous waste, and government surveillance in Americans' perceptions according to a new survey.
The study by cyber security company ESET asked randomly selected adults to rate their risk perception of 15 different hazards. Six of the hazards were cyber-related while the rest were other forms of technology hazard.
Almost two billion data records were either lost or stolen in the first half of this year, according to a new report by Gemalto.
The company found that 1.9 billion records were lost or stolen during the first half of 2017 -- more than in the whole of last year, and equivalent to 10,439,560 records per day -- or roughly 3,000 whilst you read these few sentences.
Security researchers from Adguard have issued a warning that the popular GO Keyboard app is spying on users. Produced by Chinese developers GOMO Dev Team, GO Keyboard was found to be transmitting personal information about users back to remote servers, as well as "using a prohibited technique to download dangerous executable code."
Adguard made the discovery while conducting research into the traffic consumption and unwanted behavior of various Android keyboards. The AdGuard for Android app makes it possible to see exactly what traffic an app is generating, and it showed that GO Keyboard was making worrying connections, making use of trackers, and sharing personal information.
The UK government has made no secret of its dislike of encrypted messaging tools, and it has made frequent reference to the problems WhatsApp causes it with regard to investigations into terrorism. Calls have been made by the government to force companies to allow access to encrypted content when asked.
In the wake of Theresa May's "more needs to be done about extremist content" speech, it has emerged that WhatsApp refused to add a backdoor that would allow the government and law enforcement agencies to access private conversations.
The Librem 5 smartphone by Purism has a long and difficult road ahead of it. Competing against the likes of Apple and Google on the mobile market has proven to be a death sentence for many platforms -- including Microsoft with its failed Windows 10 Mobile. With that said, I am rooting for Purism and its Pure OS, as the world would benefit from a device that uses Linux and focuses on both privacy and security. Such an alternative to iPhone and Android would be a breath of fresh air.
Luckily, Purism has found itself a new partner on this project -- one of the most important organizations in the Linux community -- The GNOME Foundation. Yes, the maker of the absolute best desktop environment is offering to assist with the Librem 5 -- if it is successfully crowdfunded, that is. To date, it is only about 33-percent funded, although there is still more than a month to go.
One of the hardest things for security teams to do is accurately evaluate the level of risk that their organization is facing.
Cyber security firm Nehemiah Security is launching the latest version of its AtomicEye RQ (Risk Quantifier) platform that can calculate a system's exploitability and generate comprehensive risk reports.