Google has already used Cybersecurity Awareness Month to announced details of a new bug bounty program for Android apps, as well as a new Advanced Protection Program for G Suite users. Now the company has revealed that most web traffic in its Chrome web browser is protected by HTTPS.
The precise figures vary from platform to platform -- with ChromeOS and macOS faring the best -- but between 64 and 75 percent is now secured. Google humblebrags about the results of its mission to "secure the web, one site at a time," after opting to mark non-encrypted pages as being insecure.
UK companies are unprepared for potential cyber-attacks against their business, with major shortcomings in many areas of security, new research has said.
A report released today by PwC found that a worrying amount of British firms only have adequate security protection in place, or are unaware of how best to prepare against attacks.
Virtually every second global financial services organization was a victim of a data breach sometime in the past, according to a newly released Thales report.
The 2017 Thales Data Threat Report, Financial Edition, says 49 percent of financial services organizations suffered a breach, with a fifth (21 percent) being breached more than once. Nine in ten (90 percent) feel more vulnerable to such incidents.
As businesses of all sizes continue to put more and more of their data online, the need to ensure this information remains secure is more pressing than ever.
Microsoft has long been the preferred choice of partner for many companies, with its Microsoft 365 platform offering a comprehensive, and more importantly, secure way to ensure data stays protected. But just exactly what goes in to ensuring millions of enterprises can leave the office each evening feeling assured that their data is safe?
Security teams face ever larger and more complex amounts of data which can hinder their ability to defend against threats.
McAfee is introducing new solutions that make use of the automation, reasoning and data duration provided by advanced analytics technologies, allowing security teams to easily discover and assess data and root out threats.
Security researchers at CyberArk are reporting about a new technique that could be used to take control of Windows 10 devices.
Known as BoundHook, the technique takes advantage of the BOUND hooking technique in Intel MPX (Memory Protection Extensions). But while CyberArk says that it will "bring new capabilities to both software security vendors and malware writers," Microsoft is downplaying the issue, suggesting there is nothing to worry about.
According to the results of a new survey, the need for soft skills like communication and critical thinking has increased in the IT security sector.
Identity management company SailPoint is announcing enhancements to its open identity platform, designed to enable identity to be woven throughout the IT operations and security fabric of organizations.
IdentityIQ version 7.2 enables a unified approach to identity governance that shares identity information across all IT and security investments.
One of the undeniable highlights of Apple's iPhone X is Face ID -- the face recognition technology that makes it possible to unlock a phone with a glance. While exciting and impressive, many people have security and privacy concerns about the feature, and last month Senator Al Franken wrote to Apple asking a series of questions and outlining his worries.
Apple has now responded to Franken, just ahead of the launch of the iPhone X in a little over two weeks. The company points to a series of documents that have already been made public, but also goes on to provide some detail about how Face ID data is stored and used.
It seems to be Iran, and not Russia, who is behind last summer's cyber attack against the UK Parliament. At least that’s what The Times is reporting, and it’s backing its claims with "secret intelligence assessment."
If that truly is the case, this would be Iran’s first foray into cyber-warfare. When it comes to possible motives behind the attack, it’s all still in domain of speculation. From looking into UK’s interests to try it to make any concessions, to scouting for advantages in trade, to changing the direction of the nuclear deal.
Today’s adversaries are moving faster than ever before, and for organizations trying to protect themselves against advanced and evolving threats, speed is essential. But the reality is that security teams don’t necessarily have the time to manage and evaluate every single alert they receive while also completing their everyday tasks -- and even the most skilled teams are struggling to keep up.
Certain aspects of cybersecurity are just inherently slow, like copying and pasting information from one tool to another. And if security teams are focused on getting through these simple, repetitive, time consuming tasks, it’s no wonder they struggle to achieve the speed needed to outpace hackers. And, at worst, it can mean a threat falls through the cracks.
As part of Cybersecurity Awareness Month, Google has announced numerous security-related updates including revamped phishing protection. Now the company has also announced what it is referring to as its "strongest security, for those who need it most."
Aimed at protecting people who are most likely to find themselves the target of attacks -- Google suggests journalists and human rights workers as examples -- the new Advanced Protection Program is being made available to anyone who wants to use it. It will protect Gmail, Google Drive and YouTube data with a variety of measures including a physical authentication key.
A new survey of IT security professionals reveals that 92 percent of respondents say employees at their organizations try to access information that is not necessary for their day-to-day work.
The study from identity management company One Identity also shows that IT security professionals themselves are among the worst offenders for corporate data snooping. One in three respondents admit to having accessed sensitive information that is not necessary for their day-to-day work -- showing an ongoing abuse of elevated rights given to the IT security role.
Open source code helps software suppliers to be nimble and build products faster, but a new report reveals hidden software supply chain risks of open source that all software suppliers and IoT manufacturers should know about.
The recent Equifax breach for example exploited a vulnerability in a widely used open source web framework, Apache Struts, and the study by software monetization specialist Flexera points out that as much as 50 percent of code in commercial and IoT software products is open source.
Teen image sharing site We Heart It reveals historic security breach affecting over 8 million accounts
We Heart It -- the image sharing service used by at least 40 million teenagers -- suffered a "possible security breach" several years ago. The breach affects more than 8 million accounts that were created between 2008 and November 2013.
Although this is a historic data breach, in which information from the user account database was leaked, We Heart It was only notified about it on October 11. The company says that email addresses, usernames, and encrypted passwords were accessed, and it recommends that users now change their passwords as they are not secure.