Articles about Security

Security providers should consider offering DDoS protection as a service

ddos_attack

Need a new business idea? How about you start offering DDoS protection as a service? What, you think it wouldn't work? Think again. A new report by Corero Network Security says it could work out nicely.

Out of its respondents, 82 percent see a "clear business opportunity" in providing DDoS protection as a service to its customers. Also, 93 percent see providing DDoS mitigation in relation to other types of security services as "high priority." This is up 10 percent compared to last year.

Continue reading

US may extend laptop ban to all international flights

no-laptops

The US is considering extending its laptop ban to all international flights to and from the country. Speaking on Fox News Sunday this weekend, Homeland Security Secretary John Kelly said there was a "sophisticated" terrorist threat which could see and expansion of the ban on devices larger than smartphones.

Back in March, citing a threat from terrorists "smuggling explosive devices in various consumer items," the Trump administration introduced an electronics ban on flights from a number of countries. If the ban was to be expanded, there would likely be a backlash from the increased number of people no longer able to take their laptops on flights as carry-on items.

Continue reading

Microsoft, Google, Facebook and others write to House of Representatives asking for reform of NSA surveillance

USA Freedom Act is blocked but NSA will stop phone data collection anyway

A letter signed by more than 30 major technology companies has been sent to the House Judiciary Committee calling for a number of key changes to be made to NSA surveillance. The letter, signed by the likes of Facebook, Twitter, Google and Mozilla, asks lawmakers to make a number of considerations when reforming Section 702 of the FISA Amendments Act.

The signatories refer to themselves as "U.S.-based companies that provide consumer and business technology, products, and services around the world through the use of electronic data." Their letter is timed to coincide with debate about the reform of Section 702 which is used to justify NSA surveillance programs, and is due to expire at the end of the year. There are calls for increased transparency and controls, as well as the suggestion that surveillance should be reined in.

Continue reading

WannaCry was most Americans’ first experience of ransomware

Ransomware

Although ransomware in some form has been around since 2005, a new survey of 5,000 US consumers reveals that for 57 percent the recent WannaCry attack was their first exposure to how it works.

The study by endpoint security company Carbon Black also shows that seven out of 10 consumers would consider leaving a business if it were hit by ransomware.

Continue reading

Dynamically generated whitelists help stop hackers

endpoint protection

Whitelists have traditionally been used as a way of limiting what users can do, but they're time consuming to maintain and keep up to date.

Florida-based Terra Privacy is addressing this with a system where destinations are continually inserted and removed from the whitelist in real-time, in concert with the user's activities.

Continue reading

XData ransomware starts wreaking havoc

Ransomware

The dust hasn’t even settled around WannaCry, another ransomware appears. This one was detected by ESET and identified as Win32/Filecoder.AESNI.C.

Security researchers dubbed it XData ransomware. It appears mostly in Ukraine (96 percent of cases). The outbreak seems to have started on May 17, reaching its peak on May 19.

Continue reading

Most UK businesses feel vulnerable to cyber threats, despite increased security spending

Hidden threat

According to Thales' new report almost two thirds (63 percent) of businesses in the UK increased their cyber security spending this year, which is a jump from last year's 54 percent.

However, despite this, 43 percent were breached last year (Thales fails to mention the percentage difference compared to a year earlier, though). More than four fifths (84 percent) still feel vulnerable to threats, with 20 percent feeling "very" or "extremely" vulnerable.

Continue reading

Microsoft buys cybersecurity startup Hexadite

microsoft-cloud

Microsoft is rumored to have acquired Israeli cybersecurity startup Hexadite in a deal worth around $100 million.

The startup was founded in 2014 and its primary focus is identifying cyberattacks through the use of artificial intelligence (AI). By connecting a number of cybersecurity detection systems that are already in place, Hexadite then uses AI to analyze threats automatically as they present themselves.

Continue reading

83 percent of security staff waste time fixing other IT problems

desktop support

A new survey of security professionals reveals that 83 percent say colleagues in other departments turn to them to fix personal computer problems.

The study by security management company FireMon shows a further 80 percent say this is taking up more than an hour of their working week, which in a year could equate to more than $88,000.

Continue reading

Samsung says Galaxy S8 iris scanner hack is 'difficult' to pull off

GALAXYS8_thumb_62fd

Biometric authentication may be more convenient than a PIN or password, but it is not as secure as you might be lead to believe. The iris scanner on the Galaxy S8 can be defeated with a photo and contact lens, despite Samsung's claims that it offers "airtight security" and provides "one of the safest ways to keep your phone locked and the contents private."

If this has you worried, Samsung says that it is "difficult for the whole scenario to happen in reality," even though the hack "appears simple." The company believes that having the right tools in the first place can prove to be problematic for anyone attempting to defeat the iris scanner.

Continue reading

Samba vulnerability could lead to the next WannaCry

freak_security_vulnerability

A security vulnerability in the popular Samba networking utility could leave unpatched machines open to an attack similar to WannaCry. A single line of code is all that’s needed to exploit the vulnerability, but it is reliant on a number of prerequisites.

The vulnerability has been assigned the ID CVE-2017-7494 and is described as "remote code execution from a writable share" which could allow "malicious clients [to] upload and cause the smbd server to execute a shared library from a writable share." Security researchers say that the flaw is very easy to exploit, and tens of thousands of machines have been found to be running versions of Samba for which a patch does not exist.

Continue reading

Executives are the most at risk employees when leaving the office

Risk puzzle piece

Four in ten organizations in the US and Western Europe believe C-level executives are the most at risk of cyber attacks when working outside the office.

That's according to research by iPass, whose Mobile Security Report 2017 says that coffee shops and cafes are the riskiest venues (42 percent), followed by airports (30 percent), hotels (16 percent) exhibition centers (seven percent) and airplanes (four percent).

Continue reading

Media players expose users to hacker attacks via subtitles

hacker dark laptop room

Security researchers from Check Point have discovered a major vulnerability in popular media players, like VLC, Kodi and Popcorn Time, which leaves users vulnerable to hacker attacks via malicious subtitles. The security firm estimates that the number of potential victims is around 200 million.

Media players give users the option to load subtitles from repositories, which can be tricked by attackers to rank their altered subtitles higher. This leads to those malicious subtitles being recommended to the user. If they are loaded, attackers can gain control over "any device running them." Check Point notes that the "potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more."

Continue reading

Kaspersky launches Threat Intelligence Portal for businesses

Hidden security threat

Companies have to deal with an increasing number of cyber threats. To allow them to stay in touch with this ever evolving landscape they need up to date intelligence.

With the launch of its Threat Intelligence Portal, Kaspersky Lab is enabling security operation center operators to be able to work more efficiently while facing hundreds and thousands of threat alerts.

Continue reading

Samsung's Galaxy S8 iris scanner is easily defeatable

Samsung Galaxy S8 iris scanner defeated

If you want to secure your Samsung Galaxy S8, relying on the iris scanner to keep it locked is not the best idea. That's because it can be easily fooled using just a printed photo and a contact lens.

This reinforces the belief that biometric authentication is -- at least for now -- less secure than traditional options, like PINs and passwords, which have the advantage of not being tied to a physical trait that can be easily exploited by hackers, thieves or the authorities.

Continue reading

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.