Articles about Security

Immutability: A boost to your security backup

As the volume of data continues to increase and the threat landscape continues to evolve, it is increasingly important for organizations to protect backup data from unwanted deletion. Threats today can take the form of a malicious insider deleting backup data or a targeted cyberattack on the backups themselves. Modern ransomware attacks often first seek out and destroy backups before moving on to encrypting production data. However, companies will benefit from implementing immutability, the act of making data writable but noneditable for a defined period of time, as part of their data protection arsenal to help avoid or recover from a loss of production data situation.

The rise in cyber incidents, which according to the Veeam Data Protection Trends Report 2023 is the leading cause of outages over the past three years, is bringing the need for immutability to the fore, particularly as most organizations reported having fallen victim to cyber incidents, on average, twice a year.

Continue reading

Microsoft releases KB5035845 update for Windows 10, with security fixes, new Windows share features and more

Hand holding Windows 10 logo

Windows 10 users have a new security update to install in the form of the KB5035845 update. In addition to addressing a number of security issues, this mandatory update also kills the Windows Backup app for many people and introduces various other changes.

One of the most interesting additions to be found in the KB5035845 update are improvements to Windows share. There are also fixes for various issues in Windows 10 including Windows Hello problems.

Continue reading

Microsoft releases KB5035853 security update for Windows 11 fixing 0x800F0922 error and more

Windows 11 on convertible laptop

Microsoft has released a new security update for Windows 11. KB5035853 is a mandatory update which not only addresses security issues, but also introduces changes to make Windows 11 compliant with new DMA legislation in Europe.

On top of this, the update fixes the 0x800F0922 error which many people started to experience back in February. The KB5035853 update also features various other changes and additions such as the arrival of support for the USB 80Gbps standard.

Continue reading

Meta adds a new label to show whether third-party WhatsApp chats are secure

Close-up of WhatsApp icon

New rules in Europe means that WhatsApp will have to offer interoperability with other messaging apps and platforms. This is something that Meta has already been talking about, having published its preference for third parties to use the Signal Protocol as the foundation for these E2EE communications.

Use of the Signal Protocol will not be a requirement for interoperability, but whatever protocol is used by a third-party messaging app or platform, it will need to show they offer "the same security guarantees as Signal". To communicate security to users, WhatsApp is introducing a new "end-to-end encrypted" label that will be added to secure chats.

Continue reading

Microsoft quietly extends the availability of Windows 11 22H2 updates

Windows 11 on convertible laptop

To little fanfare, Microsoft has announced that anyone choosing to stick with Windows 11 22H2 will be able to install optional updates for longer than previously planned.

Despite having started to forcibly upgrade some Windows 11 22H2 systems to Windows 11 23H2, Microsoft has had a change of heart about how it will handle updates for the older version of the operating system moving forward. The company had previously said that non-security updates would not be available after this month, but there's a new extended deadline in place now.

Continue reading

Ransomware resurgence: Tackling the new generation of cyber threats


Sadly, there has never been a better phrase than ‘survival of the fittest’ to describe cyber criminal groups. They are constantly refining their tactics to cause greater disruption and earn even bigger profits. The ransomware ecosystem is a resilient and lucrative business model, and attacks are causing huge pain for organizations.

Just look at the recent attack on the British Library. The attack rendered the British Library’s website inoperative, and it’s been reported the institution may have to spend £7 million to recover. The Rhysida group, who were responsible for the attack, disseminated hundreds of thousands of confidential documents on the internet, encompassing both customer and employee information.

Continue reading

Authy desktop apps for Windows, macOS, and Linux reach end-of-life: Here's what you need to know

There is some shocking and sad news that will impact Authy users globally. You see, Twilio has announced the end-of-life for its desktop applications on Windows, macOS, and Linux platforms, slated for March 19, 2024. This move highlights a change in the company's strategy, emphasizing the transition towards mobile-centric security solutions.

Authy has been a staple for users seeking an extra layer of security beyond traditional passwords. The desktop applications have provided a convenient way for users to manage their authentication tokens directly from their computers. However, with the upcoming discontinuation, Authy is urging its user base to migrate to its mobile applications.

Continue reading

Breaking Bitlocker: Watch Microsoft's Windows disk encryption being bypassed in just 43 seconds

Microsoft BitLocker is a full-disk encryption feature included in certain editions of Windows operating systems, designed to enhance the security of data stored on a computer or external drives. It serves as a crucial component of Microsoft's broader approach to data protection and aims to safeguard sensitive information against unauthorized access, particularly in scenarios where devices might be lost, stolen, or otherwise fall into the wrong hands.

BitLocker operates by encrypting the entire contents of a disk drive, including the operating system, system files, and user data. It uses a symmetric encryption algorithm, typically AES (Advanced Encryption Standard), to secure the data. To access the encrypted information, a user must provide a pre-boot authentication password or use additional authentication methods, such as a PIN or a USB key.

Continue reading

Quantum computing: The data security conundrum

One of the biggest challenges of digital technology today is around security systems and data. In response to this, sophisticated algorithms have been designed to encrypt data and protect it through frameworks known as symmetric cryptography. While this has proven successful, advancements in quantum computing -- which utilizes quantum mechanics to solve complex problems faster than conventional computers -- could potentially turn data security on its head.

IBM, Microsoft and Google have already turned their attention to quantum computing and, as a result, commercially viable quantum computers are not too far from becoming a reality. In fact the global quantum computing market size in terms of revenue was estimated to be USD 866 Million in 2023 and is poised to reach USD 4,375 Million by 2028, growing at a CAGR of 38.3 percent from 2023 to 2028. This is raising concerns that these computers might pose a threat to current public-key cryptography algorithms and potentially expose sensitive data. As such, data security needs to be a step ahead, with more advanced cryptographic algorithms that minimise potential risks and ensure the safeguarding of data in a quantum computing world.

Continue reading

Four reasons your agency's security infrastructure isn't agile enough

Part 1. In an ever-changing world, today’s organizations must have the technology in place to evolve along with it. In the government, agencies need to remain adaptive to achieve their missions in the face of policy changes, geopolitical conflict, and private sector advancements.

For years, enterprise teams have implemented agile software development methodologies to improve their ability to service their users rapidly and reliably; government agencies must follow suit. However, for organizations using or considering agile software development methodologies -- private or public sector -- the security architecture that protects their assets must be equally adaptable. 

Continue reading

0patch beats Microsoft to the punch and fixes serious EventLogCrasher vulnerability that affects every version of Windows

0patch

Just over a week ago, details emerged of a worrying 0day vulnerability affecting everything from Windows 7 to Windows 11, and Windows Server 2008 R2 to Windows Server 2022. The EventLogCrasher vulnerability allows a low-privileged attacker to disable Windows logging on all computers in a Windows domain and any local computer, thereby compromising intrusion detection and forensic capabilities.

Microsoft is yet to issue a fix for the problem, and this is concerning given not only the scale of the issue, but also the importance of the logging tool. As it has done before, micropatching firm 0patch has risen to the challenge and released a free patch which can be installed by everyone.

Continue reading

In a hybrid world, enterprises need 'always-on' endpoint management

Endpoint protection

In the era of hybrid work, endpoints act as the nerve center of business operations -- distributed across multiple locations and networks. While this has bolstered employee productivity and flexibility, the shift has also increased IT challenges, and the exposure to cyber threats targeting remote employees. As the workplace evolves, security must too. To minimize cyber risk and navigate compliance, it’s up to IT teams to intensively monitor, safeguard, and manage employee devices.

As the world of work continues to transform, IT departments are facing increasing demands, compounded by a shortage of skilled staff. They must find ways to boost their operational efficiency. In response, organizations are turning to always-on endpoint management. This approach ensures continuous oversight and control, which is vital as organizations shift to global digital workforces.

Continue reading

The steps municipalities can take to prepare for rising cyberattacks

Cyberattacks are on the rise across all industries, but the history of the public sector’s weaker protections makes it an increasingly attractive target for cybercriminals with costly consequences. IBM asserts the toll of each cybersecurity incident in the public sector averages a substantial $2.6 million. In addition, according to the 2023 Verizon DBIR, Public Administration was the leader in the total number of incidents and the total number of breaches last year.

Cyberattacks can have detrimental impacts on government agencies and officials. Municipal services such as water supply, emergency services, public transportation and waste management rely heavily on interconnected digital systems. Cyberattacks like ransomware can disrupt these services, causing inconvenience and potential safety issues for residents.

Continue reading

Securing the cloud: Lessons learned from 2023 and what it means for 2024

The global cloud computing market is expanding rapidly and reaching new milestones every year. According to recent data, the market is projected to grow from USD 626.4 billion in 2023 to USD 1,266.4 billion by 2028 at a Compound Annual Growth Rate (CAGR) of 15.1 percent during the forecasted period.

The industry's rapid financial growth is also driving new technological advancements. With this, the dynamic and innovative nature of cloud technology brings new security vulnerabilities and risks, thereby every year increasing the number of malicious incidents. According to the 2023 Thales Cloud Security Study, more than a third (39 percent) of businesses experienced a data breach in their cloud environment last year, an increase from the 35 percent reported in 2022. The leading targets for hackers were Software as a Service (SaaS) applications (38 percent) and cloud-based storage (36 percent).

Continue reading

Online casino security: How to protect your data

Security

The iGaming industry has made leaps and bounds since the days when online casinos were plagued by terrible graphics and slow interfaces. The massive growth in smartphone technology has filtered down to most major online industries and had an amazing effect on their quality. 

There are now countless online casinos to choose from and players have an ever-growing selection of games to choose from. However, the thrill of being able to gamble for real money comes with the ever-present risk of data breaches. Here's how to protect your data while still enjoying your favorite online casinos. 

Continue reading

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.