Security

New research from NordVPN finds that people around the world generally have good security and privacy knowledge, but still indulge in bad habits.

NordVPN ranked 21 countries by their performance, placing Germans at the top and -- perhaps surprisingly -- the Japanese at the bottom.

Security has become slightly more difficult these days given that many people are now working at home and online. That’s just the beginning of the headaches for firms. 

SentiLink, a leading security company, is trying to fight back against identity fraud with a new ID Theft Scores program. This is designed to complement its Synthetic Scores that are already in place and used by used by many top financial institutions in the US. 

A new report from cybersecurity firm PC Matic finds that one year on from the start of the COVID-19 pandemic, nearly 35 percent of Americans are still working from home.

However, the study of more than 5,800 people across the US finds less than 10 percent of respondents are provided with an antivirus software solution for the personal device they use for work purposes.

With large numbers of new samples appearing every day the old signature-based methods of malware detection have become unwieldy.

AI can learn from millions of samples, but if it uses all samples for optimum detection that means slower learning and updates. The alternative is to use only select samples to keep up with the rate of change of malware, but this runs the risk of 'catastrophic forgetting ' of older patterns.

Over three-quarters of security awareness professionals are spending less than half their time on security awareness, according to a new report from SANS.

This underlines the fact that awareness training is often a part-time effort, commonly assigned to staff with highly technical backgrounds but who may lack the skills needed to effectively engage their workforce in simple-to-understand terms.

Threat data feeds can help enterprises strengthen their cybersecurity posture, according to a new report from Ponemon Institute, sponsored by IT services company Neustar.

A majority (79 percent) of the more than 1,000 security professionals taking part in the study say threat data feeds are essential to their organization's ability to achieve a strong cybersecurity posture, and 55 percent rate the quality of their threat feeds' ability to pinpoint cyberthreats as very high.

A new report looking at trends in DMARC adoption shows that while take up of the identity verification technology is increasing, three billion messages per day are still spoofing the sender's identity.

The study from Valimail shows that email remains a favourite attack route, implicated in over 90 percent of all cyberattacks with the pandemic providing a new focus.

The move to home working provided new opportunities for phisherfolk, but as many people start to return to their offices the attackers are pivoting to exploit that too.

A new report from email phishing protection specialist INKY shows attacks are capitalizing on vulnerability and the desire for accurate information about returning to the office in-person.

Although business IT has seen many changes over the last year, email remains the main vector for carrying out cyberattacks.

In its latest Global Security Report Zix looks at the trends in email attacks over the last year and the impact they have. We spoke to David Wagner, president and CEO of, Zix to find out more.

The past few months have seen plenty of news surrounding COVID-19 vaccines, from the buzz surrounding roll outs to fears of possible side effects.

As always with a major news event cybercriminals seek to exploit the opportunity it presents. Cloud-native email security company GreatHorn has identified a new pattern of techniques being used to exploit the unease of vulnerable email users by spoofing critical vaccine information.

Facebook is expanding support for physical security keys to mobile devices in order to help users secure their accounts.

The site already offers multi-factor authentication via SMS or authenticator apps, but adding support for hardware keys offers users another means of supplementing their passwords and keeping their accounts more secure.

Researchers at Cybereason have detected a new campaign targeting US taxpayers with documents that purport to contain tax-related content.

These deliver NetWire and Remcos -- two powerful and popular RATs which can allow attackers to take control of the victims' machines and steal sensitive information. The malicious documents used are roughly 7MB in size, which allows them to evade traditional AV mechanisms and heuristic detection.

New research from network detection and response company Vectra AI shows that 88 percent of companies have accelerated their cloud and digital transformation projects due to COVID-19.

But it also finds that 71 percent of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user's account, not just once, but on average seven times in the last year.

Cybercriminals are using more sophisticated ransomware tactics and more dangerous variants, like Ryuk, to earn an easy payday. This has seen a 62 percent increase globally and a 158 percent spike in North America since 2019.

The latest Cyber Threat Report from SonicWall highlights how COVID-19 has provided threat actors with opportunities for more powerful, aggressive and numerous attacks, thriving on the fear and uncertainty of remote and mobile work forces navigating corporate networks from home.

Microsoft Active Directory (AD) is used by 90 percent of enterprises as the primary source of trust for identity and access, but it's also exploited in many cyberattacks.

Since AD is rarely safeguarded effectively, attackers have come to depend on weak configurations to identify attack paths, access privileged credentials and get a foothold in target networks.