Articles about Security

Executives' social media accounts put enterprises at risk

Executive social media

Information security often focuses on what's going on within the enterprise perimeter, but as businesses invest more in executive communication programs, there are risks which are sometimes overlooked.

According to a new survey from SafeGuard Cyber oversight of executive social media use is lacking, record-keeping is often manual, and the responsibility for risk management isn't clear.

Continue reading

New platform helps protect video conferencing sessions

video conference

As more work has moved online the security security issues surrounding collaboration and video conferencing applications have been thrown into the spotlight.

StrikeForce Technologies is launching a new desktop privacy protection suite called PrivacyLok, designed to address the problem by preventing unwanted applications from accessing sensitive data while protecting users from a range of threats.

Continue reading

SolarWinds-style email compromise attacks go mainstream

Malicious email

The supply chain attack involving SolarWinds software last year has caused ripples throughout the cybersecurity industry, not least because it went undetected for nine months.

The attack was able to bypass traditional email security by exploiting trusted communications routes between vendors and customers. A worrying new report from Abnormal Security shows that this technique is becoming a mainstream attack vector.

Continue reading

Emotional intelligence becoming key to CISO roles

Emotional intelligence

Greater emphasis on emotional intelligence and other skills required to work with different stakeholders is placing new demands on Chief Information Security Officers (CISOs) according to a new study.

But it's also creating opportunities for CISOs to become leaders of their organizations, according to the report from cyber security provider F-Secure, in conjunction with Omnisperience.

Continue reading

Three-quarters of security analysts fear missing alerts

business fear

Almost 75 percent of security analysts are worried about missing out on alerts according to a new study carried out by IDC for FireEye.

The research, which surveyed 300 IT security managers and security analysts in the US, also shows that nearly half of the alerts security analysts receive are false positives, and almost a third get ignored.

Continue reading

Cybercriminals exploit remote working to launch targeted attacks

Attack button

The pandemic-driven shift to remote working has led cybercriminals to ditch many of their old tactics, and put a new emphasis on gathering intelligence and exploiting and preying on fears with targeted and sophisticated attacks.

The latest State of Malware report from Malwarebytes has found a major shift in the devices targeted and strategies deployed by cybercriminals.

Continue reading

Microsoft releases off-schedule KB5001028 update for Windows 10 to fix WPA3 flaw

Colorful Microsoft logo

Just days after the regular update release date of Patch Tuesday, Microsoft has released an out-of-band patch to address a problem with WPA3 connections in Windows 10.

The KB5001028 update is for Windows 10 version 1909, and it fixes a problem that caused blue screens and stop error 0x7E in nwifi.sys when using a WPA3 connection. Microsoft says that the problems arose after users installed the KB4598298 or KB4601315 updates.

Continue reading

Never send the wrong email attachment again

email attachment

Many of us will at some point have attached the wrong file to an email or sent an attachment to the wrong person.

This is more than an inconvenience as it could end up exposing sensitive data. But thanks to a new feature from Tessian you may never make an attachment error again.

Continue reading

Number of 2020 vulnerability disclosures set to overtake 2019

security flaw

Despite a sharp decrease of 19.2 percent observed earlier in the year, vulnerability disclosures in 2020 are expected to exceed 2019's level according to Risk Based Security.

The company's VulnDB team aggregated 23,269 vulnerabilities disclosed during 2020. Despite the initial disruption from COVID-19, the trend of total number of vulnerabilities suggests that business operations and routines have normalized as the gap has closed to 0.98 percent.

Continue reading

2020 sees ransomware increase by over 400 percent

ransomware laptop

A new study from cybersecurity company Deep Instinct, finds that last year malware increased by 358 percent overall and ransomware increased by 435 percent as compared with 2019.

The report which analyzes millions of attacks taking place across the year finds distribution of the Emotet malware skyrocketed by 4,000 percent, while malware threats attacking Android phones increased by 263 percent.

Continue reading

Poor SIEM configuration puts enterprises at risk

open digital lock

Enterprises invest billions annually on SIEM (Security Information and Event Management) software and expect this investment to result in comprehensive threat coverage.

But a new report from AI-powered threat coverage platform CardinalOps shows that on average SIEM deployment rules miss 84 percent of the techniques listed in MITRE ATT&CK.

Continue reading

Microsoft encourages Windows users to install essential fixes for serious TCP/IP vulnerabilities

Microsoft headquarters

Whenever Microsoft releases updates for Windows, the company is always keen for as many people as possible to get the patch installed. But with this month's Patch Tuesday bug fixes, the company is encouraging Windows users even more than usual.

Referring to two Critical security issues and one Important one, all affecting TCP/IP, Microsoft says that "it is essential that customers apply Windows updates to address these vulnerabilities as soon as possible". The CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094 vulnerabilities affect Windows 7 upwards.

Continue reading

Expert tips for Safer Internet Day

safety button

Today is Safer Internet Day, held annually to promote making the internet a safer and better place for all and particularly for children and younger users.

Industry experts have been keen to offer their their views and advice and we've put together a round up of some of the best.

Continue reading

One in four government organizations suffers accidental cloud leakage

rain cloud

Detecting and resolving data leakage is a top security challenge for public sector organizations with 24 percent suffering accidental leakage of cloud data.

The 2021 Cloud Data Security Report from Netwrix finds phishing (reported by 39 percent of organizations) to be the most common incident that government agencies experienced in the cloud, followed by accidental data leakage (24 percent) and targeted attacks on infrastructure (22 percent).

Continue reading

Privileged access is the Achilles heel of enterprise security

Admin login

Failure to automate control of physical accounts is a major weak point in enterprise security according to a study released by Thycotic.

Among the findings are that a significant number of enterprises (28 percent) only audit privileged access management (PAM) on a quarterly or annual basis.

Continue reading

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.