Executives' social media accounts put enterprises at risk


Information security often focuses on what's going on within the enterprise perimeter, but as businesses invest more in executive communication programs, there are risks which are sometimes overlooked.
According to a new survey from SafeGuard Cyber oversight of executive social media use is lacking, record-keeping is often manual, and the responsibility for risk management isn't clear.
New platform helps protect video conferencing sessions


As more work has moved online the security security issues surrounding collaboration and video conferencing applications have been thrown into the spotlight.
StrikeForce Technologies is launching a new desktop privacy protection suite called PrivacyLok, designed to address the problem by preventing unwanted applications from accessing sensitive data while protecting users from a range of threats.
SolarWinds-style email compromise attacks go mainstream


The supply chain attack involving SolarWinds software last year has caused ripples throughout the cybersecurity industry, not least because it went undetected for nine months.
The attack was able to bypass traditional email security by exploiting trusted communications routes between vendors and customers. A worrying new report from Abnormal Security shows that this technique is becoming a mainstream attack vector.
Emotional intelligence becoming key to CISO roles


Greater emphasis on emotional intelligence and other skills required to work with different stakeholders is placing new demands on Chief Information Security Officers (CISOs) according to a new study.
But it's also creating opportunities for CISOs to become leaders of their organizations, according to the report from cyber security provider F-Secure, in conjunction with Omnisperience.
Three-quarters of security analysts fear missing alerts


Almost 75 percent of security analysts are worried about missing out on alerts according to a new study carried out by IDC for FireEye.
The research, which surveyed 300 IT security managers and security analysts in the US, also shows that nearly half of the alerts security analysts receive are false positives, and almost a third get ignored.
Cybercriminals exploit remote working to launch targeted attacks


The pandemic-driven shift to remote working has led cybercriminals to ditch many of their old tactics, and put a new emphasis on gathering intelligence and exploiting and preying on fears with targeted and sophisticated attacks.
The latest State of Malware report from Malwarebytes has found a major shift in the devices targeted and strategies deployed by cybercriminals.
Microsoft releases off-schedule KB5001028 update for Windows 10 to fix WPA3 flaw


Just days after the regular update release date of Patch Tuesday, Microsoft has released an out-of-band patch to address a problem with WPA3 connections in Windows 10.
The KB5001028 update is for Windows 10 version 1909, and it fixes a problem that caused blue screens and stop error 0x7E in nwifi.sys when using a WPA3 connection. Microsoft says that the problems arose after users installed the KB4598298 or KB4601315 updates.
Never send the wrong email attachment again


Many of us will at some point have attached the wrong file to an email or sent an attachment to the wrong person.
This is more than an inconvenience as it could end up exposing sensitive data. But thanks to a new feature from Tessian you may never make an attachment error again.
Number of 2020 vulnerability disclosures set to overtake 2019


Despite a sharp decrease of 19.2 percent observed earlier in the year, vulnerability disclosures in 2020 are expected to exceed 2019's level according to Risk Based Security.
The company's VulnDB team aggregated 23,269 vulnerabilities disclosed during 2020. Despite the initial disruption from COVID-19, the trend of total number of vulnerabilities suggests that business operations and routines have normalized as the gap has closed to 0.98 percent.
2020 sees ransomware increase by over 400 percent


A new study from cybersecurity company Deep Instinct, finds that last year malware increased by 358 percent overall and ransomware increased by 435 percent as compared with 2019.
The report which analyzes millions of attacks taking place across the year finds distribution of the Emotet malware skyrocketed by 4,000 percent, while malware threats attacking Android phones increased by 263 percent.
Poor SIEM configuration puts enterprises at risk


Enterprises invest billions annually on SIEM (Security Information and Event Management) software and expect this investment to result in comprehensive threat coverage.
But a new report from AI-powered threat coverage platform CardinalOps shows that on average SIEM deployment rules miss 84 percent of the techniques listed in MITRE ATT&CK.
Microsoft encourages Windows users to install essential fixes for serious TCP/IP vulnerabilities


Whenever Microsoft releases updates for Windows, the company is always keen for as many people as possible to get the patch installed. But with this month's Patch Tuesday bug fixes, the company is encouraging Windows users even more than usual.
Referring to two Critical security issues and one Important one, all affecting TCP/IP, Microsoft says that "it is essential that customers apply Windows updates to address these vulnerabilities as soon as possible". The CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094 vulnerabilities affect Windows 7 upwards.
Expert tips for Safer Internet Day


Today is Safer Internet Day, held annually to promote making the internet a safer and better place for all and particularly for children and younger users.
Industry experts have been keen to offer their their views and advice and we've put together a round up of some of the best.
One in four government organizations suffers accidental cloud leakage


Detecting and resolving data leakage is a top security challenge for public sector organizations with 24 percent suffering accidental leakage of cloud data.
The 2021 Cloud Data Security Report from Netwrix finds phishing (reported by 39 percent of organizations) to be the most common incident that government agencies experienced in the cloud, followed by accidental data leakage (24 percent) and targeted attacks on infrastructure (22 percent).
Privileged access is the Achilles heel of enterprise security


Failure to automate control of physical accounts is a major weak point in enterprise security according to a study released by Thycotic.
Among the findings are that a significant number of enterprises (28 percent) only audit privileged access management (PAM) on a quarterly or annual basis.
Recent Headlines
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.