Articles about Security

More than 80 percent of government cyber security leaders think public-private collaboration would help them keep pace with cyber threats, according to a new report.

The study from Nominet of government agencies in the UK, US and the Middle East, also shows that 65 percent of respondents think their pace of change is too slow in comparison to enterprises and 81 percent believe that a slow pace of change can negatively impact national cyber defense.

Continue reading →

Starting in March and continuing through most of the spring, there has been a significant increase in malicious emails utilizing various COVID-19 issues as a lure to manipulate users into exposing themselves to various email attacks and scams.

The latest Attack Landscape report from F-Secure shows COVID-related emails range from attempting to trick users into ordering face masks from phony websites to infecting themselves with malware by opening malicious attachments.

Continue reading →

With workforces more dispersed and reliant on collaboration technologies, the risk of sensitive business information falling into the wrong hands is increased.

Code42 is launching a new SaaS tool called Incydr, aimed at guarding intellectual property, source code and trade secrets, built to mitigate exposure from data exfiltration and to directly address the gaps in traditional security solutions for insider threats.

Continue reading →

The numerous challenges of 2020 have proved to be fertile ground for ransomware attacks, with the number up by nine percent compared to the first quarter and by 59 percent compared to the second quarter of 2019.

The latest Threatscape report from Positive Technologies shows that 16 percent of phishing attacks took advantage of COVID-19 concerns, and there is also evidence that ransomware operators have started cooperating with each other.

Continue reading →

The use of QR codes has risen during the pandemic as they offer a perfect solution to contactless interaction. But many employees are also using their mobile devices to scan QR codes for personal use, putting themselves and enterprise resources at risk.

A new study from security platform MobileIron shows that 84 percent of people have scanned a QR code before, with 32 percent having done so in the past week and 26 percent in the past month.

Continue reading →

Hackers are increasingly turning their attention to attacking Linux servers and workstations, according to security researchers from Kaspersky.

While it is Windows systems that have traditionally been in the cross-hairs of attackers, advanced persistent threats (APTs) are now a serious issue in the Linux world. Linux systems are being specifically targeted with an ever-widening selection of malware tools.

Continue reading →

Good security practices are more important than ever in the current climate, with people working from home using their own devices.

Password management specialist Dashlane is launching a new reporting tool that gives company administrators in-depth visibility into employee password security along with the ability to track improvements over time.

Continue reading →

A new threat report from Aqua Security reveals a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure.

While most attacks uncovered by Team Nautilus, Aqua's cybersecurity research team, were aimed at abusing public cloud compute resources for cryptocurrency mining, the methods used also open the door for higher-value targets that look to exploit security gaps in container software supply chains and runtime environments.

Continue reading →

After suddenly hitting the big time during the coronavirus pandemic, video conferencing tool found itself the center of attention for both good and bad reasons. While people welcome the app facilitating remote working, Zoom's security and privacy credentials were called in to questions in a series of incidents.

The company subsequently promised to take action to improve things in these areas, and over the summer there have been ongoing updates to Zoom. Now two-factor authentication (2FA) has been made available to all users.

Continue reading →

As WFH continues and bad actors and cyberthreats thrive, it is more critical than ever before for organizations to have a robust cybersecurity strategy in place. The best way to get started? Leverage Zero Trust.

The chief concern security teams have is keeping threats and attacks out of their organizations. This is why CISOs make significant investments in security controls that protect important vectors like the network, data center, cloud, email and endpoint. This defense-in-depth approach is essential to detect and block threats, but they need to be bolstered with Zero Trust capabilities. Why? Simply put, because attacks and breaches continue to occur. In fact, we know that 64 percent of CISOs believe their organization is more likely to experience a data breach due to COVID-19, and an additional 30 percent of CISOs have seen more attacks on their IT systems as a direct result of COVID-19.

Continue reading →

Research from Coalfire Labs based on over 800 penetration tests finds that company size has a direct bearing on how effectively a business is able to fend off would-be attackers.

The study shows large and small companies see more than three times the year-on-year improvement of medium-sized companies. Although mid-size companies hit the cybersecurity sweet spot in 2018, they scrambled to keep up last year, and in 2020, improving only four percent year-on-year in fending off attackers compared to their bigger and smaller counterparts.

Continue reading →

We're all familiar with the menace of phishing but, particularly following the recent Twitter attack, other methods of stealing credentials have been on the rise.

These include 'smishing' (phishing via SMS) and 'vishing' (phishing by voice call). We spoke to Ed Bishop, CTO at email security company Tessian to find out how businesses can identify vishing and smishing attacks, how the attacks work, and how companies can protect their employees.

Continue reading →

People like to be individuals, and in the computing arena one way to be a little different is to change the look of Windows by using themes. But a security researcher has warned of a technique that could be exploited by hackers to trick users into divulging their Windows login details when applying a theme.

Malicious theme packs can be used to execute a "pass-the-hash" attack which sends passwords to a remote server. The specially designed themes are easy to create, andthe way the credential stealing attack works will fool many people -- but there are protective measures that can be put in place.

Continue reading →

The COVID-19 pandemic has seen a spike in scams, phishing and malware across all platforms and attack vectors. The latest mid-year threat landscape report from Bitdefender shows that in May and June, an average of 60 percent of all received emails were fraudulent.

In addition there’s been a five-fold increase in the number of coronavirus-themed attacks and a 46 percent increase in attacks aimed at home IoT devices.

Continue reading →

Smaller businesses are having to do more with less in terms of security, a situation made worse by the coronavirus pandemic.

The annual SMB IT Security Report from Untangle shows that 38 percent of SMBs are allocating $1,000 or less to their IT security budget, compared to 29 percent in 2019 and 27 percent in 2018.

Continue reading →