Articles about Security

Phishing is a problem that shows no signs of going away and indeed the COVID-19 pandemic has seen a new raft of malware and fraudulent emails seeking to trick the unwary.

Edison Software is launching a new AI-based email security subscription plan that can be added to the Edison Mail iOS app to help combat the threat.

Continue reading →

Researchers at F-Secure have uncovered a targeted, advanced attack on a cryptocurrency organization which they have linked to the Lazarus Group, and believe is part of a global, and financially motivated, hacking campaign.

Lazarus has been linked to the now infamous WannaCry attacks of 2017. This latest report identifies the tactics, techniques, and procedures (TTPs) used during the attack, such as spearphishing via a service (in this case, using LinkedIn to send a fake job offer tailored to the recipient’s profile).

Continue reading →

Botnet and exploit activity have increased over the course 2020's second quarter by 29 percent and 13 percent respectively, representing more than 17,000 botnet and 187,000 exploit attacks a day.

The latest Quarterly Threat Landscape Report from managed security services provider Nuspire also reveals a shift in tactics as attackers pivot away from COVID-19 themes, instead using other prominent media themes like the upcoming US election and exploiting the Black Lives Matter movement.

Continue reading →

We’ve covered Spydish on BetaNews before. The tool is great if you want to boost your privacy and security in Windows 10.

Today Belim, the program’s developer, announces that Spydish has undergone a name change, becoming Privatezilla, and that’s not all. The program is also becoming open source. In order to achieve this, some important changes have been made, which includes replacing certain features.

Continue reading →

The Windows Defender tool that is built into Windows 10 offers protection against a range of malware, but it is not something that everyone wants running on their computer. In a recent update, Microsoft has removed the option of disabling Defender via the registry.

Previously, it was possible to enable the DisableAntiSpyware key in the registry to switch off Windows Defender -- for whatever reason you may want to. But now the setting is ignored, meaning anyone wanting to avoid Windows Defender will have to find another way to do so.

Continue reading →

New research into insider threats from security automation platform Securonix shows that 60 percent of data exfiltration incidents are carried out by employees identified as 'flight risk', in other words that are about to leave the business.

We spoke to Shareth Ben, director of insider threat and cyber threat analytics with Securonix, to find out more about insider threats, flight risks and how companies can protect themselves.

Continue reading →

A new study from cybersecurity and data analytics firm, CybSafe shows that one in fours UK office workers are relying on unauthorized personal devices to work from home.

The study of 600 workers also shows that one in 10 share their work devices with others in their household, and that 65 percent of workers have not received any remote working security training in the last 6 months.

Continue reading →

Since organizations have shifted to a work from home model, the potential for cyberattacks and breaches has increased. In fact, since the start of the pandemic, 20 percent of respondents say they faced a security breach as a result of a remote worker.

New research from Malwarebytes shows that this in turn has led to higher costs, with 24 percent of respondents saying they paid unexpected expenses to address a cybersecurity breach or malware attack following shelter-in-place orders.

Continue reading →

More than half of UK businesses are turning to outsourced partners for cyber security services, according to research commissioned by digital risk protection company Skurio.

Lack of in-house expertise is a key issue for organizations, in particular when it comes to digital risk protection -- the ability to monitor risks, threats and breaches outside their network -- with 80 percent of respondents saying that their teams lack skills and knowledge in this area.

Continue reading →

Microsoft has released an out of band security update that addresses two separate Windows Remote Access Elevation of Privilege vulnerabilities.

KB4578013 fixes the CVE-2020-1530 and CVE-2020-1537 issues relating to Windows Remote Access' handling of memory and file operation respectively. Microsoft had already issued a patch for Windows 10 earlier this month, but the new patch is aimed at people running Windows 8.1, RT 8.1, and Server 2012 R2.

Continue reading →

A new Biannual ICS Risk and Vulnerability Report, released today by Claroty, reveals that more than 70 percent of industrial control system (ICS) vulnerabilities disclosed in the first half of 2020 can be exploited remotely.

Earlier this week we looked at how project files can be used to attack ICS systems even if they're air-gapped, but this report highlights the importance of protecting internet-facing ICS devices and remote access connections.

Continue reading →

In the new normal world where more work is being carried out remotely, corporate communications have increased in importance but they have also come under greater threat.

As the recent Twitter attack shows, communication tools offer hackers an attractive extra method of getting hold of sensitive information like login details.

Continue reading →

Almost half of all actions by attackers are identical to the normal activities of the users and admins, and in most companies even a low-skilled hacker can obtain control of the infrastructure.

These are among the findings of a new study from penetration testing specialist Positive Technologies. Testers, acting as internal attackers, managed to obtain full control of infrastructure at 23 tested companies usually within three days.

Continue reading →

Credential stuffing attacks rely on stolen account credentials from a previous breach and are usually perpetrated by bots in an attempt to gain access to other websites.

This is a major problem for businesses, with threat actors using as many as 65,000 IP addresses for a single attack. Now though identity platform Auth0 is launching a new Bot Detection feature that it claims can reduce the effectiveness of a credential stuffing attack by as much as 85 percent.

Continue reading →

Industrial control systems (ICS) are usually kept separate from internet facing and other business applications. But researchers at Claroty have discovered a way to exploit ICS project files as an attack vector.

The attack was demonstrated at the recent DEF CON conference. We asked Nadav Erez, Claroty's research team lead, to explain more about why these files are particularly attractive to attackers.

Continue reading →