Articles about Security

QR code use grows in popularity but poses hidden risks

QR code

The use of QR codes has risen during the pandemic as they offer a perfect solution to contactless interaction. But many employees are also using their mobile devices to scan QR codes for personal use, putting themselves and enterprise resources at risk.

A new study from security platform MobileIron shows that 84 percent of people have scanned a QR code before, with 32 percent having done so in the past week and 26 percent in the past month.

Continue reading

Kaspersky says Linux systems are increasingly being targeted by hackers

Linux

Hackers are increasingly turning their attention to attacking Linux servers and workstations, according to security researchers from Kaspersky.

While it is Windows systems that have traditionally been in the cross-hairs of attackers, advanced persistent threats (APTs) are now a serious issue in the Linux world. Linux systems are being specifically targeted with an ever-widening selection of malware tools.

Continue reading

Dashlane launches new password health reporting tool for businesses

Password on a PostIt

Good security practices are more important than ever in the current climate, with people working from home using their own devices.

Password management specialist Dashlane is launching a new reporting tool that gives company administrators in-depth visibility into employee password security along with the ability to track improvements over time.

Continue reading

Organized attacks on cloud infrastructure and software supply chain increase

Broken chain

A new threat report from Aqua Security reveals a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure.

While most attacks uncovered by Team Nautilus, Aqua's cybersecurity research team, were aimed at abusing public cloud compute resources for cryptocurrency mining, the methods used also open the door for higher-value targets that look to exploit security gaps in container software supply chains and runtime environments.

Continue reading

Zoom boosts security with 2FA for all users

Zoom plane

After suddenly hitting the big time during the coronavirus pandemic, video conferencing tool found itself the center of attention for both good and bad reasons. While people welcome the app facilitating remote working, Zoom's security and privacy credentials were called in to questions in a series of incidents.

The company subsequently promised to take action to improve things in these areas, and over the summer there have been ongoing updates to Zoom. Now two-factor authentication (2FA) has been made available to all users.

Continue reading

Making the case for Trust in Zero Trust

Trust card

As WFH continues and bad actors and cyberthreats thrive, it is more critical than ever before for organizations to have a robust cybersecurity strategy in place. The best way to get started? Leverage Zero Trust.

The chief concern security teams have is keeping threats and attacks out of their organizations. This is why CISOs make significant investments in security controls that protect important vectors like the network, data center, cloud, email and endpoint. This defense-in-depth approach is essential to detect and block threats, but they need to be bolstered with Zero Trust capabilities. Why? Simply put, because attacks and breaches continue to occur. In fact, we know that 64 percent of CISOs believe their organization is more likely to experience a data breach due to COVID-19, and an additional 30 percent of CISOs have seen more attacks on their IT systems as a direct result of COVID-19.

Continue reading

Size matters when it comes to cybersecurity

large and small

Research from Coalfire Labs based on over 800 penetration tests finds that company size has a direct bearing on how effectively a business is able to fend off would-be attackers.

The study shows large and small companies see more than three times the year-on-year improvement of medium-sized companies. Although mid-size companies hit the cybersecurity sweet spot in 2018, they scrambled to keep up last year, and in 2020, improving only four percent year-on-year in fending off attackers compared to their bigger and smaller counterparts.

Continue reading

Why vishing is the new phishing and how to guard against it [Q&A]

vishing smishing

We're all familiar with the menace of phishing but, particularly following the recent Twitter attack, other methods of stealing credentials have been on the rise.

These include 'smishing' (phishing via SMS) and 'vishing' (phishing by voice call). We spoke to Ed Bishop, CTO at email security company Tessian to find out how businesses can identify vishing and smishing attacks, how the attacks work, and how companies can protect their employees.

Continue reading

Hackers could use Windows 10 themes to steal passwords

Hacker typing username and password

People like to be individuals, and in the computing arena one way to be a little different is to change the look of Windows by using themes. But a security researcher has warned of a technique that could be exploited by hackers to trick users into divulging their Windows login details when applying a theme.

Malicious theme packs can be used to execute a "pass-the-hash" attack which sends passwords to a remote server. The specially designed themes are easy to create, andthe way the credential stealing attack works will fool many people -- but there are protective measures that can be put in place.

Continue reading

60 percent of emails in May and June were fraudulent

Malicious email

The COVID-19 pandemic has seen a spike in scams, phishing and malware across all platforms and attack vectors. The latest mid-year threat landscape report from Bitdefender shows that in May and June, an average of 60 percent of all received emails were fraudulent.

In addition there’s been a five-fold increase in the number of coronavirus-themed attacks and a 46 percent increase in attacks aimed at home IoT devices.

Continue reading

Remote work puts extra stress on SMB security teams

SMB laptop

Smaller businesses are having to do more with less in terms of security, a situation made worse by the coronavirus pandemic.

The annual SMB IT Security Report from Untangle shows that 38 percent of SMBs are allocating $1,000 or less to their IT security budget, compared to 29 percent in 2019 and 27 percent in 2018.

Continue reading

Microsoft releases KB4497165 and KB4558130 microcode updates for Windows 10 to fix Intel security flaws

New Intel logo

Earlier in the year, Intel announced that it had completed software validations on fixes for a series of security flaws affecting many of its processors discovered a couple of years ago. Now Microsoft, in conjunction with the chip-maker, released microcode updates for Windows 10 to fix these issues.

The four problems are connected to the now-infamous Spectre and Meltdown flaws from 2018. They relate to problems with the speculative execution function of many chips, and could allow for sensitive data to leak.

Continue reading

Everything you need to know about authentication

security verification

The shortcomings of password security are well known. Indeed the death of passwords has been predicted for a long time but they still cling on.

There are a number of alternative authentication methods available, but confusion still reigns about the pros and cons of different approaches. To help cut through the mass of information, identity management company Beyond Identity has put together an infographic looking at alternative authentication methods and the security each provides.

Continue reading

New threat intelligence system helps fight deepfakes

Fake/genuine

Concern about deepfakes is on the rise and earlier this week Microsoft announced its own video authentication tool ahead of the US elections.

To help counter the threat from increasingly sophisticated cyber attacks, including the use of deepfakes, biometric authentication company iProov is also launching its own Security Operations Centre (iSOC).

Continue reading

Cyberattacks and how they work

Cyber attack

Cybercriminals in 2019 managed to expose more than 165 million records of confidential data across 1,365 known breaches.

But how do they get in, how long do they stay and what are they there for? The answers to these questions are in the 2020 Compromise Flashcard produced by compromise assessment company Lumu.

Continue reading

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.