Articles about Security

The Windows Defender tool that is built into Windows 10 offers protection against a range of malware, but it is not something that everyone wants running on their computer. In a recent update, Microsoft has removed the option of disabling Defender via the registry.

Previously, it was possible to enable the DisableAntiSpyware key in the registry to switch off Windows Defender -- for whatever reason you may want to. But now the setting is ignored, meaning anyone wanting to avoid Windows Defender will have to find another way to do so.

Continue reading →

New research into insider threats from security automation platform Securonix shows that 60 percent of data exfiltration incidents are carried out by employees identified as 'flight risk', in other words that are about to leave the business.

We spoke to Shareth Ben, director of insider threat and cyber threat analytics with Securonix, to find out more about insider threats, flight risks and how companies can protect themselves.

Continue reading →

A new study from cybersecurity and data analytics firm, CybSafe shows that one in fours UK office workers are relying on unauthorized personal devices to work from home.

The study of 600 workers also shows that one in 10 share their work devices with others in their household, and that 65 percent of workers have not received any remote working security training in the last 6 months.

Continue reading →

Since organizations have shifted to a work from home model, the potential for cyberattacks and breaches has increased. In fact, since the start of the pandemic, 20 percent of respondents say they faced a security breach as a result of a remote worker.

New research from Malwarebytes shows that this in turn has led to higher costs, with 24 percent of respondents saying they paid unexpected expenses to address a cybersecurity breach or malware attack following shelter-in-place orders.

Continue reading →

More than half of UK businesses are turning to outsourced partners for cyber security services, according to research commissioned by digital risk protection company Skurio.

Lack of in-house expertise is a key issue for organizations, in particular when it comes to digital risk protection -- the ability to monitor risks, threats and breaches outside their network -- with 80 percent of respondents saying that their teams lack skills and knowledge in this area.

Continue reading →

Microsoft has released an out of band security update that addresses two separate Windows Remote Access Elevation of Privilege vulnerabilities.

KB4578013 fixes the CVE-2020-1530 and CVE-2020-1537 issues relating to Windows Remote Access' handling of memory and file operation respectively. Microsoft had already issued a patch for Windows 10 earlier this month, but the new patch is aimed at people running Windows 8.1, RT 8.1, and Server 2012 R2.

Continue reading →

A new Biannual ICS Risk and Vulnerability Report, released today by Claroty, reveals that more than 70 percent of industrial control system (ICS) vulnerabilities disclosed in the first half of 2020 can be exploited remotely.

Earlier this week we looked at how project files can be used to attack ICS systems even if they're air-gapped, but this report highlights the importance of protecting internet-facing ICS devices and remote access connections.

Continue reading →

In the new normal world where more work is being carried out remotely, corporate communications have increased in importance but they have also come under greater threat.

As the recent Twitter attack shows, communication tools offer hackers an attractive extra method of getting hold of sensitive information like login details.

Continue reading →

Almost half of all actions by attackers are identical to the normal activities of the users and admins, and in most companies even a low-skilled hacker can obtain control of the infrastructure.

These are among the findings of a new study from penetration testing specialist Positive Technologies. Testers, acting as internal attackers, managed to obtain full control of infrastructure at 23 tested companies usually within three days.

Continue reading →

Credential stuffing attacks rely on stolen account credentials from a previous breach and are usually perpetrated by bots in an attempt to gain access to other websites.

This is a major problem for businesses, with threat actors using as many as 65,000 IP addresses for a single attack. Now though identity platform Auth0 is launching a new Bot Detection feature that it claims can reduce the effectiveness of a credential stuffing attack by as much as 85 percent.

Continue reading →

Industrial control systems (ICS) are usually kept separate from internet facing and other business applications. But researchers at Claroty have discovered a way to exploit ICS project files as an attack vector.

The attack was demonstrated at the recent DEF CON conference. We asked Nadav Erez, Claroty's research team lead, to explain more about why these files are particularly attractive to attackers.

Continue reading →

Although reports of data breaches are down 52 percent in the first half of this year, the number of records exposed over the same period has soared to 27 billion.

The latest Data Breach Report from Risk Based Security shows 2,037 publicly reported breaches from January to June, a 52 percent decrease compared to the first six months of 2019 and 19 percent below the same time period for 2018.

Continue reading →

As systems move to the cloud, organizations are faced with the problem of safely managing access for third-parties and vendors.

Specialist in this field SecureLink is launching a new version of its SecureLink for Enterprises platform, introducing features to expand vendor privileged access management (VPAM) capabilities to the cloud and strengthen reporting.

Continue reading →

Keeping enterprise systems secure used to be a relatively simple matter of defending the network perimeter. But in recent times the increased sophistication of attacks, a shift to more remote working, and demands for more sophisticated identity management mean things are much more complex.

We spoke to Greg Keller, CTO of directory-as-a-service company JumpCloud  who believes that the answer is to move the security perimeter to the user, wherever they are located.

Continue reading →

The NSA has issued a warning about a new round of cyberattacks by Russia. This time, the GRU (Główny Zarząd Wywiadowczy, the Russian General Staff Main Intelligence Directorate) is targeting Linux machines.

To orchestrate the attacks, the GRU is using a malware suite called Drovorub. The suite is made up of four modules and uses a variety of techniques to hide itself and evade detection.

Continue reading →