Articles about Security

Security firm ZecOps has published research about security vulnerabilities affecting iPhones and iPads. The critical flaws are yet to patched by Apple and are said to be actively used to target high-profile users such as journalists, employees of Fortune 500 companies and VIPs.

What's particularly worrying about the flaws is that they can be exploited by sending a message that appears to be blank. Opened in iOS Mail, the message can be used to run code and spy on activity without the need for any interaction from the victim. There is a suggestion that a nation-state could be involved.

Continue reading →

Zoom Video Communications has announced details of Zoom 5.0, a major update to its video conferencing client which goes a long way to addressing many of the security and privacy issues that have been found in recent weeks.

With the upcoming release, users can benefit from the addition of AES 256-bit GCM encryption, as well as the ability to choose routing options for calls.

Continue reading →

The need to protect remote working is exercising many organizations at the moment. Abnormal Security is launching a new Microsoft Teams Protection product to help guard the platform against social engineering attacks.

It automatically detects suspicious messages sent within a customer's Microsoft Teams environment, lowering the risk of phishing attacks infiltrating internal Teams communication channels.

Continue reading →

The latest Global Security Report from Trustwave, based on analysis of more than a trillion logged events in 2019, reveals that corporate systems continue to be most targeted by cybercriminals, at 54 percent.

This is followed by e-commerce at 22 percent down five percent when compared to 2018. Cloud services have seen the biggest increase and are now the third most targeted environment accounting for 20 percent of investigated incidents up significantly from seven percent the previous year.

Continue reading →

New research from vulnerability management specialist Kenna Security seeks to quantify the comparative risk of using assets based on Microsoft, Apple, Linux, or Unix platforms, as well as network devices.

The study finds that asset mix plays a key role in determining the number of security vulnerabilities an organization has to contend with every month along with its ability to minimize cyber risk.

Continue reading →

A new survey reveals that 75 percent of respondent companies rely on legacy network security technologies from big-name vendors such as Cisco, Palo Alto Networks and Fortinet.

The study from secure network provider Tempered also shows 70 percent would opt to make their networks invisible to bad actors if that was possible, but these older technologies don't allow it.

Continue reading →

Zoom's privacy and security issues have been in the headlines for a number of weeks now, causing concern for lots of users. But many people have no option but to use the software after it has been selected by the company they work for.

If you find that you have to use Zoom, there are steps you can take to ensure your experience is as safe as possible. Security firm Kaspersky has offered up a series of tips to boost your security and privacy on the platform.

Continue reading →

Just a quarter (24 percent) of end-of-life equipment is being cleaned up and reused, while 39 percent of organizations physically destroy end-of-life IT equipment according to a new study.

Research from data erasure specialist Blancco Technology Group looks at the issues associated with the corporate sustainability practices that some of the world's largest enterprises are following today.

Continue reading →

While many industries are struggling to continue during the lockdown, the cybercrime business is gearing up to exploit the economic stimulus and relief payments being offered around the world.

Researchers at Check Point have seen COVID-19 related cyberattacks rise to an average of 14,000 a day this month, which is six times the average number of daily attacks compared to March.

Continue reading →

The unrelenting criticism of Zoom continues, with India being the latest to slap an official ban on the video conferencing tool.

Voicing concerns that Zoom is "not a safe platform", the Indian Cyber Coordination Centre issued an advisory saying that the tool is "not for use by government offices/officials for official purpose". But the country recognizes that many people will want or need to continue using Zoom and the ministry of home affairs has issued a helpful guide to safe use of the service.

Continue reading →

We've seen many companies offering free software during the current crisis. Now security and risk analytics company Gurucul is launching two free services to help organizations protect themselves against cyberattacks that target their remote workers and third-party identities.

These deliver the Gurucul Unified Security and Risk Analytics platform as a cloud service with pre-configured and tuned algorithms that can detect unusual and high risk behavior patterns exhibited by remote workers as well as third party identities and devices.

Continue reading →

Research into the buying intentions of IT decision makers in the UK has revealed that, despite many organizations (55 percent) putting their buying on hold, 38 percent are still reviewing their digital needs and progressing buying decisions.

The study of 100 top IT decision makers, conducted earlier this month by data-driven consultancy Resonance, finds 67 percent of those actively seeking solutions have increased their urgency to implement them.

Continue reading →

Just in case you didn't have enough to worry about at the moment, the Information Security Forum has published its Threat Horizon 2022 report, looking ahead to the cyber challenges of the next two years.

Balancing today's realities with forecasts that push the limits of thinking, the report highlights nine major threats, broken down into three themes, that organizations can expect to face as a result of developments in technology.

Continue reading →

Digital risk protection company Terbium Labs has released a trend report on the stolen and fraudulent data of three of the largest multi-good dark web marketplaces, which finds that fraud guides account for 49 percent of the data being sold.

Personal data lags some way behind at at 15.6 percent, followed by non-financial accounts and credentials (12.2 percent), financial accounts and credentials (8.2 percent), fraud tools and templates (eight percent) and payment cards (seven percent).

Continue reading →

Containerization is increasingly popular, but its adoption presents challenges when it comes to vulnerability management and protection.

DevOps security specialist NeuVector is launching new features for its platform aimed at enterprise teams.

Continue reading →