Articles about Security

Containerization is increasingly popular, but its adoption presents challenges when it comes to vulnerability management and protection.

DevOps security specialist NeuVector is launching new features for its platform aimed at enterprise teams.

Continue reading →

Both the Windows and macOS versions of Zoom have critical, unpatched security vulnerabilities that could be exploited by hackers to target users and spy on calls and meetings.

Security experts say -- despite not having seen the actual code for the exploits -- that the Windows version of Zoom is affected by an RCE (Remote Code Execution) described as being "perfect for industrial espionage". The zero-days have been offered for sale for $500,000.

Continue reading →

With a sudden shift to remote working many companies are faced with lowering quality controls and making short term tactical fixes to support their remote workforce, increasing their exposure to threats and cyberattacks.

Security specialist F-Secure has launched a new offering based on its award-winning managed detection and response (MDR) service, F-Secure Countercept.

Continue reading →

With many more people working from home currently the risks to business data from the use of potentially insecure applications is increased.

Kaspersky is launching a new version of its Endpoint Security Cloud, which will enable businesses to control the unauthorized use of potentially insecure applications and sites by employees whilst working from home.

Continue reading →

Microsoft's monthly Patch Tuesday security updates are always important, but the ones released this week are particularly important. Not only do the fixes address numerous zero-day vulnerabilities, but the security flaws they fix were being actively exploited.

In all, Microsoft has plugged 113 CVE-numbered vulnerabilities this month. 17 of these are marked as being critical, and 96 as important.

Continue reading →

Cybersecurity is important to any enterprise, but it's especially key to those that are delivering critical infrastructure.

But recent research from Nozomi Networks shows that often the development of a holistic security approach is being driven by events such as security breaches.

Continue reading →

With greater numbers than ever working remotely due to the coronavirus crisis, there's increased focus on the security risks posed by home networks.

New research from BitSight, based on analysis of over more than 41,000 organizations, reveals that networks used to work from home are 3.5 times more likely to have malware present than the traditional corporate network.

Continue reading →

Problems for Zoom and users of the videoconferencing software seem just about unending. Following on from the revelation that a number of account credentials were available on the dark web, a new report shows that in fact there are credentials for hundreds of thousands of accounts available on hacking forums.

In all, over half a million account details have been found available -- some sold for fractions of a penny, and others made available completely free of charge.

Continue reading →

A new study from Check Point Research highlights the brands which are most frequently imitated by criminals in attempts to steal individuals' personal information or payment credentials.

The Brand Phishing Report for the first quarter of this year shows Apple was the brand most frequently imitated, up from seventh place in the final quarter of 2019.

Continue reading →

As part of its continuing efforts to regain trust following a series of privacy and security scandals, Zoom has announced that it is introducing the option for users to choose which countries their data is routed through.

The move comes after concerns were voiced at Zoom's admission that some US calls were being routed through China. The new option will allow users to opt in or out of specific data center regions; unfortunately, this feature will not be made available to everyone.

Continue reading →

Cloudflare has moved away from using Google's reCAPTCHA, opting instead for the independent hCaptcha bot detector.

The company explains the reasons behind the change, citing not only the fact that Google would now like to charge Cloudflare for what used to be a free service, but also the privacy concerns that stem from anything to do with Google.

Continue reading →

The various security and privacy issues that have plagued Zoom in recent weeks have not only caused users to look at the video conferencing software differently, but also forced the company to take a long, hard look at itself.

Having already apologized for the numerous issues people have experienced, as well as making changes to the way the service works, Zoom has now also taken steps to prevent users from being Zoombombed. The change is a relatively minor one in the scheme of things, but it's an important one.

Continue reading →

A new survey finds that 85 percent of companies believe embracing the public cloud is critical to fuel innovation. But of those who have already adopted public cloud, only 40 percent have in place an approach to managing cloud and container security.

The study by DivvyCloud finds only 58 percent say their organization has clear guidelines and policies in place for developers building applications and operating in the public cloud. Of those, 25 percent say these policies are not enforced, while 17 percent confirm their organization lacks clear guidelines entirely.

Continue reading →

Once a specialist tool, then the darling of the video conferencing world, Zoom's fall from grace has been fairly spectacular. A series of privacy and security issues have put off numerous users, and led to some institutions instigating a ban on the software.

Google has now followed the lead of schools across the US, banning employees from using Zoom because of concerns about security. Senators in the US have also been warned against using the service.

Continue reading →

The privacy and security scandals that have blighted Zoom have already caused some users to look for alternatives, but the company seems serious about trying to address the issues that have sparked concern.

Having already issued an apology to users, Zoom CEO Eric S Yuan has now revealed that his company is collaborating with numerous big-name CISOs (chief information security officers) to ensure the implementation of security and privacy best practices. He also says that Facebook's former Chief Security Officer, Alex Stamos, is joining the company as a security advisor.

Continue reading →