Articles about Security

There are expected to be more than 70 billion connected devices by 2025, which means the opportunity for hackers to infiltrate connected devices, and to get onto networks, is going to get much larger.

So how can businesses prepare for this influx, train their staff and get ahead in order to protect their critical data from cybercriminals who are always keen to update their tactics and strategies? We spoke to Jonathan Langer, CEO of healthcare device security specialist Medigate to find out.

Continue reading →

Just 17 percent of organizations worldwide are considered 'leaders' in cyber resilience, meaning under a fifth are effectively stopping cyberattacks and finding and fixing breaches fast enough to lower the impact, according to a new report from Accenture.

Based on a survey of more than 4,600 enterprise security practitioners, Accenture's report looks at how businesses prioritize security, the effectiveness of their current security efforts, and the impact of new security-related investments.

Continue reading →

Microsoft has introduced a new feature to its Edge browser that blocks "potentially unwanted apps" from being downloaded.

At the moment, the security feature is available in the beta version of Microsoft Edge, but it will also be making its way to the stable version of Chromium-based Edge later this month. Strangely, Microsoft has chosen not to switch on the feature by default.

Continue reading →

Microsoft is no stranger to using bug bounty programs to track down security problems and other issues with its software and services. Now the company has launched an Xbox bug bounty program, offering payouts of up to $20,000 to anyone finding vulnerabilities.

The particular aim of this bounty program is to find issues with the Xbox Live network and services. Microsoft says the amounts it will pay gamers and security researchers who report problems will depend on the severity and impact of the vulnerability, as well as the quality of the submission.

Continue reading →

Microsoft may have dropped Windows 7 like a hot stone, but that doesn't mean everyone is. Recognizing the fact that large numbers of people are going to continue using the aged operating system, most antivirus firms are going to continue to offer support.

Support from the likes of AVG, Avira, Kaspersky and Trend Micro for at least two years is great news for those concerned about the security of sticking with Windows 7. Of course, this doesn't mean that the operating system is entirely safe to use now that it has reached end of life, but with the right software installed, hangers-on can secure their systems somewhat.

Continue reading →

Modern businesses have large numbers of documents, many of which contain information that is commercially sensitive. But poor file management, incorrect permissions and uncontrolled sharing can put that information at risk.

The unstructured nature of this data makes it notoriously difficult to keep track of. Now though California-based Concentric is launching a new solution to allow enterprises to identify and protect these documents.

Continue reading →

Online fraud has gained in sophistication in recent years. As consumers have moved to using mobile devices and have come to expect a consistent shopping experience across platforms,  so the fraudsters have never been far behind.

We spoke to Michael Reitblat, co-founder and CEO of eCommerce fraud prevention specialist Forter, which recently published its latest Fraud Attack Index, to find out more about the fraud landscape and how businesses can protect themselves.

Continue reading →

With attackers often targeting individuals and their credentials to gain unauthorized access to accounts, people are increasingly at the center of security.

This is one of the conclusions of a new report from identity solutions provider Okta which finds that when deploying security tools a third of businesses start with a tool focused on protecting their people, as opposed to devices, infrastructure, and networks.

Continue reading →

The UK government has announced that -- despite being considered a "high-risk vendor" -- Huawei will be permitted to contribute to the 5G network infrastructure in Britain.

The US recently warned that allowing the Chinese firm to be involved in the rollout of 5G would be "madness", but the UK has chosen to ignore this. Huawei will have limits placed on its contributions, meaning that it will only be able to supply "non-core" elements of the network.

Continue reading →

Increasingly the boundaries between operational technology and business networks are breaking down as businesses seek access to the real time data that industrial IoT devices hold.

But that leads to increased risk to critical infrastructure as devices become more exposed. To combat these threats, Cisco is introducing an IoT security architecture that provides enhanced visibility across both IT and OT environments, and helps protect industrial processes.

Continue reading →

A self-described "reverser/pwner [and] Windows kernel hacker" has demoed a working exploit for two recently discovered vulnerabilities in Windows Remote Desktop Gateway (RD Gateway).

The exploit takes advantage of the CVE-2020-0609 and CVE-2020-0610 vulnerabilities which have already been shown to make a denial of service attack possible. Now Luca Marcelli has shown how the same vulnerabilities can be exploited in a Remote Code Execution attack.

Continue reading →

When you install an antivirus program -- even a free one -- you have a reasonable assumption that it's going to help keep your data safe.

But a joint investigation by Motherboard and PCMag has discovered that Avast's free antivirus is harvesting user data. Although this is supposedly 'de-identified' it is being sold to marketers in a way that can be linked back to an individual.

Continue reading →

The use of voice for authentication has been limited in IoT applications and devices because of storage and processing limitations.

But new technology from ID R&D looks set to change that, offering voice biometric optimization with an AI-based SDK of under 1MB, enabling voice biometrics to be implemented at the edge.

Continue reading →

Internet Explorer may be a relic from the past, but it's still out there and used by surprising numbers of people. Not all versions of it are supported by Microsoft anymore, so when a critical bug was discovered in the Windows 7, 8.x, 10, Windows Server 2008 and 2012 versions of the browser, there were questions about who was going to be protected.

The bug was revealed just days after support ended for Windows 7, and it wasn't clear whether Microsoft would stick to its guns and leave those people still using this operating system out in the cold and unprotected. The company has now confirmed what's going to happen.

Continue reading →

Owners of Sonos devices were disappointed when they were told by the company that as of May 2020, there would be no more software updates released for older equipment. Sonos offered customers two options for "legacy products": keep using them without updates, or brick them by putting them in Recycle Mode in return for a 30 percent discount on a future purchase.

There was an understandable backlash from Sonos' userbase, and now the company's CEO has been forced to pen a letter in which he assures customers that devices will work for "as long as possible". Patrick Spence concedes that "we did not get this right from the start". He continues: "My apologies for that and I wanted to personally assure you of the path forward".

Continue reading →