Security

DNS amplification attacks have grown by over 4,000 percent over the last year according to Nexusguard's latest threat report.

DNSSEC (Domain Name System Security Extensions) remains the main source of growth in DNS amplification attacks in the quarter, but Nexusguard analysts have also detected a sharp and concerning rise in TCP SYN Flood attacks.

According to a new report, more than 60 percent of all leaked records in 2019 were exposed by financial services organizations, despite only six percent of breaches affecting these organizations.

The 2019 Financial Breach Report from Bitglass says these figures are at least partially due to the Capital One breach, which compromised more than 100 million records.

Despite data breaches involving stolen or cracked passwords constantly being in the news, it seems people are still making poor choices when it comes to their login credentials.

Password manager NordPass has compiled a list of the 200 most commonly used passwords of 2019 and highlighted the 20 you should never be using.

New account fraud -- attempts by an individual to create a new online account by manipulating a government-issued ID -- is up 28 percent this year according to a new report.

Data from trusted identity provider Jumio shows this type of fraud has increased over 100 percent on 2014 levels.

Network security and intelligence company WatchGuard Technologies has released its internet security report for the third quarter of 2019 showing the most popular network attacks.

Apache Struts vulnerabilities -- including one used in the devastating Equifax data breach which tops the list -- appeared for the first time on WatchGuard's list. The report also highlights a major rise in zero day malware detections, increasing use of Microsoft Office exploits and legitimate penetration testing tools, and more.

New data published by INAP at Gartner's IT Infrastructure, Operations and Cloud Strategies Conference in Las Vegas this week reveals the top challenges IT professionals expect to face in 2020.

Migrating applications to the cloud tops the list for 37 percent (up from 34 percent last year) while protecting against cyber attacks is in second place chosen by 31 percent (down from 36 percent).

An exploitable design flaw with a smart lock means attackers can easily overcome it and the lock's inability to receive updates means it can't easily be fixed.

Researchers at F-Secure found they were able to exploit poorly designed protocols in the KeyWe Smart Lock to intercept the secret passphrase that controls the lock as it's exchanged between the physical device and the mobile app.

A rapid increase in the number of security tools used by large companies is limiting their return on investment while increasing the risk of cyber threats, according to a new report.

The study from enterprise security specialist ReliaQuest finds that there is a 'security tool tipping point' where the number of cybersecurity solutions becomes overwhelming and actually increases organizational risk levels.

With the security of IDs and passwords increasingly under scrutiny, more people are becoming interested in using biometrics to verify their identity and authorize payments.

Technology education course guide Computer Science Zone has produced an infographic looking at the advantages of biometrics and how they are gaining in popularity.

A new study shows a 29 percent increase in suspected online retail fraud during the start of the 2019 holiday shopping season compared to the same period in 2018, and a 60 percent increase over the same period from 2017 to 2019.

The findings from iovation, the fraud prevention arm of TransUnion, are based on the online retail transactions analyzed for its e-commerce customers between Thanksgiving and Cyber Monday over the last three years.

Security researcher Brian Krebs has discovered a peculiarity with the iPhone 11 Pro and its collection of location data.

In what is described as a "possible privacy bug", Krebs found that the iPhone 11 Pro seeks location data even when system services and apps are configured to never request this information -- the location arrow icon can be seen popping into view at unexpected times. Curiously, despite seemingly contradicting its privacy policies, Apple says that it is by design.

Millions of people and hundreds of thousands of businesses in the UK are using cracked or weak passwords for their online accounts according to new research.

Cybersecurity and data analytics CybSafe has conducted a blind-analysis of the passwords used by over 21,000 staff at a sample group of 250 UK businesses, and finds that three quarters are employing staff with vulnerable password combinations -- either passwords which are too simple, or which have been compromised in previous data breaches.

Poor passwords frequently provide hackers with a way into networks. In order to help security teams and penetration testers identify them, Trustwave is launching a new cracking tool.

CrackQ is a queuing system to manage password cracking that works with the Hashcat tool which uses the power of GPUs to crack passwords.

It's no secret that there is a huge talent gap in the cybersecurity industry. Everyone is talking about it, including Forbes Magazine, TechRepublic, CSO Online, DarkReading, and SC Magazine, among many others. Additionally, Fortune CEO's like Microsoft's Satya Nadella, McAfee's CEO Chris Young, Cisco's CIO Colin Seward and others shine a light on it from time to time.

Cybersecurity: The Beginner's Guide puts together all the possible information regarding cybersecurity, such as why you should choose it, and how can you can get involved with it.

Mass cyber attacks are now being outnumbered by targeted attacks, with 65 percent of the total in the third quarter of 2019 being targeted, compared to 59 percent in the previous quarter.

The latest threatscape report from Positive Technologies also shows data theft grew to 61 percent of all attacks on organizations and 64 percent of all attacks on individuals (compared to 58 and 55 percent respectively in the second quarter). The share of attacks with direct financial motivation was 31 percent.