Articles about Security

A major problem for social media and other online businesses is the creation of spoof accounts. Guarding against these can be difficult but identity-as-a-service company Jumio has come up with a solution.

Jumio Go is a real-time, fully automated identity verification platform. It includes liveness detection to spot when photos, videos or even realistic 3D masks are used instead of actual selfies to create online accounts.

Continue reading →

Microsoft has beaten Amazon to win the controversial $10 billion Joint Enterprise Defense Infrastructure (JEDI) cloud contract from the US Department of Defense.

A year ago, Microsoft employees were trying to discourage the company from bidding for the contract over concerns that the technology is develops could "be used for waging war". The DoD confirmation that the "contract will address critical and urgent unmet warfighter requirements for modern cloud infrastructure" will do nothing to calm these fears.

Continue reading →

The personal data of nearly 7.5 million Adobe Creative Cloud users was exposed earlier this month when an unsecured database was discovered online.

The database, which could be accessed by anyone without the need for a username or password, included information such as email addresses, member IDs and payment status. People accessing the database were also able to see which Adobe products were used by individuals, the country they live in, and whether they are Adobe employees.

Continue reading →

If you have private files that you want to be able to access when on the go, you could consider uploading them to the cloud, or carrying them around on a USB flash drive. The trouble with the former option is you’re entrusting your content to a third party, and in the case of the latter, you run the risk of losing the drive, allowing anyone who finds it to view your data. You could protect your files using software encryption, but it’s not 100 percent secure.

A much better, and far safer solution is to store your data on a hardware encrypted USB drive like the Aegis Fortress L3.

Continue reading →

A large majority of cybersecurity and risk management leaders (83 percent) believe that developments in 5G wireless technology will create challenges for their organizations.

A new report from UK-based cybersecurity specialist Information Risk Management (IRM) shows that among the top 5G-related concerns are greater risk of attacks on Internet of Things networks, a wider attack surface and a lack of security by design in 5G hardware and firmware.

Continue reading →

A Europe-wide survey of almost 600 successful businesses reveals that 61 percent of business leaders on the board of their company believe that in the war against cybercrime the hackers are more sophisticated than the software developers.

The study carried out for global network RSM by the European Business Awards also finds that 60 percent of these board members believe they may have been breached without them knowing and 73 percent consider themselves at risk from cybercrime.

Continue reading →

Cash App, the person-to-person (P2P) payment service application from Square is being targeted by a number of scams using Twitter and Instagram to lure victims.

It's easy to see why Cash App is a prime target, the app has been downloaded 59.8 million times since its 2013 launch, it's been name checked by popular rap artists, and some brands -- including Burger King -- have used it as part of marketing campaigns.

Continue reading →

Following reports that the fingerprint scanners of Galaxy S10 and Note10 handsets can be unlocked with any finger, Samsung is now rolling out a fix.

The security issue was caused by third-party screen protectors interfering with the fingerprint scanners, making it possible for anyone to unlock a phone with an unregistered fingerprint. While the patch is now rolling out, it remains to be seen whether the vulnerability has been addressed fully.

Continue reading →

Unless the information security industry can embrace greater diversity -- in gender, age, ethnicity, disabilities and experience -- it will face a stagnating workforce and be unable to keep up with a rapidly expanding skills gap according to a new report.

The Chartered Institute of Information Security (CIISec) finds that 89 percent of respondents to its survey are male, and 89 percent over 35, suggesting the profession is still very much in the hands of older men.

Continue reading →

The UK's National Cyber Security Centre has released its annual review for 2019 which sets out cybersecurity trends and looks at how the agency has been protecting consumers and businesses.

One of the most interesting findings is the list of most hacked passwords. 'Superman', exposed 333,139 times, and 'blink182', exposed 285,706 times, top the lists for fictional characters and musicians respectively. If you are a soccer fan, 'liverpool', exposed 280,723 times, is not a good password choice. But it's old favorite '123456', exposed more than 23 million times, that's top overall.

Continue reading →

According to a recent Gartner report a third of successful attacks on enterprises will come via shadow It by 2020.

It's therefore more important than ever for organizations to understand the risks and properly assess the attack surface they present. Bugcrowd is launching a new Attack Surface Management (ASM) tool to allow them to do this.

Continue reading →

A focus on fixing new issues while neglecting ageing flaws leads to increasing security debt according to a new report.

The study -- the 10th such report from security testing specialist Veracode -- analyzed more than 85,000 applications across more than 2,300 companies worldwide and finds that fixing vulnerabilities has become just as much a part of the development process as improving functionality.

Continue reading →

As smartwatches take on more and more functions they are more likely to access business and personal data, so focus turns to their security.

Consumer authentication specialist Nok Nok Labs is launching the industry's first FIDO-based authentication solution for smartwatches in the form of its Nok Nok App SDK for Smart Watch.

Continue reading →

Managing user accounts involves a range of tasks from access approvals to user credentials, compliance reviews and the perennially popular password reset.

Identity management company SailPoint is releasing results of its annual Market Pulse survey which finds many IT teams don't have enough time to get everything done and are looking to automate identity tasks.

Continue reading →

With growing consumer awareness of data breaches and the potential for businesses to misuse data, a new survey looks at how this is affecting behavior.

The study from Ping Identity surveyed over 4,000 people around the world and finds 49 percent of respondents are more concerned about protecting their personal information than they were a year ago.

Continue reading →