Articles about Security

Although most security professionals use key performance indicators to measure their efforts they struggle to reconcile these with business goals, according to a new report from Thycotic.

It finds that while 84 percent of respondents have KPIs, and an even higher proportion (92 percent) say they review security in terms of its impact on the business, nearly half (44 percent) say their organization struggles to align security initiatives with the business’s overall goals, while more 35 percent aren't clear what the business goals are.

Continue reading →

Email is now the preferred communication method for businesses, but this brings with it greater risk of employees leaking data due to errors or deliberate activity.

A survey from data security company Egress shows that of employees who had accidentally shared data almost half (48 percent) say they had been rushing, 30 percent blamed a high-pressure working environment and 29 percent said it happened because they were tired.

Continue reading →

Ransomware is a pervasive problem, and for victims it can be difficult to know whether paying up will help them to regain access to their maliciously encrypted files. So when ransomware decryption keys are released free of charge, it's always good news -- and this is exactly what has happened for HildaCrypt.

The developer of this particular strain of ransomware has released the decryption keys after a security researcher shared detailed of what was initially thought to be a new type of ransomware.

Continue reading →

Insider threats, caused by current and departing employees, expose companies to breaches and put corporate data at risk, but security solutions may not be effectively preventing them.

A new study from data loss solution company Code42 finds that 69 percent of organizations say they were breached due to an insider threat and confirm they had a prevention solution in place at the time of the breach.

Continue reading →

Yesterday marked the start of not just Cybersecurity Awareness Month but also Domestic Violence Awareness Month.

Domestic abusers often make use of stalkerware (commercial spyware used as a tool for domestic espionage) to leverage their partner's digital footprint for physical control.

Continue reading →

With nearly 151 million users worldwide, Netflix is the #1 streaming service in the world. It also has the distinction of being the most impersonated by hackers. For cybercriminals, Netflix phishing is a lucrative business. While other streaming services, including HBO NOW and Spotify, are also on the receiving end of phishing attacks, none comes close to Netflix.

Netflix’s 155 million subscriber base offers a lucrative supply of personal information, contributing to its favorability with phishers. In Vade Secure's quarterly Phisher’s Favorites report for Q2 2019, Netflix was the 4th most impersonated brand in phishing attacks, with 8.2 percent quarter-over-quarter growth in Q2 2019.

Continue reading →

According to a Harris Poll carried out for Google, 75 percent of Americans get frustrated trying to manage all their passwords.

This results in unsafe practices as 24 percent have used the following common passwords, or some variation: like 'abc123', 'Password', or '123456'. 59 percent of US adults have incorporated a name (their own, a family member's, a partner's, or a pet’s) into their password to an online account, 22 percent have used their own name and a third have used their pet's name or a variation as their password.

Continue reading →

New research from Kaspersky finds that the cost of enterprise data breaches has risen from $1.23 million last year to $1.41 million in 2019.

At the same time enterprise organizations have invested more in cybersecurity, with IT security budgets averaging $18.9 million compared to $8.9 million in 2018.

Continue reading →

Consumer VPN specialist ExpressVPN has announced a tie up with HP to have its software pre-installed on the company's consumer PCs.

As part of the deal selected machines will come with ExpressVPN's Windows app pre-installed to help protect customers' privacy and security on public Wi-Fi networks. HP consumer customers will also receive an exclusive free 30-day trial of the VPN service.

Continue reading →

A new report from secure collaboration platform Wire, produced in collaboration with a global poker champion, looks at the risks businesses run with cyber security and comparing them to other everyday occurrences, with some startling findings.

Among them are that an employee is three times more likely to infect a colleague with a malicious email than they are to spread the flu to their partner, and that an employee's chances of spotting a phishing email are as slim as hitting a specific number on the roulette wheel.

Continue reading →

Around two thirds of businesses have experienced a data breach in the last year and seemingly innocent workplace mistakes could be one of the main causes.

A new report produced by the Ponemon Institute for document security specialist Shred-it reveals that 71 percent of managers have seen or picked up confidential documents left on a printer.

Continue reading →

One year ago this week Facebook suffered a massive data breach that prompted the company to reset access for around 90 million accounts.

A year on from this event what has been done to make users' data more secure and are people becoming more aware of the risks to their privacy from using social networks and other sites? We spoke to Fouad Khalil VP of compliance at SecurityScorecard to discuss these things and more.

Continue reading →

Inefficient incident response to email attacks is costing businesses billions in losses every year. For many organizations, finding, identifying and removing email threats is a slow and manual process that takes too long and uses too many resources.

Research from Barracuda Networks finds that that, on average, a business takes three and a half hours to remediate an attack, and 11 percent of organizations spend more than six hours on investigation and remediation.

Continue reading →

Security researchers have discovered a modified version of the open source backdoor PcShare which seems to originate from a Chinese advanced persistent threat (APT) group.

The malware has been used to target technology firms, and it is deployed via side-loading by a legitimate NVIDIA application. As part of the attack, a Trojanized version of Windows' Narrator screen reading tool is used to gain remote access to systems without the need for credentials.

Continue reading →

The collapse of travel firm Thomas Cook has caused chaos for hundreds of thousands of holidaymakers around the world. But if losing out on planned trips was not bad enough, cybercriminals are taking advantage of the confused situation to scam customers out of their money.

There have been numerous reports of fraudsters pretending to be representatives of either Thomas Cook or a bank, using the promise of a refund to get people to part with bank account details.

Continue reading →