Articles about Security

A new survey by machine identity protection company Venafi shows consumers don't trust major cyber security policies pushed by their governments.

Government officials in nearly every country believe the security risks inherent in government-mandated encryption backdoors are less important than giving law enforcement broad access to encrypted personal data. However, US and European consumers overwhelmingly disagree. When asked if laws allowing governments to access encrypted personal and private data would make them safer from terrorists 64 percent don’t agree.

Continue reading →

BullGuard is launching its range of 2020 security products which include a new Secure Browser and machine learning capabilities.

The 2020 product suite also now enables direct integration with BullGuard VPN to ensure users' privacy when connecting to public Wi-Fi.

Continue reading →

Increasing numbers of people are using digital platforms when engaging with their insurers and this opens up the industry to a range of new fraud challenges.

A new report from TransUnion and iovation identifies 9.14 percent of online insurance transactions as risky, compared to just over five percent across all industries.

Continue reading →

If you're using a third-party keyboard on your iPhone or iPad, Apple has a warning for you. A bug in the recently released mobile operating system means that such keyboards could be granted "full access" permissions.

The bug means that third-party keyboards could capture any and all keystrokes entered by a user, including sensitive data such as usernames and passwords.

Continue reading →

US retailers are under siege as nearly two thirds (62 percent) report experiencing a data breach and over a third (37 percent) say they were breached in the past year, according to the latest report produced by IDC for Thales.

This high rate of data breaches comes amidst a decline in the rate of growth in security spending. Less than two thirds (62 percent) say that they are increasing spending this year compared to 84 percent last year, yet nearly all (96 percent) of the retailers surveyed claimed they use sensitive data within digitally transformative environments.

Continue reading →

Only 15 percent of employees have all the resources they require to be productive on day one according to a new report from Ivanti.

When it comes to employee onboarding, 38 percent of IT professionals report it takes between two and four days to get a new employee everything they need to do their job, while 27 percent say accomplishing this goal can take more than a week.

Continue reading →

A new report from vulnerability management company RiskSense looks at the most common vulnerabilities used across multiple families of ransomware that target enterprises and government organizations.

Among its key findings are that almost 65 percent target high-value assets like servers, close to 55 percent have CVSS v2 scores lower than eight, nearly 35 percent are old (from 2015 or earlier), and the vulnerabilities used in WannaCry are still being used today.

Continue reading →

What makes us click on phishing links? A new study from Webroot has surveyed 4,000 office professionals from the US, UK, Japan and Australia to find out.

While a majority (79 percent) of people report being able to distinguish a phishing message from a genuine one, 49 percent also admit to having clicked on a link from an unknown sender while at work.

Continue reading →

Microsoft has released a pair of emergency patches, one for a remote code execution zero-day in Internet Explorer, and one for a denial of service vulnerability in Windows Defender.

In the case of Internet Explorer, the security flaw -- discovered by Clément Lecigne from Google's Threat Analysis Group -- is being actively exploited. Microsoft describes it as a "scripting engine memory corruption vulnerability", and has assigned it CVE-2019-1367.

Continue reading →

I recently heard an executive describe how his team essentially threw its vulnerability report in the trash every time they received one. This seemed a bit extreme, but he informed a group of conference attendees that it wasn’t because the vulnerability reports didn’t contain important information -- it was because they have become so overwhelming.

Vulnerability management vendors today are routinely scanning for more than 100,000 vulnerabilities. Imagine the strain that places on an organization if even only a fraction of these vulnerabilities are found within their network. Then consider the feeling associated with the knowledge that there is no possible way to address them all in an effective time frame that will ensure that you are not at risk.

Continue reading →

A new study from Optiv Security shows that 58 percent of CISOs think experiencing a data breach makes them more attractive to potential employers.

The survey results show a fundamental change in how senior executives and board members perceive cybersecurity, with 96 percent agreeing that senior executives have a better understanding than they did five years ago.

Continue reading →

A new network-based internet security solution from Comcast is specifically engineered to help small businesses effectively manage the growing risk of cyberattacks.

Comcast Business SecurityEdge works to protect devices connected to a business' Wi-Fi network against existing and emerging internet-related threats, including malware, ransomware, phishing and botnet infections, without requiring additional hardware or software beyond the Comcast Business Internet modem.

Continue reading →

According to a new study 90 percent of IT professionals believe disclosing vulnerabilities serves a broader purpose of improving how software is developed, used and fixed.

The survey from application security testing specialist Veracode finds more than a third of companies received an unsolicited vulnerability disclosure report in the past 12 months, representing an opportunity to work together with the reporting party to fix the vulnerability and then disclose it, improving overall security.

Continue reading →

The sophistication level of bots attacking eCommerce sites is on the rise according to a new report from cybersecurity company Imperva.

Traffic to eCommerce sites is made up of 17.7 percent bad bots, 13.1 percent good bots and 69.2 percent humans, the findings show, and the bad bots are getting better -- but not in a good way.

Continue reading →

The rise of cyber-attacks in the last few years is stunning. The list of targeted organizations includes big name retailers like Macy’s, social sites like Twitter, banks, hospitals, utility companies, governments, military installations… no organization is exempt from this growing threat.

It’s a massive -- and expensive -- problem to fix. The cyber security market is predicted to grow from $150 billion in 2018 to $250 billion by 2023, to help protect apps and businesses from these risks. One of the most common, yet potentially highly dangerous, risks is known as Cross-Site Request Forgery or CSRF.

Continue reading →