Articles about Security

Using code from the famous Mirai worm and the Azazel rootkit, HiddenWasp is a newly discovered malware strain targeting Linux systems.

HiddenWasp is slightly unusual in having Linux in its sights, and the targeted remote control tool is able to avoid detection by all major antivirus software. The malware is described as "sophisticated" as it comprises a deployment script, a trojan and a rootkit. This an  advanced backdoor attack tool that allows for complete remote control of a system.

Continue reading →

A new survey of more than 3,000 people around the world finds 46 percent of employees access personal documents on their work device without the IT department's permission.

The study from Snow Software also shows 41 percent of global employees are going behind IT's back to get professional software and applications.

Continue reading →

Cloudflare's 1.1.1.1 DNS switching tool has proved very popular with iOS and Android users looking to take control of their internet connections, and there was much excitement when the company announced that it would be releasing a free VPN tool called Warp.

At the moment, there is a lengthy waiting list for the free VPN (I'm number 278100 on the list, for instance) but we've been given a sneak peak at what to expect. Leaked screenshots show off the free VPN, and a video gives you an idea of the sort of performance you can expect.

Continue reading →

One of the best ways of preventing sensitive files from falling into the wrong hands is to encrypt them, but the process of encrypting and decrypting can be a chore, especially if you want to share the information.

VPN service NordVPN is set to launch its own NordLocker security tool, designed to safeguard files whether they are stored locally or in the public cloud, and make them easy to share.

Continue reading →

In 2019, cyber threats are occurring at a rapid pace. In fact, cyber attacks are the fastest growing crime globally and are continuously increasing in sophistication, size, and impact. At the same time, the number of qualified cybersecurity professionals is dwindling. In a recent blog post, Ann Johnson, the head of Microsoft’s cybersecurity solutions group, used estimated data from the research firm Cybersecurity Ventures to project a shortage of about 3.5 million qualified cybersecurity workers by 2022.

Artificial intelligence (AI) can serve as a helpful tool in cybersecurity. AI can help businesses of all sizes and across many industries better prepare for impending security threats. Here are three of the most impactful benefits of AI in online security:

Continue reading →

The more the internet has become essential to our daily lives, the more people are waking up to the threats that it poses to their safety.

In a new study by F-Secure, 71 percent of respondents say they feel that they will become a victim of cybercrime or identity theft, while 73 percent express similar fears about their children.

Continue reading →

According to a new study, businesses find identity and access management (IAM) and privileged access management (PAM) among their most difficult operational tasks.

The survey, by access management firm One Identity, of 200 attendees to the 2019 RSA Conference, finds that while a third of respondents say PAM is the most difficult operational task, only 16 percent of respondents cite implementing adequate IAM practices as a top-three concern when it comes to securing the cloud.

Continue reading →

Email is still the main vehicle for cybercriminals to deliver threats according to a new report, and 61 percent of IT decision makers think their organization will suffer a negative impact from an email-borne attack this year.

The study from email and data security company Mimecast shows that impersonation attacks have increased 67 percent in comparison to the results in last year's report.

Continue reading →

Flipboard is resetting the passwords of millions of users after suffering a data breach. Hackers were able to access databases containing usernames and passwords, as well as access tokens for some third-party services.

The company has not revealed how many users are affected by the security incident, but says that hackers had access to its systems for a nine months.

Continue reading →

In a world that is increasingly concerned about privacy and security, Bittium launches the Tough Mobile 2. Proudly billed as "the world's most secure smartphone" it takes a multilayered approach to security, combining both hardware and software solutions.

More than just secure, the Bittium Tough Mobile 2 -- as the use of the word "tough" would imply -- is also a rugged phone (although it does not proclaim to be the toughest phone in world). Designed and manufactured in Finland, the phone is aimed at professionals, and boasts "ultra secure communications without compromising usability".

Continue reading →

With a never-ending supply of new security threats presenting themselves every day, it can be tough for IT departments to keep up.

While perimeter security continues to be important, the sheer volume of novel attacks means that, eventually, an attack will bypass defenses and gain a foothold in the interior. To harden the network interior, best practice now calls for microsegmentation to achieve a zero trust environment, but that’s not easy to do.

Continue reading →

Market data firm Statista projects that by 2025, there will be 75 billion IoT devices in use. Smart devices are now found throughout most commercial offices, yet a lack of security could make them ticking time bombs. IoT devices often come with security shortcomings, and it can be difficult to detect when someone has exploited one of their vulnerabilities.

Why are IoT devices dangerous? It's not a single issue; rather, it's intrinsic to the way that the technology itself works.

Continue reading →

A new study from Censornet into the challenges facing cyber security professionals shows that 79 percent think their companies are suffering from a lack of resources, both in terms of people and technology, and 72 percent have considered leaving their jobs for this reason.

The survey also finds that security professionals are not being helped by their security solutions. 65 percent want more technology but the average number of security products used is already 33 and 57 percent report they are suffering from alert overload.

Continue reading →

Bad actors have been seeking opportunities to take advantage of unsophisticated netizens or unprotected organizations since the dawn of the World Wide Web, but today’s bad actors are in a class by themselves. Nation-state actors, often operating through a vast network of well-funded proxies, strive to exert influence, threaten stability, and sow discord through the mechanisms of cyberspace. Hacktivist organizations seek to undermine, damage or discredit organizations whose agendas and politics they oppose.

They may not be as well funded as nation-state actors, but they are populated by technically sophisticated people who have bought into a cause -- and when these people work together, they can pose serious threats to those with whom they disagree.

Continue reading →

Well-known security researcher and revealer of exploits SandboxEscaper has released details of a Windows 10 zero-day that affects Task Scheduler. This is far from being the first time we've heard from SandboxEscaper, and this time around the exploit could enable an attacker to gain full control of Windows 10 or Windows Server files.

The researcher has previously revealed details of numerous other security vulnerabilities in Windows, and promises: "I have four more unpatched bugs where that one came from". Furthermore, she says: "I'm donating all my work to enemies of the US".

Continue reading →