Articles about Security

Email attacks are causing major problems for IT professionals, with over a third (38 percent) blaming them for increased stress at work.

A survey of 660 IT professionals by Barracuda Networks reveals that 38 percent also admit to worrying about email attacks outside of work hours and 16 percent have canceled personal plans due to email attacks.

Continue reading →

There has been a degree of confusion over the last few days after news spread of a supposed vulnerability in the media player VLC. Despite being labelled by security experts as "critical", VLC's developers, VideoLAN, denied there was a problem at all.

And they were right. While there is a vulnerability, it was in a third-party library, not VLC itself. On top of this, it is nowhere near as severe as first suggested. Oh -- and it was fixed over a year ago. An older version of Ubuntu Linux was to blame for the confusion.

Continue reading →

Reports have emerged of a security bug in the Windows and Linux versions of VLC, making it vulnerable to remote-code execution via malicious videos. But although German and American security experts have branded the flaw as "critical", VLC-maker VideoLAN is downplaying things.

In fact, more than downplaying the vulnerability, VideoLAN is flat-out denying that it exists, with the software developer dismissing it as "fake news". [UPDATE: the vulnerability has now been pretty much debunked]

Continue reading →

In the past three months 22 percent of businesses have suffered a data breach as a result of an email attack according to a new report.

The study released by email security platform GreatHorn spoke to more than 1,000 professionals to get a better understanding of the current state of enterprise email security.

Continue reading →

Password stealing malware is a key weapon in the cybercriminals' armoury, seeking to grab data directly from users' web browsers using a range of methods.

According to new data from Kaspersky, the number of users, targeted by password stealers, has peaked from less than 600,000 in the first half of 2018 to over 940,000 during the same period in 2019.

Continue reading →

Securing Internet of Things devices is an ongoing problem for businesses, developers often have to sift through a raft of unorganized and disparate information to find the IoT security solution that works best for them.

Identity and security specialist GlobalSign is launching an IoT developer program designed specifically to assist developers with device identity integrations that strengthen security operations for IoT and industrial IoT (IIoT) ecosystems.

Continue reading →

Hungarian airline Wizz Air has emailed millions of customers informing them that their passwords have been reset.

While the company is at pains to stress that it has not been the victim of hacking, nor is any personal information at risk, the email took many customers by surprise and raised concerns about a possible data breach.

Continue reading →

The Twitter account of Scotland Yard has been hit by hackers, resulting in a series of strange and offensive tweets being sent to hundreds of thousands of followers. The website for the Metropolitan Police was also hacked.

Tweets sent by the hackers made references to Keemstar as well as drill artist Digga D, calling for the rapper to be freed from prison. The attack by hackers also resulted in a series of emails being sent out to journalists via the Metropolitan Police's official email address.

Continue reading →

Bug bounty programs have become a popular way for companies to unearth security issues in software and address them quickly. Google is no stranger to such programs, and it has just announced massive increases to the payouts made for finding vulnerabilities in Chrome.

Some rewards have doubled while others have tripled, taking the maximum compensation for reporting a security flaw in Google's web browser -- and other Chromium-based browsers -- to an impressive $30,000.

Continue reading →

Slack has just been made aware of additional information about a security breach that took place back in 2015, forcing the company to reset the passwords of around 1 percent of its users.

The company announced earlier this year that it has a daily userbase of over 10 million people, so this means that a huge number of users are affected by the incident no matter how much Slack tries to downplay it.

Continue reading →

Microsoft has revealed that it has issued warnings to nearly 10,000 people that they are the targets or victims of state-sponsored hacking.

The announcement comes as Microsoft showcases election systems running Microsoft ElectionGuard which not only helps to increase security, but also makes voting more accessible. Microsoft reveals that the vast majority of the state-sponsored attacks targeted enterprise customers, but there were still a significant number of regular consumers affected.

Continue reading →

Having released a silent update last week to protect Zoom users from webcam hijacking, Apple has now pushed out a second security patch that is silently installed in the background.

This second patch addresses issues with the RingCentral and Zhumu videoconferencing tools. These apps suffered from a very similar vulnerability, putting users at risk, so Apple has stepped in once again to neutralize the problem.

Continue reading →

Increasing volumes of business network traffic are now directed at the cloud and companies need a cost effective way to secure them.

Symantec is announcing updates and innovations across its portfolio of products, giving enterprises the ability to enforce zero trust security policies across SaaS applications, corporate applications hosted in the cloud, email and the internet.

Continue reading →

Enterprises around the world are gaining control of previously unmonitored and unsupported cloud applications and mobile devices in their IT environments according to a new report.

The 2019 Trusted Access report from Duo Security looks at more than a million corporate applications and resources that Duo protects. Among the findings are that cloud and mobile use has resulted in 45 percent of requests to access protected apps now coming from outside business walls.

Continue reading →

I have a confession to make: I’m a PC anti-vaxxer. I just don’t trust all those patches and security "fixes" software companies want to foist upon my innocent little laptop. I mean, how do I know one of those updates won’t harm it? Most software platforms are now so complex, it’s nearly impossible to tell the impact a new library or DLL might have.

What if a patch makes my PC slower? I’ve heard about at least one "fix" -- to some made-up sounding bugaboo called "Spectre" -- that caused PCs to lose compute cycles. My little laptop struggles to handle daily life as it is. The thought of further handicapping it by compromising its processing speed seems downright cruel.

Continue reading →