Articles about Security

Securing Internet of Things devices is an ongoing problem for businesses, developers often have to sift through a raft of unorganized and disparate information to find the IoT security solution that works best for them.

Identity and security specialist GlobalSign is launching an IoT developer program designed specifically to assist developers with device identity integrations that strengthen security operations for IoT and industrial IoT (IIoT) ecosystems.

Continue reading →

Hungarian airline Wizz Air has emailed millions of customers informing them that their passwords have been reset.

While the company is at pains to stress that it has not been the victim of hacking, nor is any personal information at risk, the email took many customers by surprise and raised concerns about a possible data breach.

Continue reading →

The Twitter account of Scotland Yard has been hit by hackers, resulting in a series of strange and offensive tweets being sent to hundreds of thousands of followers. The website for the Metropolitan Police was also hacked.

Tweets sent by the hackers made references to Keemstar as well as drill artist Digga D, calling for the rapper to be freed from prison. The attack by hackers also resulted in a series of emails being sent out to journalists via the Metropolitan Police's official email address.

Continue reading →

Bug bounty programs have become a popular way for companies to unearth security issues in software and address them quickly. Google is no stranger to such programs, and it has just announced massive increases to the payouts made for finding vulnerabilities in Chrome.

Some rewards have doubled while others have tripled, taking the maximum compensation for reporting a security flaw in Google's web browser -- and other Chromium-based browsers -- to an impressive $30,000.

Continue reading →

Slack has just been made aware of additional information about a security breach that took place back in 2015, forcing the company to reset the passwords of around 1 percent of its users.

The company announced earlier this year that it has a daily userbase of over 10 million people, so this means that a huge number of users are affected by the incident no matter how much Slack tries to downplay it.

Continue reading →

Microsoft has revealed that it has issued warnings to nearly 10,000 people that they are the targets or victims of state-sponsored hacking.

The announcement comes as Microsoft showcases election systems running Microsoft ElectionGuard which not only helps to increase security, but also makes voting more accessible. Microsoft reveals that the vast majority of the state-sponsored attacks targeted enterprise customers, but there were still a significant number of regular consumers affected.

Continue reading →

Having released a silent update last week to protect Zoom users from webcam hijacking, Apple has now pushed out a second security patch that is silently installed in the background.

This second patch addresses issues with the RingCentral and Zhumu videoconferencing tools. These apps suffered from a very similar vulnerability, putting users at risk, so Apple has stepped in once again to neutralize the problem.

Continue reading →

Increasing volumes of business network traffic are now directed at the cloud and companies need a cost effective way to secure them.

Symantec is announcing updates and innovations across its portfolio of products, giving enterprises the ability to enforce zero trust security policies across SaaS applications, corporate applications hosted in the cloud, email and the internet.

Continue reading →

Enterprises around the world are gaining control of previously unmonitored and unsupported cloud applications and mobile devices in their IT environments according to a new report.

The 2019 Trusted Access report from Duo Security looks at more than a million corporate applications and resources that Duo protects. Among the findings are that cloud and mobile use has resulted in 45 percent of requests to access protected apps now coming from outside business walls.

Continue reading →

I have a confession to make: I’m a PC anti-vaxxer. I just don’t trust all those patches and security "fixes" software companies want to foist upon my innocent little laptop. I mean, how do I know one of those updates won’t harm it? Most software platforms are now so complex, it’s nearly impossible to tell the impact a new library or DLL might have.

What if a patch makes my PC slower? I’ve heard about at least one "fix" -- to some made-up sounding bugaboo called "Spectre" -- that caused PCs to lose compute cycles. My little laptop struggles to handle daily life as it is. The thought of further handicapping it by compromising its processing speed seems downright cruel.

Continue reading →

If the word MouseJack seems familiar, it's because it as been around for a while. It is a remote access hack that emerged a few years back that took advantage of a vulnerability in some Logitech wireless dongles, as well as hardware from other manufacturers.

Being at least three years old, you would expect that patches would have been addressed -- and they were. But a large number of devices are still at risk because Logitech failed to recall the affect units that were on sale so there's a chance that if you bought a Logitech wireless keyboard, mouse or standalone dongle in the last few years, you could be at risk.

Continue reading →

As data protection legislation tightens and breaches continue to make headlines, there is increased pressure on businesses to implement security by design in their applications.

For many this has meant a move to DevSecOps. We spoke with Rusty Carter, vice president of product management at application security specialist Arxan to find out why this approach is becoming essential.

Continue reading →

You may well have suspected it, but now Google has confirmed it -- contractors for the company are able to listen to what you say to Google Assistant.

The revelation came after recordings of people using the AI-powered digital assistant were leaked. Belgian broadcaster VRT News obtained a large number of Dutch language recordings and was able to hear highly personal information about users -- even if they had not used the "OK Google" trigger words.

Continue reading →

Microsoft appears to be at it again, adding telemetry components into its operating system. This time around it is Windows 7 that gets the telemetry treatment, and Microsoft seems to have gone about things in a rather sneaky fashion.

The latest "security-only" update for Windows 7 includes a Compatibility Appraiser element (KB2952664) which performs checks to see whether a system can be updated to Windows 10. Hardly what most people would consider a security-only update. So what's going on?

Continue reading →

New data from the Capgemini Research Institute reveals that 69 percent of organizations believe that they won't be able to respond to critical cyber threats without AI.

Over half (56 percent) of executives say their cybersecurity analysts are overwhelmed by the vast array of data they need to monitor to detect and prevent intrusion. In addition, the type of cyberattacks that require immediate intervention, or that cannot be dealt with quickly enough by analysts, have increased

Continue reading →