Articles about Security

New data from digital identity platform ForgeRock reveals that data breaches cost US organizations over $654 billion as well as exposing more than 2.8 billion consumer records.

Personally identifiable information (PII) was the most targeted data for breaches in 2018, accounting for 97 percent of all breaches, with unauthorized access encompassing 34 percent of all attacks.

Continue reading →

Despite businesses investing in next-gen technologies, phishing threats continue to become more sophisticated and effective according to a new report.

The study from intelligent phishing defense company Cofense shows how threat actors, armed with an ever-growing arsenal of tactics and techniques, continue to tweak their campaigns and enhance their capacity to deliver malware, ultimately getting more messages past perimeter controls to user inboxes.

Continue reading →

Traditionally, network architectures were designed and secured according to the "castle-and-moat" model. Like a medieval fortress, an enterprise data center was imagined to have impregnable and unbreachable walls. All traffic entering or exiting would pass through a single access point, where a security gateway appliance would sit, like a knight in shining armor. This device would police the network traffic on a packet-by-packet basis, allowing traffic it deemed ‘safe’ unrestricted access to the network’s trusted interior.

Although this model is as outdated as chain mail is for 21st-century military combat, its legacy endures in assumptions and presuppositions that can prevent business decision makers from choosing the most effective cybersecurity tools and solutions for today’s complex threat landscape.

Continue reading →

New research from threat detection specialist Senseon looking at the state of cyber security in SMEs reveals increasing uncertainty about whether the investment into the security solutions they’re currently using is worth the cost.

The survey also reveals that SMEs have been slow to implement AI solutions, despite the vast majority of SMEs surveyed (81 percent) thinking that AI will be fundamental to the future of cyber security.

Continue reading →

Two weeks after warning about a critical Remote Code Execution vulnerability in Remote Desktop Services, Microsoft is concerned that around a million internet-connected computers remain unpatched and vulnerable to attack.

The company says that there is a risk that CVE-2019-0708, or BlueKeep, could turn into the next WannaCry if steps aren't taken to secure systems. While there is not yet any sign of a worm that exploits the vulnerability, proofs of concept do exist, and it could only be a matter of time before this changes. Microsoft is taking the matter so seriously, that it even released security patches for the unsupported Windows XP, Vista and 2003 -- people just need to install them.

Continue reading →

Using code from the famous Mirai worm and the Azazel rootkit, HiddenWasp is a newly discovered malware strain targeting Linux systems.

HiddenWasp is slightly unusual in having Linux in its sights, and the targeted remote control tool is able to avoid detection by all major antivirus software. The malware is described as "sophisticated" as it comprises a deployment script, a trojan and a rootkit. This an  advanced backdoor attack tool that allows for complete remote control of a system.

Continue reading →

A new survey of more than 3,000 people around the world finds 46 percent of employees access personal documents on their work device without the IT department's permission.

The study from Snow Software also shows 41 percent of global employees are going behind IT's back to get professional software and applications.

Continue reading →

Cloudflare's 1.1.1.1 DNS switching tool has proved very popular with iOS and Android users looking to take control of their internet connections, and there was much excitement when the company announced that it would be releasing a free VPN tool called Warp.

At the moment, there is a lengthy waiting list for the free VPN (I'm number 278100 on the list, for instance) but we've been given a sneak peak at what to expect. Leaked screenshots show off the free VPN, and a video gives you an idea of the sort of performance you can expect.

Continue reading →

One of the best ways of preventing sensitive files from falling into the wrong hands is to encrypt them, but the process of encrypting and decrypting can be a chore, especially if you want to share the information.

VPN service NordVPN is set to launch its own NordLocker security tool, designed to safeguard files whether they are stored locally or in the public cloud, and make them easy to share.

Continue reading →

In 2019, cyber threats are occurring at a rapid pace. In fact, cyber attacks are the fastest growing crime globally and are continuously increasing in sophistication, size, and impact. At the same time, the number of qualified cybersecurity professionals is dwindling. In a recent blog post, Ann Johnson, the head of Microsoft’s cybersecurity solutions group, used estimated data from the research firm Cybersecurity Ventures to project a shortage of about 3.5 million qualified cybersecurity workers by 2022.

Artificial intelligence (AI) can serve as a helpful tool in cybersecurity. AI can help businesses of all sizes and across many industries better prepare for impending security threats. Here are three of the most impactful benefits of AI in online security:

Continue reading →

The more the internet has become essential to our daily lives, the more people are waking up to the threats that it poses to their safety.

In a new study by F-Secure, 71 percent of respondents say they feel that they will become a victim of cybercrime or identity theft, while 73 percent express similar fears about their children.

Continue reading →

According to a new study, businesses find identity and access management (IAM) and privileged access management (PAM) among their most difficult operational tasks.

The survey, by access management firm One Identity, of 200 attendees to the 2019 RSA Conference, finds that while a third of respondents say PAM is the most difficult operational task, only 16 percent of respondents cite implementing adequate IAM practices as a top-three concern when it comes to securing the cloud.

Continue reading →

Email is still the main vehicle for cybercriminals to deliver threats according to a new report, and 61 percent of IT decision makers think their organization will suffer a negative impact from an email-borne attack this year.

The study from email and data security company Mimecast shows that impersonation attacks have increased 67 percent in comparison to the results in last year's report.

Continue reading →

Flipboard is resetting the passwords of millions of users after suffering a data breach. Hackers were able to access databases containing usernames and passwords, as well as access tokens for some third-party services.

The company has not revealed how many users are affected by the security incident, but says that hackers had access to its systems for a nine months.

Continue reading →

In a world that is increasingly concerned about privacy and security, Bittium launches the Tough Mobile 2. Proudly billed as "the world's most secure smartphone" it takes a multilayered approach to security, combining both hardware and software solutions.

More than just secure, the Bittium Tough Mobile 2 -- as the use of the word "tough" would imply -- is also a rugged phone (although it does not proclaim to be the toughest phone in world). Designed and manufactured in Finland, the phone is aimed at professionals, and boasts "ultra secure communications without compromising usability".

Continue reading →