Mobile security platform combines biometrics and behavior to enhance security
Multi-factor authentication specialist Veridium is launching a new behavior analytics feature to better protect user identities and prevent malicious activity.
Incorporated in the VeridiumID authentication platform, InMotion increases the reliability of all native biometrics for authentication by pairing behavioral data captured on smartphones with users' biometrics, making it more difficult for malicious actors to spoof their fingerprints or faces to gain access to accounts.
Americans more likely to stop dealing with a brand after a breach but Brits hold a grudge for longer
New research into consumer trust and spending habits by contact center payment security company PCI Pal shows 62 percent of Americans report that they will stop spending with a brand for several months following a hack or breach, versus 44 percent of Brits.
But when the British do react they do so for the long term, 41 percent of British consumers never return to a brand after a hack compared to only 21 percent of Americans.
The cloud moves too fast for security say 60 percent of security pros
Cloud-based business initiatives are accelerating faster than security organizations' ability to secure them according to 60 percent of respondents to a new survey.
The study by network security company FireMon also finds that in many cases security personnel are not even included in cloud business initiatives.
Cybercriminals earn over $3 billion a year from social platforms
Social media-enabled cybercrimes are generating at least $3.25 billion in global revenue annually according to a new report.
The study released by virtualization-based security company Bromium and researched and written by Dr Mike McGuire, senior lecturer in criminology at the University of Surrey, looks at the range of techniques used by cybercriminals to exploit trust and enable rapid infection across social media.
Senators want Huawei equipment removed from US power grid because of security concerns
Huawei may well be causing excitement with its foldable smartphone, the Mate X, but the company's troubles in the US continue. The American government has already banned the use of some Huawei equipment, including in 5G networks, and there are now calls for the shunning of the Chinese company to spread to the US power grid.
Although Huawei has remained defiant in the face of sanctions by the US, the Senate Intelligence Committee has now written to the Departments of Homeland Security and Energy, calling on them to block the company's network-connected hardware from being used in the electrical grid.
'Hi, how can we scam you today?' -- Office 365 phishing site comes with live chat support
An increasingly common -- and frankly rather annoying -- feature of many commercial websites is the little chat box that pops up in the bottom right corner and asks if you need any help.
Security researcher Michael Gillespie has revealed that an Office 365 phishing site is using this live support technique to give its page an air of legitimacy.
Drupal releases patch for 'highly critical' remote code execution flaw that puts millions of sites at risk
Sites based on the CMS Drupal are at risk from a remote code execution flaw which has been classed as "highly critical". Site owners are being urged to install updates to ensure they are protected.
The security flaw -- CVE-2019-6340 or SA-CORE-2019-003 -- affects Drupal 8.5.x and 8.6.x but there are certain conditions that must be met in order for a site to be vulnerable.
The changing enterprise mobile threat landscape
As enterprises continue the shift towards mobile devices there's concern that the risks could begin to outweigh the benefits.
Mobile security specialist Wandera has released a new report on the mobile threat landscape which looks at the risks faced by enterprise mobile users.
83 percent of US organizations have accidentally exposed sensitive data
According to a new survey 83 percent of security professionals believe that employees have accidentally exposed sensitive customer or business data at their organization.
The study from data protection specialist Egress also finds that accidental data breaches are often compounded by a failure to encrypt data prior to it being shared -- both internally and externally.
Security researchers reveal details of serious bug in compression tool WinRAR
If you're a user of WinRAR -- a staple tool for decompressing files whose popularity stems from not only its support for RAR files, but also its never-ending trial period -- it's time to ensure you have the latest security patch installed.
Security experts from Check Point Research have revealed details of a serious bug that has been present in the software for at least 14 years. The archiving tool was found to have a vulnerability in one of its .dll files, which could be exploited by simply opening a compressed file, and allows an attacker to "gain full control over a victim's computer".
Privacy: Facebook now lets Android users block background collection of location data
Faced with continued criticism about privacy, Facebook is rolling out an update to Android users that gives a greater degree of control over the sharing of location data with the social network.
Specifically, the update makes it possible to stop Facebook from using tracking your location in the background when you are not using the app. The change brings parity to the iOS and Android Facebook apps.
Employees and contractors expose information online in 98 percent of organizations
Employees and contractors are exposing confidential and sensitive information online and in the cloud in some 98 percent of organizations. This is found primarily in Dropbox, Google, and Microsoft SharePoint.
This is among the findings of a new report from insider threat specialist Dtex Systems which has analyzed information from work-issued endpoints and more than 300,000 employee and contractor accounts.
GitHub widens the scope of its bug bounty program and increases rewards
Now in its fifth year, the GitHub Security Bug Bounty has been updated to offer larger rewards to those who find bugs. At the same time, the scope of the program is being expanded and protections for researchers have been added through new Legal Safe Harbor terms.
As well as expanding the program to cover any of its "first-party services", GitHub has effectively removed any upper limit on the size of reward pay-outs for critical bugs.
Formjacking is the new cash generator for cybercriminals
The latest Symantec Annual Threat Report reveals that cybercriminals are continuing to follow the money, but as ransomware and cryptojacking show falling returns they are turning to other techniques.
One of these is formjacking -- essentially virtual ATM skimming -- where cybercriminals inject malicious code into retailers' websites to steal shoppers' payment card details.
Microsoft reveals Russian hacking attacks as it expands AccountGuard protection across Europe
Microsoft has revealed that it detected various attacks by Russian hackers targeting democratic groups in Europe. The company says that numerous attacks carried out between September and December 2018 can be linked to a group known as Strontium.
Also known as Fancy Bear, the group is a cyber espionage outfit with ties to Russian intelligence agencies. At the same time as revealing some details of the attacks, Microsoft also announced the expansion of its AccountGuard security program to more European countries ahead of European Parliament elections.
Recent Headlines
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.