Articles about Security

New research released by security awareness and email protection company Mimecast finds that more than two-thirds of employees admit to personal use of work devices during office hours.

Mimecast surveyed more than 1,000 people who use company-issued devices (such as mobile phones, desktop computers or laptops) in the workplace, in order to understand their behavior, but also their awareness of basic threats plaguing organizations.

Continue reading →

Operational technology is critical in areas like energy, oil and gas, manufacturing, and transportation, but it's often be based on legacy systems which can be difficult to keep secure, with updates often needing to be carried out using USB devices.

The threat of attacks is very real though and the consequences especially disastrous, yet many control systems are running outdated software, leaving them vulnerable to attack.

Continue reading →

Malware is constantly evolving in an attempt to steal data or make money for the people behind it. A new report by Malwarebytes Labs reveals the latest shift towards attacks that can avoid detection but also stay on a system to be reactivated later.

Using fileless malware is just one example among many attack methodologies currently evading traditional security defenses and maintaining persistence.

Continue reading →

Risk management and cybersecurity specialist SureCloud has discovered that the popular VTech Storio Max children's tablet can easily be hacked, enabling criminals to take control of the devices and snoop on unsuspecting victims.

This can be done by simply adding an image or link to a website. When accessed by a child via the tablet's web browser, the exploit would attack the tablet and enable the attacker to take full control of the device.

Continue reading →

In an interesting new trend some companies are claiming to be able to unlock encrypted files following a ransomware attack, but are in fact simply acting as brokers between victims and attackers.

Researchers at Check Point have discovered a Russian IT consultancy named Dr. Shifro that claims to unlock and recover consumers' and businesses' encrypted files.

Continue reading →

Question and answer site Quora has revealed that its user data has been compromised as a result of unauthorized access to its systems by a 'malicious third party'.

The breach occurred on Friday and Quora is still investigating the causes. It has taken the step of logging out all users who may have been affected and forcing them to reset their passwords. It also says it will continue to make security improvements.

Continue reading →

Cyberattacks are a global epidemic today. They target organizations, critical infrastructure, and governments around the world with timely, sophisticated attacks. Examples of this include ransomware attacks like Petya and WannaCry. These put some of the world’s most critical functions on hold for a while.

Another example was the Equifax data breach that affected about 143 million Americans. With the persistence of these attacks many people believe that by 2021 cybercrime will cause $6 trillion in damages.

Continue reading →

Netgear's Arlo cameras are so popular, that earlier this year, the brand was spun into its own publicly traded company (Arlo Technologies). The success of Arlo is hardly a secret -- it offers quality products that people like. What a crazy concept!

Today, Arlo announces an impressive outdoor wireless camera (that can also be used indoors). Called "Arlo Ultra," it offers 4K video streaming and recording. The weather-resistant UHD camera comes with the new Arlo SmartHub -- a wireless hub that serves as a range extender, but also, has a micro SD card slot for saving 4K video clips locally. Arlo Ultra comes with a free year of the Smart Premier cloud service, but it will only allow 1080p video saves without shelling out an additional annual fee.

Continue reading →

Marriott International has revealed that its Starwood Hotel reservation database has been hacked. An investigation carried out by the company revealed that hackers have had unauthorized access to the Starwood network since 2014.

The astonishing revelation means that information of half a billion guests could have been exposed -- including sensitive personal data such as home address and passport number -- and Marriott says there is evidence that data has been copied from its network.

Continue reading →

Cybercriminals are just as keen to exploit the holiday shopping boom as anyone else, with DDoS attacks on eCommerce providers increasing by over 70 percent on Black Friday compared with other days in November. On Cyber Monday, attacks increased by 109 percent compared with the November average.

Cloud anti-DDoS company Link11 has released data showing several attacks observed during Black Friday and Cyber Monday were of up to 100 Gbps bandwidth, and the average attack volume on both days was just under 6Gbps.

Continue reading →

There are many annoyances associated with owning a computer -- spam emails, phishing attacks, viruses and online advertising to name but a few -- but technical support scams are among the most worrying. They take advantage of people's ignorance and/or better natures, posing as tech support operatives from big companies over the phone.

Being one of the best-known technology companies in the world, it's little surprise that a huge number of these tech support scams purport to be Microsoft calling to offer help with computer problems. Such scams are responsible for conning people out of large amounts of money, but progress has been made in India where -- following reports from Microsoft -- arrests have been made at a number of call centers.

Continue reading →

Americans are more worried about a cyberattack disrupting the financial and banking system than attacks against hospital/emergency services, voting systems or power grid/energy supply companies.

This is among the findings of a survey by ESET to mark National Critical Infrastructure Security and Resilience Month, which surveyed 1,500 Americans to discover their views on critical infrastructure attacks.

Continue reading →

Dell has announced that it has instigated a mandatory password reset for customers after it suffered a cyberattack earlier in the month.

In a statement, the company confirmed that its network had been subject to "unauthorized activity" on November 9 in which attackers tried to gain access to customer information. Dell says that data was limited to names, email addresses and hashed passwords, adding there is "no conclusive evidence" that data was extracted. The forced password reset is described as a measure to "limit the impact of any potential exposure".

Continue reading →

An anti-fraud operation led by the FBI has succeeded in disrupting a scam that has seen cybercriminals using botnets to manipulate internet traffic from 1.7 million IP addresses and generate nearly 30 million dollars in fraudulent ad revenue.

The ad fraud ring, known as '3ve' had been operating for a number of years and built two different botnets by spreading Kovter and Boaxxe malware to individuals through spam emails and drive-by downloads.

Continue reading →

It's two years since international forces interfered with the security of the US elections. However, with the US midterm elections behind us and the presidential elections ahead, vulnerabilities in the country’s voting infrastructure still remain.

Simply put, it's not hard to hack into US voting systems. Don't believe it? Just ask the 11-year old who hacked a replica of the Florida election website to change results in under 10 minutes. We might not have seen widespread cyberattacks on the day of the midterms, but as we saw multiple opportunities for hacking and disruption in the run up, the presidential elections are already at risk.

Continue reading →