Articles about Security

As systems become more complex it can be hard for enterprises to understand their IT environment, which presents a problem for operations and security teams.

Cloud-based security specialist Qualys is launching a new IT Asset Inventory cloud application to provide quick analysis of complex and interconnected global IT environments, and help collaboration on security remediation efforts.

Continue reading →

2018 saw a decline of 13 percent in the overall number of DDoS attacks when compared to the previous year, but cybercriminals are turning to longer, more sophisticated, mixed and HTTP flood attack techniques.

This is revealed in Kaspersky Lab's DDoS Q4 2018 Intelligence Report, which also shows the average attack duration has grown. Compared with the beginning of the year, the average length of attacks has more than doubled -- from 95 minutes in Q1 to 218 minutes in Q4 2018.

Continue reading →

Users of Trakt -- a service for "scrobbling", or tracking the movies and TV shows you watch in the likes of Plex and Kodi -- have received emails from the company notifying them of a data breach that took place way back in 2014.

Trakt says that although the security breach took place over four years ago, it only recently discovered it. The company says that an investigation is underway, but that it believes a "PHP exploit was used to capture data", including users' emails, usernames, encrypted passwords, names and locations.

Continue reading →

A new survey from identity platform Okta shows that 67 percent of knowledge workers prefer Microsoft Word over Google Docs, while only 15 percent report the opposite.

Another 16 percent identify Google Docs as a top-three most frustrating app. When it comes to email, 49 percent prefer Microsoft Outlook over Gmail, while 35 percent report the opposite.

Continue reading →

A disgruntled security researcher has revealed a one-click exploit that takes advantage of a macOS vulnerability to reveal all of the passwords stored in a Mac's keychain.

Linus Henze developed an exploit tool called KeySteal that uses a 0-day bug to extract keychain passwords on macOS Mojave and older. He stresses that neither root access nor administrator privileges are required, and no password prompts are generated by the tool. Henze is not going to help Apple to fix the problem because the company does not offer a bug bounty program for macOS.

Continue reading →

Airlines could be putting the personal data of their passengers at risk by using unencrypted links, according to a new report.

Researchers at security and data management company Wandera have uncovered a vulnerability affecting a number of e-ticketing systems that could allow third parties to view, and in some cases even change, a user's flight booking details, or print their boarding passes.

Continue reading →

To coincide with Safer Internet Day, search giant Google is launching two new tools to help users detect if their username and password have been compromised.

Google's own research published today shows that many people still reuse passwords. The new tools are designed to raise awareness of account issues.

Continue reading →

New research commissioned by Google, carried out by Harris Poll and released to coincide with Safer Internet Day suggests there is a gap between perception and reality when it comes to online security.

The majority of people (69 percent) give themselves an A or B when it comes to protecting their online accounts -- only five percent give themselves a D or an F. In fact, most people (59 percent) believe that their accounts are safer from online threats than the average person and 61 percent say they are too smart to fall for a phishing scam.

Continue reading →

The head of Instagram has announced plans to introduce "sensitivity screens" in the wake of concerns about the spread of photos of self-harm on the image-based social network.

Adam Mosseri says that Instagram will use image-blurring similar to that used on Facebook to hide graphic content. The move comes in the wake of the suicide of a British teenager, the parents of whom said self-harm images on Instagram were a contributing factor.

Continue reading →

Internet of Things devices are appearing in more and more companies, but with them comes the threat of cyberattacks.

To reduce this risk Extreme Networks is launching a simple security solution to help organizations protect unsecured IoT devices.

Continue reading →

The roll out of GDPR (General Data Protection Regulation) has changed the face of privacy and data protection for millions of people across Europe. The regulation not only grants people access to the personal data companies hold about them, but also controls how this data can be used and transferred.

Apple's Tim Cook has already voiced his support for GDPR and said that the rest of the world should implement similar regulation. Now he has been joined by Cisco in calling for data laws to be embraced by the US as they have been in Europe.

Continue reading →

Apple has issued an apology for the recently-discovered bug that made it possible to eavesdrop on people via FaceTime.

The company had promised that a software update would be delivered later this week, but the interim solution was to simply disable the group FaceTime feature server-side. Apple now says that the problem has been fully fixed, but a software update that re-enables the group function will not be issued until next week.

Continue reading →

Increasingly high profile one-off events like sports tournaments and elections are becoming the target of hackers.

Protecting these is tough because even if the hosts have a sound security infrastructure for day-to-day operations, they often don't have the resources necessary to lock down a large scale, high-profile event which requires additional physical and cybersecurity to protect against disruption, revenue loss or other irreversible damage.

Continue reading →

Over the past year, business email compromise (BEC) scams have jumped by 60 percent. In addition more than 90 percent of organizations report being hit by targeted email attacks, with 23 percent suffering financial damage as a result.

These findings come from the Q1 2019 Email Fraud and Identity Deception Trends report by secure email specialist Agari.

Continue reading →

Chief information security officers (CISOs) are now involved in 90 percent of significant business decisions, but just 25 percent of business executives see CISOs as proactively enabling digital transformation -- which is a key goal for 89 percent of organizations.

These are among the findings of a new study by IDC sponsored by Capgemini  but which also shows 15 percent still believe information security is a blocker of innovation.

Continue reading →