Articles about Security

According to research from Kaspersky Lab, 86 percent of CISOs believe that breaches are inevitable, but too many are stuck in a vicious circle of risk.

Financially motivated criminal gangs (40 percent) and malicious insider attacks (29 percent) are the biggest risks to their businesses, and these are the threats that are extremely difficult to prevent, either because they are launched by 'professional' cybercriminals or because they are assisted by employees who are expected to be on the right side.

Continue reading →

You've no doubt heard of Ring -- there’s near constant ads for it on TV these days, some featuring Shaquille O’Neal.

Ring became famous for its video doorbell that shows you who is outside, without you needing to open the door. The company has since expanded into video security cameras and full security systems, complete with camera, doorbell, sensors and all. Coverage runs you $10 per month, much cheaper than the big names that tend towards $30.

Continue reading →

One of the problems with buying an Android phone over an iPhone is the fact that you don't know how long you can expect to receive updates. There has long been criticism of the fact that many Android handsets are quickly abandoned while Apple pushes out iOS updates for a number of years.

We've heard suggestions that Google might start requiring handset manufacturers to provide updates for a minimum period, and now it seems that this has indeed been mandated. A leaked copy of a contract between Google and OEMs shows that there is now a requirement to release security updates -- or face the consequences.

Continue reading →

While people are still excited about Internet of Things technology, many are delaying buying over concerns about privacy and security.

A new survey from cyber security company F-Secure shows that 63 percent of early adopters are looking to purchase new devices, but 50 percent have delayed an IoT purchase because of security concerns.

Continue reading →

New research finds that that 83 percent of consumers will stop spending with a business for several months in the immediate aftermath of a security breach or a hack.

More than a fifth (21 percent) will never return to a brand or a business post-breach, representing a significant loss of revenue, according to the study from secure payments provider PCI Pal.

Continue reading →

Insecure and outdated web applications are a core source of high-profile data breaches among FT 500 global companies according to new research from web security company High-Tech Bridge.

The study reveals that abandoned, shadow and legacy web applications more or less nullify corporate cybersecurity spending and undermine compliance.

Continue reading →

It seems not a day goes by without a new cloud data breach making headlines. And though the victims change, the attack details remain the same. Why do organizations keep repeating the same cloud security mistakes? And how can we break free from this vicious cycle?

We spoke to Zach Malone, security engineer at security management specialist FireMon, who discusses these issues and tells us why, to identify the biggest threat to cloud security, we need to look in the mirror.

Continue reading →

Mozilla has announced a partnership with ProtonVPN as it explores new ways to keep people safe online.

Starting today, a select group of Firefox users in the US will see an ad for ProtonVPN encouraging them to take out a monthly subscription with the service. It's an experiment that is part of Mozilla's attempt to explore new revenue streams to help keep Firefox funded.

Continue reading →

Universities and colleges are uniquely attractive to cyber criminals, because a constantly changing population and the use of large numbers of BYOD machines means lots of potential vulnerabilities.

Privileged access management specialist Thycotic is releasing a free Cyber Security Toolkit for College Students and Families, aimed at providing an essential guide to help schools build an understanding of cyber best practices throughout their entire community.

Continue reading →

Earlier this year we covered some research from Duo Security published into the activities of Twitter bots. The company has now followed this with a look at how fake Twitter followers operate.

Traditional fake followers are challenging to detect on an individual level since they have very little (if any) activity other than following other accounts. However, because fakes operate in groups created by the same bot owner they do tend to share characteristics.

Continue reading →

Security gaps in key areas such as plain-text passwords, direct connections to the internet, and weak anti-virus protections are leaving industrial control systems vulnerable to attack according to a new report.

The study from ICS security company CyberX also shows that although the use of Windows XP has declined over the last year there are still older, unpatchable, Windows systems in slightly more than half of all industrial sites.

Continue reading →

Which subject lines make a person most likely to click a link in a phishing email? Security awareness training company KnowBe4 has analyzed data from simulated phishing tests and 'in the wild' emails to find out.

The most successful lines play on user's desire to remain secure with subjects relating to password checks the most clicked. On social media, messages about tagging or new profile views are most likely to be clicked.

Continue reading →

Email is still one of the most common ways for attackers to target individuals or businesses, whether it’s through phishing attacks or delivering malware. Although you may have protection measures in place it can be hard to know if they’re working effectively.

Intelligence-led security company FireEye is launching a new capability that allows organizations to evaluate email threat detection efficacy with a no-charge evaluation service

Continue reading →

We often hear the term 'ethical hacker', but what exactly does this involve and is it something you can actually make a career out of?

We spoke to Jim O'Gorman president of online penetration testing training provider Offensive Security to find out what being an ethical hacker is all about and what skills you need if you want to become one.

Continue reading →

In today’s cybersecurity landscape, the value of good cybersecurity tools is undeniable. What is more valuable are the people behind the tools -- however, the amount of open cybersecurity positions worldwide is growing year over year. Currently, there are more than 300,000 open cybersecurity roles in the U.S. alone, but by 2021, Cybersecurity Ventures expects that number will reach 3.5 million.

This gap is felt by cybersecurity leaders; in fact, a recent study found that more than 70 percent of the cybersecurity decision makers agree that their organizations do not have the staff or necessary resources to monitor all cybersecurity threats that their organizations face. With the number of cybersecurity openings growing yearly and the sophistication and frequency of cyberattacks increasing, in order to build the cybersecurity leaders of tomorrow, business leaders must turn their attention to things that they can control: investing in the right solutions and their staff.

Continue reading →