Articles about Security

A new study reveals that 60 percent of organizations globally have suffered two or more business-disrupting cyber events -- defined as cyberattacks causing data breaches or significant disruption and downtime to business operations, plant and operational equipment -- in the last 24 months.

What's more the research, carried out by the Ponemon Institute for cyber risk specialist Tenable, shows 91 percent have suffered at least one such cyber event in the same time period.

Continue reading →

Despite newer technologies, most of us still rely on passwords to secure our accounts. We are not, however, very good at choosing them or looking after them.

Password management company Dashlane has produced a list of the 10 worst password fails of 2018.

Continue reading →

It used to be easy to spot a phishing email, you just looked out for bad grammar and URLs that clearly didn't correspond to the organization being impersonated.

Recently though they've become harder to detect. According to the latest Global Threat Report from Comodo Cybersecurity, phishing really is getting better and it now represents one in every 100 emails received by enterprises.

Continue reading →

Earlier this year we looked at Duo Security's research into Twitter bots which focused on fake followers. The company has now published some further research looking at amplification bots.

So what is an amplification bot? They exist to boost content through likes and retweets. Duo has produced an algorithm to identify these bots and was able to find more than 7,000 over a 24 hour period.

Continue reading →

Many people will be receiving new tech gadgets over the Christmas period, including smartphones, gaming consoles, tablets, connected toys, and a whole range of apps to go with them.

But new research from from cybersecurity training organization the SANS Institute finds that while people are aware of the risks these devices can pose, they may not have the skills to properly protect them.

Continue reading →

We already knew that Google+ is closing down, but following the discovery of a second data leak, Google has announced that it is bringing the closure forward.

The company has revealed that a bug in the Google+ API exposed the data of 52.5 million users, and as a result it is expediting the shutdown. Previously due to close in August 2019, Google+ will now be killed off in April 2019.

Continue reading →

Businesses are starting to recognize that it may be impossible to keep attackers completely out of their networks, so they are starting to look for ways of fighting them more efficiently.

One of the ways of doing this is to use decoys to lure attackers and allow the threat to be dealt with before it affects live systems. We spoke to Carolyn Crandall, chief deception officer at Attivo Networks to find out more about how this deception technology works and what it can do.

Continue reading →

New research released by security awareness and email protection company Mimecast finds that more than two-thirds of employees admit to personal use of work devices during office hours.

Mimecast surveyed more than 1,000 people who use company-issued devices (such as mobile phones, desktop computers or laptops) in the workplace, in order to understand their behavior, but also their awareness of basic threats plaguing organizations.

Continue reading →

Operational technology is critical in areas like energy, oil and gas, manufacturing, and transportation, but it's often be based on legacy systems which can be difficult to keep secure, with updates often needing to be carried out using USB devices.

The threat of attacks is very real though and the consequences especially disastrous, yet many control systems are running outdated software, leaving them vulnerable to attack.

Continue reading →

Malware is constantly evolving in an attempt to steal data or make money for the people behind it. A new report by Malwarebytes Labs reveals the latest shift towards attacks that can avoid detection but also stay on a system to be reactivated later.

Using fileless malware is just one example among many attack methodologies currently evading traditional security defenses and maintaining persistence.

Continue reading →

Risk management and cybersecurity specialist SureCloud has discovered that the popular VTech Storio Max children's tablet can easily be hacked, enabling criminals to take control of the devices and snoop on unsuspecting victims.

This can be done by simply adding an image or link to a website. When accessed by a child via the tablet's web browser, the exploit would attack the tablet and enable the attacker to take full control of the device.

Continue reading →

In an interesting new trend some companies are claiming to be able to unlock encrypted files following a ransomware attack, but are in fact simply acting as brokers between victims and attackers.

Researchers at Check Point have discovered a Russian IT consultancy named Dr. Shifro that claims to unlock and recover consumers' and businesses' encrypted files.

Continue reading →

Question and answer site Quora has revealed that its user data has been compromised as a result of unauthorized access to its systems by a 'malicious third party'.

The breach occurred on Friday and Quora is still investigating the causes. It has taken the step of logging out all users who may have been affected and forcing them to reset their passwords. It also says it will continue to make security improvements.

Continue reading →

Cyberattacks are a global epidemic today. They target organizations, critical infrastructure, and governments around the world with timely, sophisticated attacks. Examples of this include ransomware attacks like Petya and WannaCry. These put some of the world’s most critical functions on hold for a while.

Another example was the Equifax data breach that affected about 143 million Americans. With the persistence of these attacks many people believe that by 2021 cybercrime will cause $6 trillion in damages.

Continue reading →

Netgear's Arlo cameras are so popular, that earlier this year, the brand was spun into its own publicly traded company (Arlo Technologies). The success of Arlo is hardly a secret -- it offers quality products that people like. What a crazy concept!

Today, Arlo announces an impressive outdoor wireless camera (that can also be used indoors). Called "Arlo Ultra," it offers 4K video streaming and recording. The weather-resistant UHD camera comes with the new Arlo SmartHub -- a wireless hub that serves as a range extender, but also, has a micro SD card slot for saving 4K video clips locally. Arlo Ultra comes with a free year of the Smart Premier cloud service, but it will only allow 1080p video saves without shelling out an additional annual fee.

Continue reading →