Security

Consumer threats declined by three percent in 2018 as cybercriminals learned that businesses can deliver a much bigger payout.

The latest State of Malware report from Malwarebytes shows consumer threats decreased steadily across the board including a 30 percent drop in adware, an 84 percent decrease in hijacker tools, a 28 percent decrease in worm activity and a 29 percent drop in ransomware.

Security awareness training company KnowBe4 has put together its latest list of the most-clicked phishing subject lines.

Popular categories for phishing messages include, deliveries, passwords, company policies, vacations and IT department. Other popular keywords are, Amazon, Wells Fargo and Microsoft.

Patching vulnerabilities is often seen as a key element of keeping systems secure. But a new report suggests businesses could be 'smarter' in their patching regimes and prioritize the issues that present most risk.

The study from Kenna Security suggests companies are increasingly recognizing that the majority of vulnerabilities are never weaponized or exploited in a cyberattack.

The four most prevalent malware types in 2018 were cryptominers and they impacted 37 percent of organizations globally.

The latest security report from Check Point shows that despite a fall in the value of all cryptocurrencies, 20 percent of companies continue to be hit by cryptomining attacks every week. At the same time ransomware attacks have fallen sharply, impacting just four percent of organizations globally.

Communications service providers were targeted by 65.5 percent of DDoS attacks in the third quarter of 2018 according to a new report.

The Q3 2018 Threat Report from Nexusguard shows attackers contaminated a diverse pool of IP addresses across hundreds of IP prefixes by using very small-sized junk traffic.

You have probably used your laptop in all sorts of places. As well as at home and in the office, you may well have used it in hotels, coffee shops and other locations that offer Wi-Fi access.

As such, you've almost certainly got a large number of Wi-Fi passwords saved on your computer, passwords that are seemingly inaccessible. But these saved passwords are accessible -- if you know where to look, that is. This is handy if you need the password to get your phone online, or another laptop. Here's how to recover saved Wi-Fi passwords.

A massive database leak -- dubbed Collection #1 -- has made its way to hacking forums, exposing millions of email addresses and passwords. The news was first shared by Troy Hunt -- the man behind Have I Been Pwned? -- who explains that the leak comprises, "many different individual data breaches from literally thousands of different sources".

Hunt explains that there are "1,160,253,228 unique combinations of email addresses and passwords", so there are a very large number of people that may have been affected by the leak.

Cybercriminals are increasingly recognizing that smaller businesses can be be lucrative targets as they are able to devote less resources to security.

Phishing defense specialist Cofense is launching a new Managed Security Service Provider (MSSP) program aimed at providing SMBs with human-driven solutions designed to stop active phishing attacks.

Researchers at security firm Check Point have uncovered vulnerabilities in the popular online game Fortnite that would allow attackers to intercept and steal Fortnite users’ login credentials without them being aware of the theft.

The attack manipulates Fortnite's login process to capture usernames and passwords. Armed with these details attackers could view any data stored in the game, buy more V-Bucks in-game currency at users' expense, and access all the user’s in-game contacts as well as listen in on and record conversations taking place during game play.

Security Information and Event Management (SIEM) lets security teams collect and analyze log data from across their IT infrastructure to help detect and combat threats and suspicious activity.

A new report for AlienVault produced by Cybersecurity Insiders reveals three-quarters of cybersecurity professionals believe SIEM is very or extremely important to their organization's security postures.

The average cost of a cyberattack is now estimated at $1.1 million, according to a new report from cybersecurity company Radware. For organizations that calculate rather than estimate the cost of an attack, that number increases to $1.67M.

The main impact of cyberattacks, as reported by respondents, is operational/productivity loss (54 percent), followed by negative customer experience (43 percent). What’s more, almost half (45 percent) report that the goal of the attacks they suffered was service disruption. Another third (35 percent) say the goal was data theft.

Google has reminded developers that their apps will be removed from the Play Store if they request SMS or Call Log permissions. The policy change was announced last year, and over the next few weeks the app removal process begins.

While these particular permissions have been used to give Android users a choice of dialers and messaging apps, Google says there have also been instances of abuse. The company is introducing far stricter restrictions in the name of privacy and protecting user data.

The latest Global Threat Index from Check Point shows that at the end of last year cryptominers still took the top three places in the malware charts, despite an overall drop in value across all cryptocurrencies in 2018.

Coinhive retained its number one position for the 13th month in a row, impacting 12 percent of organizations worldwide. XMRig was the second most prevalent malware with a global reach of eight percent, closely followed by the JSEcoin miner in third with a global impact of seven percent.

With the US government shutdown in its third week, President Trump continues to try to convince both his own party and the Democrats to agree to fund one of his campaign promises -- a wall on the southern border.

So far, the shutdown has seen national parks and more left unstaffed, and today is the first payday on which hundreds of thousands of federal workers will not receive a paycheck. Another side effect of the shutdown is that numerous government websites are offline as their TLS certificates have expired, and no one is available to renew them.

Netflix has millions of users around the world, but how many of these are actually paying customers? Many of us either know (or are) people who share their Netflix account with friends and family, or leech off the one person they know that's willing to pay for a subscription.

But Netflix free rides could be coming to an end. At CES, UK-based firm Synamedia revealed artificial intelligence software that could be used by Netflix and other companies to detect and block the sharing of account credentials.