Articles about Security

When we looked at security predictions at this time last year some experts were predicting that we'd see attacks on cryptocurrencies and that we'd continue to see a rise in the scale and profile of attacks.

They've been proved right on both counts over the course of 2018, so what is next year going to have in store? We've canvassed the views of a number of industry figures to find out what they see as the key security issues for 2019.

Continue reading →

Earlier this week we reported on how Windows 10 could be sharing your activity data even if you had told it not to.

In response Microsoft has released a statement from Marisa Rogers, privacy officer at its Windows and Devices Group.

Continue reading →

Most people understand that retail becomes a target for cybercriminals during the holidays. But even businesses not related to the retail sector will often find the holidays their most vulnerable time of year. After all, many individuals (that is, employees) are focused on wrapping up projects before the holidays truly start or are looking ahead to the coming year with the added distraction that the holidays bring.

Businesses need to protect themselves from potential cybersecurity threats during the busy holiday season -- many of which will come in the form of the world’s most commonly used utility, email. In this post, we will take a look at some of the biggest on-premises and cloud email security threats your business faces this holiday season.

Continue reading →

Data is a vital resource in the education sector and increasingly schools and colleges store information in digital form. Digital technology is also moving into the classroom, but of course all this comes with greater risk.

Yet according to new research from security rating service SecurityScorecard, across 17 industries in the US education comes second to last in terms of total cybersecurity.

Continue reading →

The two fundamental building blocks in ensuring that your data is secure are physical infrastructure and network security. Understanding and protecting your information from threats and human error requires meticulously layered security protocols.

Last year, British Airways canceled over 400 flights and stranded 75,000 passengers because of an IT outage caused by an engineer who disconnected a power supply at a data center near London’s Heathrow airport. When it comes to data centers and networks, even minor human errors can have a major impact on businesses and their customers. With the exorbitant costs and human resources required to maintain an on-premise system, organizations should look to public cloud companies. These companies bring capital and expertise to the table to properly manage their data centers, which are better protected than those that most companies could put in place themselves.

Continue reading →

A new study reveals that 60 percent of organizations globally have suffered two or more business-disrupting cyber events -- defined as cyberattacks causing data breaches or significant disruption and downtime to business operations, plant and operational equipment -- in the last 24 months.

What's more the research, carried out by the Ponemon Institute for cyber risk specialist Tenable, shows 91 percent have suffered at least one such cyber event in the same time period.

Continue reading →

Despite newer technologies, most of us still rely on passwords to secure our accounts. We are not, however, very good at choosing them or looking after them.

Password management company Dashlane has produced a list of the 10 worst password fails of 2018.

Continue reading →

It used to be easy to spot a phishing email, you just looked out for bad grammar and URLs that clearly didn't correspond to the organization being impersonated.

Recently though they've become harder to detect. According to the latest Global Threat Report from Comodo Cybersecurity, phishing really is getting better and it now represents one in every 100 emails received by enterprises.

Continue reading →

Earlier this year we looked at Duo Security's research into Twitter bots which focused on fake followers. The company has now published some further research looking at amplification bots.

So what is an amplification bot? They exist to boost content through likes and retweets. Duo has produced an algorithm to identify these bots and was able to find more than 7,000 over a 24 hour period.

Continue reading →

Many people will be receiving new tech gadgets over the Christmas period, including smartphones, gaming consoles, tablets, connected toys, and a whole range of apps to go with them.

But new research from from cybersecurity training organization the SANS Institute finds that while people are aware of the risks these devices can pose, they may not have the skills to properly protect them.

Continue reading →

We already knew that Google+ is closing down, but following the discovery of a second data leak, Google has announced that it is bringing the closure forward.

The company has revealed that a bug in the Google+ API exposed the data of 52.5 million users, and as a result it is expediting the shutdown. Previously due to close in August 2019, Google+ will now be killed off in April 2019.

Continue reading →

Businesses are starting to recognize that it may be impossible to keep attackers completely out of their networks, so they are starting to look for ways of fighting them more efficiently.

One of the ways of doing this is to use decoys to lure attackers and allow the threat to be dealt with before it affects live systems. We spoke to Carolyn Crandall, chief deception officer at Attivo Networks to find out more about how this deception technology works and what it can do.

Continue reading →

New research released by security awareness and email protection company Mimecast finds that more than two-thirds of employees admit to personal use of work devices during office hours.

Mimecast surveyed more than 1,000 people who use company-issued devices (such as mobile phones, desktop computers or laptops) in the workplace, in order to understand their behavior, but also their awareness of basic threats plaguing organizations.

Continue reading →

Operational technology is critical in areas like energy, oil and gas, manufacturing, and transportation, but it's often be based on legacy systems which can be difficult to keep secure, with updates often needing to be carried out using USB devices.

The threat of attacks is very real though and the consequences especially disastrous, yet many control systems are running outdated software, leaving them vulnerable to attack.

Continue reading →

Malware is constantly evolving in an attempt to steal data or make money for the people behind it. A new report by Malwarebytes Labs reveals the latest shift towards attacks that can avoid detection but also stay on a system to be reactivated later.

Using fileless malware is just one example among many attack methodologies currently evading traditional security defenses and maintaining persistence.

Continue reading →