Articles about Security

The private data of nearly half a million Google+ users was exposed to third-party developers, and Google failed to notify anyone. A bug in Google+ APIs meant that users' names, email addresses, occupations, gender and age were accessible from 2015 until Google discovered and patched the problem in March this year.

Despite the data possibly having been accessed by 438 apps, Google chose not to go public about the security breach until now. And in a dramatic move, the company has announced that it is shutting down Google+ for consumers. Google has also revealed details of Project Strobe, an audit program through which it discovered the problem.

Continue reading →

Security awareness training company KnowBe4 is launching a new version of its platform using artificial intelligence to identify evolving risks.

It includes a Virtual Risk Officer that helps security or IT professionals identify risks at the user, group or organizational level, resulting in better decision making for their security awareness plans.

Continue reading →

Google has announced that its Safety Centre hub is rolling out across Europe. The announcement means that people in Belgium, France, Germany, Italy, the Netherlands and the UK have access to Google's selection of tools and tips for staying safe online.

The launch has been timed to coincide with European Cyber Security Month, but Google doesn't quite seem to have decided how to spell the name of its own offering.

Continue reading →

In the modern world people often say they care about privacy, but their actions don't reflect their words. Exploring this privacy paradox is a new infographic from privacy app company Keepsafe.

It shows that 35 percent of people have concerns when making purchases on their mobile devices, but 43 percent do so anyway in the name of convenience.

Continue reading →

For enterprises looking to build new applications as the cornerstone of their digital transformation initiatives, techniques like DevOps are undeniably attractive.

But while they speed up development they also mean that nearly 70 percent of every application is made up of reusable components like third-party libraries, open source software. This means that applications can easily inherit the vulnerabilities in those components.

Continue reading →

Most companies consider hacker attacks to be the most dangerous threat, but according to a new report, insiders cause the majority of security incidents by either malicious or accidental actions.

The study from threat detection specialist Netwrix looks at the experiences and plans over 1500 organizations have in addressing IT risks. The insider threat is underlined by the fact that 44 percent of respondents either don't know or are unsure what their employees are doing with sensitive data.

Continue reading →

It's no surprise that the release of a new season of Fortnite has led to a rise in scammers keen to exploit gamers who are eager to sample the new software.

Among a rash of supposed free passes and free Android versions of the game that hide surveys and other nuisances, researchers at Malwarebytes have uncovered a malicious program seeking to steal data and Bitcoins.

Continue reading →

Around two-thirds of executives and IT professionals responding to a new survey believe that hackers would be able to penetrate their networks.

The study from security and application delivery company Radware focused on global companies and reveals that at least 89 percent of respondents have experienced attacks against web applications or web servers of the past year.

Continue reading →

Since the revelation that a "security issue" allowed hackers to steal access tokens to view people's Facebook accounts, the company has provided a further update about the incident. Facebook has already provided one update about the attack, but now the investigation has progressed and the social network is trying to offer reassurances to those who have understandable concerns about security.

The company says that the attackers did not access any apps that make use of Facebook Login, the system that makes it possible to sign into other accounts and services with Facebook credentials.

Continue reading →

While the majority of cyberattacks are aimed at businesses and other organizations, an increasing number are targeting ordinary users, according to the latest report from Positive Technologies.

The most attractive targets were personal data (30 percent) and credentials (22 percent), especially for online banking. To steal this data, attackers compromised a wide range of websites, including web stores, ticket vendors, and hotel booking services.

Continue reading →

Internet of Things security specialist ZitoVault has patented a new means of predicting upcoming cybersecurity events.

While most existing approaches only address the real-time detection of threats or anomalies based on a limited set of pre-established data points, ZitoVault's latest patent uses a new approach.

Continue reading →

2018 has seen nearly three times as many breaches at financial services organizations as there were in 2016, according to a new report.

The study by cloud access security broker Bitglass finds there have been 103 breaches in this year’s report compared to just 37 two years ago.

Continue reading →

Extensions are a great way to increase the capabilities of your web browser, but they can also be the source of problems. Malicious extensions can be a serious headache, and this is something that Chrome users know more than most. Now Google is looking to improve security.

The company has already promised that with Chrome 70 it is going to give users more privacy controls, and today it announced that this version of the browser will also introduce permission controls extensions. On top of this Google is introducing a new review process for extensions submitted to the Chrome Web Store, as well as placing a ban on extensions with obfuscated code.

Continue reading →

A new study by LogMeIn, the company behind the LastPass password manager shows that size matters in password security, but not in the way that you might think.

Looking at anonymized data from over 43,000 companies, the study produced a security score and a password strength score for each. Businesses with fewer than 25 employees had the highest average security score of 50, but the average drops as company size increases.

Continue reading →

The Guardian was among many outlets to write about the huge Facebook vulnerability and attack reported yesterday, and people were understandably keen to share the story on the social network. However, many people found that they were unable to do.

Large numbers of Facebook users who tried to share the Guardian's story -- as well as one published by the Associated Press -- were greeted by a message informing them that the messages was spam and could not be posted. The matter has been addressed, but it led to complaints that Facebook was trying to hush up the story, and renewed calls to #DeleteFacebook. On its blog, Facebook's security team has also given more details about the "security issue" that happened earlier this week,

Continue reading →