Articles about Security

IBM helps businesses prepare for next generation encryption


IBM Security is launching a new service that allows companies to experiment with fully homomorphic encryption (FHE) -- an emerging technology that allows data to remain encrypted while being processed or analyzed in cloud or third-party environments.

IBM Security Homomorphic Encryption Services provide companies with education, expert support, and a testing environment to develop prototype applications that can take advantage of FHE.

Continue reading

Prioritizing AppSec and data governance in 2021

For many organizations, the immediate shift to remote work meant IT pros had to manage a hyper-accelerated, mass cloud migration coupled with large-scale SaaS platform rollouts. Daily users of Microsoft Teams, for example, rose from 75 million to 115 million in less than six months. Now that the first tidal wave of digital transformation has passed, IT and security teams should recalibrate and reprioritize application security and data governance in 2021 and beyond.

And while the pandemic has underscored major SaaS platform security concerns, including a rise in sophisticated cyber threats, research indicates many organizations still struggle with the fundamental tasks needed to secure the workforce -- both remote and on-prem. Here are three common mistakes and how to avoid them.

Continue reading

Enabling zero trust for small and medium enterprises [Q&A]

Data cloud lock

The move towards zero trust has been one of the big security stories of 2020, driven by a switch to remote work, but so far it has been largely the preserve of bigger organizations.

Now though JumpCloud has added Conditional Access policies to its Directory Platform, enabling IT admins to adopt zero trust security from the same cloud platform that they use to manage and securely connect users to IT resources.

Continue reading

New spyware seeks to blackmail Android and iOS users

ransom note

Researchers at mobile device security company Lookout have uncovered a new strain of spyware targeting iOS and Android users in multiple Asian countries.

Called Goontact, it targets users lured to illicit sites and steals personal information stored on their mobile devices in order to carry out sextortion scams.

Continue reading

How to avoid getting caught in ransomware's crosshairs

ransomware key

Paying off a bad actor for successfully implementing ransomware into an organization is the enterprise equivalent of rewarding a bad child who vandalized a home with candy -- but unfortunately, many organizations often have no choice but to pay… and pay a lot.

Technology has enabled asymmetric attacks. In other words, one attacker can federate an attack across many organizations. The attacker needs to get the attack right once -- while the defenders (corporations, governments, hospitals, etc.) need to get their defense right every… single… time!

Continue reading

New account fraud is down partly thanks to selfies


New account fraud based on ID verification declined by 23.2 percent worldwide, year-on-year in 2020 according to a new report from AI-powered identity verification specialist Jumio.

Although selfie-based fraud rates were five times higher than ID-based fraud, this shows the growing number of stolen ID documents available on the dark web and, more importantly, the growing need to determine if an ID is authentic and belongs to the user.

Continue reading

Software industry turns to crowdsourced security during the pandemic

Online security

Among the many things that have changed in 2020 it's proved to be a record year for crowdsourced cybersecurity adoption, according to Bugcrowd.

Enterprises across all industries have been implementing crowdsourced cybersecurity programs to keep up with the evolving threat landscape. Bugcrowd has seen a 50 percent increase in submissions on its platform in the last 12 months, including a 65 percent increase in Priority One (P1) submissions, which refer to the most critical security vulnerabilities.

Continue reading

DDoS attacks up 287 percent as online gaming and gambling become prime targets

DDoS attack

A lockdown increase in online gaming activity has inevitably attracted attention from attackers, resulting in nearly 77 percent of cyberattacks targeting the online gaming and gambling industries in Q3 of 2020.

The latest DDoS Threat Report from Nexusguard also reveals a huge 287 percent increase in total DDoS attacks in the third quarter compared to the same period last year.

Continue reading

COVID-19 highlights barriers to zero trust adoption

Login key

With many large enterprises using Active Directory (AD) and Azure Active Directory (AAD) to control user permissions and access, this has become one of first places attackers look for weakness.

Add to this an acceleration of digital transformation projects due to the pandemic and more and more companies are looking to implement zero trust to stay secure. But a new report from One Identity suggests this transition may prove challenging.

Continue reading

Millions of medical images openly available online

Medical data risk

The analyst team at digital risk protection firm CybelAngel has discovered that more than 45 million medical imaging files, including X-rays and CT scans, are freely accessible on unprotected servers.

The findings are the result of a six-month investigation into Network Attached Storage (NAS) and Digital Imaging and Communications in Medicine (DICOM), the de facto standard used by healthcare professionals to send and receive medical data.

Continue reading

E-merchants: Secure your online sales from cybersecurity threats during Christmas and beyond

The Christmas shopping season is in full swing. This year, online retailers pushed the boundaries with "Black November" in the hopes of improving their online sales, thanks to the uncertainty around in-store shopping due to COVID-19, leading many customers to make their purchases from the safety of their own homes.

As a result, e-commerce merchants have witnessed a significant uptick in users and devices connecting to websites than in recent years.

Continue reading

Sophos launches open AI developments to fight cyberattacks

AI security

Cybersecurity company Sophos is announcing four new open artificial intelligence developments with the aim of improving defenses and making the use of AI in cybersecurity more transparent.

Although in other industries it's become common to share AI methodologies and findings, cybersecurity has lagged which doesn't help understanding of how AI can protect against cyberthreats.

Continue reading

Practical tips and advice for personal IoT security

Internet of things

The consumer Internet of Things (IoT) has exploded into the connected world, making domestic life richer, easier and more entertaining. Consumer IoT comprises a set of connected devices that have a discrete function, enabled or supplemented by a data-gathering capability through on-board sensors. In any home or office environment an individual may come into contact with 'smart' appliances or devices such as coffee machines, cameras, heating systems, locks, lights, health trackers, refrigerators and TV’s, to name a few.

Criticism of IoT security, or lack-thereof, has highlighted serious deficiencies in both design and implementation of IoT devices. Unfortunately, consumers are critically dependent on device manufacturers for the security of their devices. With a rushed and greater rate of adoption, a number of risks have been introduced, attracting close attention from threat actors aiming to steal valuable information and disrupt services. However, all hope is not lost -- at a consumer level, there are still a few basic techniques that can be used to protect IoT devices from attacks.

Continue reading

New platform helps protect IoT devices

Internet of things

There are likely to be around 31 billion IoT devices by the end of this year and we already know that they can be vulnerable to attacks.

Israeli company Karamba Security is launching its XGuard Monitor platform aimed at managing the security of large numbers of IoT devices.

Continue reading

Spammers get better at pretending to be banks

password theft

As always, spammers and cybercriminals seek to take advantage of the peak online shopping season covering Black Friday and the Christmas holidays.

The Bitdefender Antispam Lab has identified a series of campaigns impersonating online banking and financial organizations. In October six in 10 emails (58.84 percent) relating to the banking industry were fraudulent.

Continue reading

© 1998-2021 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.