Articles about Security

How blockchain is set to change the world

Blockchain header

In most people's minds blockchain technology is associated with cryptocurrency, but it has potential to be useful in a whole range of other areas.

Consumer research company The Opinion Economy has produced an infographic to highlight the potential of blockchain in a whole range of areas.

Continue reading

Publicly disclosed vulnerabilities continue to rise

Attack route

The first quarter of 2018 has shown a 1.8 percent increase in the number of disclosed vulnerabilities over the same period in 2017, with 5,375 unique vulnerabilities reported.

This is one of the findings of Risk Based Security's latest Vulnerability QuickView Report, which suggests that unless the rate of increase slows down 2018 will be another record year.

Continue reading

100 percent of organizations have active insider threats

insider threat

A new study from user behavior intelligence specialist Dtex Systems has uncovered active insider threats in all of the organizations it assessed.

Failure to gain visibility is allowing malicious and negligent employees to engage in undetected high-risk activities on every endpoint, on and off the network.

Continue reading

Kaspersky to move data from Russia to Switzerland to improve transparency

Kaspersky Switzerland

Kaspersky Lab has announced that it plans to move data out of Russia and into a new data center in Switzerland. The move is part of the company's Global Transparency Initiative which came in response to concerns about ties to the Russian government.

Software produced by Kaspersky has already been banned from US government systems, and the company has been on a mission to prove that Russia is not spying on other countries via its antivirus tools.

Continue reading

Cryptomining malware targets unpatched servers

server vulnerability

Cybercriminals are increasingly targeting unpatched server vulnerabilities to infect machines with cryptomining malware, according to a new report.

The study from Check Point Software Technologies sees cryptomining malware dominate Check Point’s Top Ten Most Wanted Malware Index, the Coinhive variant retains the top spot with a global reach of 16 percent. Cryptoloot -- another crypto-mining malware -- is close behind with a global reach of 14 percent, while the Roughted malvertising malware came in third (11 percent).

Continue reading

Apps based on Electron framework are vulnerable to attack

Electron logo

The Electron framework -- the basis of popular apps including Skype, Slack, Signal and WordPress -- has been found to contain a security flaw that leaves it vulnerable to attack.

The GitHub-created tool has a vulnerability that allows hackers to execute arbitrary code on remote systems. CVE-2018-1000136 affects Electron 1.7.13 and older as well as Electron 1.8.4 and 2.0.0-beta.3, and the problem exists because of the interaction between Electron and Node.js.

Continue reading

Shadow devices put enterprise networks at risk

Shadow IT

A new study finds that enterprise networks have thousands of shadow personal devices including laptops, tablets and mobile phones, as well as Internet of Things devices -- such as digital assistants and smart kitchen appliances -- connecting to them.

The report from network control company Infoblox shows 35 percent of companies in the US, UK and Germany reported more than 5,000 personal devices connecting to the network each day.

Continue reading

Google will require OEMs to provide regular Android security updates

Android phone installing updates

The fragmentation problem that affects Android not only means that there are a tiny number of users running the latest version of Google's mobile operating system, but also that many handsets are not patched with the latest security update. This could be about to change.

At its I/O developer conference this week, Google announced that its security policies will be changing. While its not clear when this could happen, the company will require some smartphone manufacturers to roll out regular security updates to users.

Continue reading

Mobile ad fraud almost doubles compared to 2017

mobile shield

A new report from mobile measurement company Adjust reveals that in the first quarter of this year mobile ad fraud nearly doubled over the same period in 2017.

Adjust measured 3.43 billion app installs and over 350 billion events, processing and analyzing 125 terabytes of data per day from 20,000+ apps over the first three months of 2018.

Continue reading

Iran could launch cyber attacks in response to renewed sanctions

Iran flag

President Trump's re-imposition of sanctions against Iran could lead the country to respond by launching cyber attacks on Western businesses within months, according to a new report.

Threat intelligence company Recorded Future has today released new research and analysis into the Iranian cyber threat.

Continue reading

Most companies not putting adequate investment into application security

open digital lock

According to a new survey from Arxan, only 25 percent of respondents say their organization is making a significant investment in solutions to prevent application attacks.

This is despite awareness of the negative impact of malicious activity. A worrying 65 percent of companies say they would be spurred to increase application protection measures only after an end user or customer was negatively affected.

Continue reading

Data breach activity declines sharply in 2018

data breach

The number of data breaches disclosed in the first three months of this year fell to 686 compared to 1,444 breaches reported in the same period of 2017, according to a new report.

This still represents the exposure of some 1.4 billion records, although this figure too is down from 3.4 billion in the same quarter last year.

Continue reading

Younger generations lack understanding of cybersecurity careers

Red and blue security padlock

It's been accepted wisdom for some time that an injection of extra talent is needed to solve the cybersecurity skills shortage.

Further confirmation of this comes in the form of a report from ProtectWise looking at the survey responses of 524 technology-savvy millennials and post-millennials in the US, conducted by Enterprise Strategy Group (ESG), to see if there were potential answers to the security skills shortage.

Continue reading

Microsoft's Meltdown patch for Windows 10 has a 'fatal flaw'

Spectre and Meltdown 3D renders

If you've not updated to Windows 10 April 2018 Update but you have installed Microsoft's Meltdown patches from a few months ago, your computer is vulnerable to a "fatal flaw".

This is not the first time a patch for the Meltdown vulnerability has led to problems with Windows, but previously it was Windows 7 and Windows Server 2008 that were affected. A security researcher found that Microsoft's patch for Windows 10 "undermined the mitigation", and while the problem has been fixed in the April 2018, the company is still working on backporting an updated patch for older versions of Windows 10.

Continue reading

Twitter warns all users to change passwords after 'bug' left credentials stored in plaintext

Twitter security logos and fingerprints

Twitter has issued a warning to its 330 million users, urging them to change their passwords. The security announcement comes after the company discovered a bug that left passwords stored in unencrypted form in internal logs.

While Twitter says that the bug has been fixed and that the plaintext logs have been deleted, it is encouraging the password change out of "an abundance of caution".

Continue reading

© 1998-2018 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.