Articles about Security

The elements of cybersecurity hygiene and secure networks -- Part 2

Cloud data security

The blackhat hackers are evolving as quickly as technology is. To protect their sensitive information, companies can put documents in a public cloud. Why the public cloud? While it might seem that public cloud solutions are less reliable than traditional IT platforms, the reality is that they’re actually more secure. With the cloud, a company’s security team is able to monitor network audit logs more closely to detect any abnormalities. Furthermore, audit data can be easily centralized without having to navigate through inconvenient firewall interfaces and other closed proprietary systems. These components are essential for improving security procedures.

The public cloud also allows for more thorough security analyses after an audit. Cloud data analysis systems allow the audit data to be inspected in a more efficient, cost-effective way. These systems take in large quantities of information and are available whenever they’re needed. Real-time monitoring and automated alerts also allow for an immediate response in the event of a security breach. This can dramatically reduce the impact of security incidents and help pinpoint areas that need to be addressed. 

Continue reading

Rethinking browsers

Internet security with browser logos

With browsers often in the middle of many corporate activities, it’s no wonder that they are now subject to many of the same challenges encountered on desktops, smartphones and other hardware-based endpoints. Many IT pros wouldn’t consider browsers to be a critical network endpoint, but those pros would surely place importance on mobile devices, laptops, desktops and servers. Given the valuable role browsers play in accessing enterprise applications and information, it’s time to rethink how we classify them and, more importantly, how we manage and secure them.

Mobility and cloud computing are taking over today’s workforce, and the browser’s significance is trending. The majority of office applications -- such as Microsoft Office 365, Salesforce CRM, and the Zoho One business suite -- run in the cloud and are accessible via browser. These kinds of applications allow users to work from anywhere, at any time, using their laptops, smartphones and other browser-enabled devices.

Continue reading

Microsoft issues emergency patch to fix serious Internet Explorer zero-day vulnerability

Microsoft has issued an emergency, out-of-band patch for an Internet Explorer zero-day that was being actively exploited in targeted attacks.

The company says that it learned about the vulnerability through a report from Google. CVE-2018-8653 affects a range of versions of Internet Explorer from 9 to 11, across Windows 7 to 10 and Windows Server.

Continue reading

IoT malware up over 200 percent in 2018

Network security

New malware targeting IoT devices grew 72 percent, with total malware growing 203 percent in the last four quarters according to McAfee's third quarter threat report.

This growth has been partly due to devices being harnessed for cryptomining. IoT devices such as cameras or video recorders have not typically been used for this because they lack the CPU power of desktop and laptop computers.

Continue reading

One in three networks has exposed passwords

Stealing password from code

Passwords are exposed in Group Policy Preferences in 32.2 percent of networks, according to new research, leaving them open to the risk of hackers traveling laterally through the network.

The study from identity and access specialist Preempt also shows organizations lack visibility and control when it comes to their passwords and privileged users.

Continue reading

AI security solutions are popular with executives -- but are they really working?

AI security

According to a new study released by ProtectWise, AI has already established a strong foothold in the security space, with 73 percent of respondents reporting that they have implemented security solutions that incorporate at least some aspect of AI.

Most organizations cite AI's ability to improve the efficiency of security staff members and make investigation of alerts faster as top priorities.

Continue reading

The beginning of the end for the password, more regulation and more IoT risks -- cybersecurity predictions for 2019

2019 calendar

When we looked at security predictions at this time last year some experts were predicting that we'd see attacks on cryptocurrencies and that we'd continue to see a rise in the scale and profile of attacks.

They've been proved right on both counts over the course of 2018, so what is next year going to have in store? We've canvassed the views of a number of industry figures to find out what they see as the key security issues for 2019.

Continue reading

How to stop Windows 10 sharing your data

Stop hand signal

Earlier this week we reported on how Windows 10 could be sharing your activity data even if you had told it not to.

In response Microsoft has released a statement from Marisa Rogers, privacy officer at its Windows and Devices Group.

Continue reading

Email security threats that can ruin your company's holiday season

Most people understand that retail becomes a target for cybercriminals during the holidays. But even businesses not related to the retail sector will often find the holidays their most vulnerable time of year. After all, many individuals (that is, employees) are focused on wrapping up projects before the holidays truly start or are looking ahead to the coming year with the added distraction that the holidays bring.

Businesses need to protect themselves from potential cybersecurity threats during the busy holiday season -- many of which will come in the form of the world’s most commonly used utility, email. In this post, we will take a look at some of the biggest on-premises and cloud email security threats your business faces this holiday season.

Continue reading

Education sector poorly prepared for cyberthreats

Education internet

Data is a vital resource in the education sector and increasingly schools and colleges store information in digital form. Digital technology is also moving into the classroom, but of course all this comes with greater risk.

Yet according to new research from security rating service SecurityScorecard, across 17 industries in the US education comes second to last in terms of total cybersecurity.

Continue reading

The elements of cybersecurity hygiene and secure networks -- Part 1

The two fundamental building blocks in ensuring that your data is secure are physical infrastructure and network security. Understanding and protecting your information from threats and human error requires meticulously layered security protocols.

Last year, British Airways canceled over 400 flights and stranded 75,000 passengers because of an IT outage caused by an engineer who disconnected a power supply at a data center near London’s Heathrow airport. When it comes to data centers and networks, even minor human errors can have a major impact on businesses and their customers. With the exorbitant costs and human resources required to maintain an on-premise system, organizations should look to public cloud companies. These companies bring capital and expertise to the table to properly manage their data centers, which are better protected than those that most companies could put in place themselves.

Continue reading

60 percent of organizations have suffered disruptive cyber events in the last two years

Cyber disruption

A new study reveals that 60 percent of organizations globally have suffered two or more business-disrupting cyber events -- defined as cyberattacks causing data breaches or significant disruption and downtime to business operations, plant and operational equipment -- in the last 24 months.

What's more the research, carried out by the Ponemon Institute for cyber risk specialist Tenable, shows 91 percent have suffered at least one such cyber event in the same time period.

Continue reading

2018's worst password fails revealed

password note

Despite newer technologies, most of us still rely on passwords to secure our accounts. We are not, however, very good at choosing them or looking after them.

Password management company Dashlane has produced a list of the 10 worst password fails of 2018.

Continue reading

Phishing improves in quality as major brands are targeted

Phishing lock

It used to be easy to spot a phishing email, you just looked out for bad grammar and URLs that clearly didn't correspond to the organization being impersonated.

Recently though they've become harder to detect. According to the latest Global Threat Report from Comodo Cybersecurity, phishing really is getting better and it now represents one in every 100 emails received by enterprises.

Continue reading

Amplification bots used to raise the popularity and legitimacy of Twitter posts

Twitter bird megaphone

Earlier this year we looked at Duo Security's research into Twitter bots which focused on fake followers. The company has now published some further research looking at amplification bots.

So what is an amplification bot? They exist to boost content through likes and retweets. Duo has produced an algorithm to identify these bots and was able to find more than 7,000 over a 24 hour period.

Continue reading

© 1998-2019 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.