Having cloud storage is a reality of living and working in an ever more connected world, where we expect to have access to our data anywhere with an internet connection at the drop of a hat. Cloud storage makes it easier for us to travel, to share and most importantly keep our data safe. However, not all cloud storage solutions are created equal. While many commercial services are more quick and convenient, they sacrifice security in order to be more accessible. If you deal with sensitive data such as financial documents for clients, are you using a cloud solution that’s secure enough?
When using cloud services for storing and sharing critical documents it’s important to know if you’re using a solution that employs the highest levels of protection. To know if a cloud solution is secure enough, you need to determine if it has any of the following features:
Financial services are at greater risk of phishing and man-in-the-middle attacks on mobile devices than businesses in other industries according to a new report.
The study from mobile security specialist Wandera analyzed mobile device data from 225 financial services customers and reveals financial services organizations are experiencing a higher volume of phishing attacks than their peers in other sectors (57 percent compared to 42 percent cross-industry).
Time to dig out the tape and cover up your webcam. The Mac version of the video conferencing tool Zoom has been found to have a flaw that enables a website to switch on your webcam without permission, and without notification.
Despite having been discovered and reported to Zoom by a security researcher three months ago, the vulnerability is yet to be patched. In fact, Zoom disagrees that there is a security issue, although it does say that users will be granted greater control over videos in an update due for release later this month.
Cybercriminals are getting better at monetizing their activities, with more than two million cyber incidents in 2018 resulting in over $45 billion in losses, with actual numbers expected to be much higher as many cyber incidents are never reported.
The Internet Society's Online Trust Alliance (OTA) has released a report which finds the financial impact of ransomware rose by 60 percent last year, and losses from business email compromise doubled, despite the fact that overall breaches and exposed records were down.
Offensive Security has released Kali Linux for Raspberry Pi 4.
The new build of the security-focused distro comes just two weeks after the launch of the Raspberry Pi 4, the most powerful version of the mini-computer yet. Offensive Security says that the new build takes advantage of everything the Pi 4 has to offer.
Canonical -- the company behind the Ubuntu Linux distro -- is investigating an attack on its GitHub account over the weekend.
On Saturday, hackers were able to break into Canonical's GitHub account and create a number of new repositories. Named CAN_GOT_HAXXD, the eleven repositories were empty and have now been removed. Canonical says that no source code was accessed, but it is not yet known who carried out the attack.
In a new study of IT decision makers by Barracuda Network, 94 percent of participants admit that email is still the most vulnerable part of their organization's cyber security.
The survey of 280 decision makers focused on the email threat landscape and email security practises. It discovered that 75 percent have been hit with brand impersonation emails, the largest threat as identified in the survey with ransomware coming in second on 47 percent.
Scheduled vulnerability scanning can leave blind spots between scans leaving organizations vulnerable.
In response to this problem, Microsoft has partnered with a number of enterprise customers to create a new Threat and Vulnerability Management solution as a built-in feature of Microsoft Defender Advanced Threat Protection.
EA has fixed a series of security issues on its Origin gaming service which could have been exploited by attackers to take control of user accounts and gain access to personal data.
EA Origin's security flaws meant that more than 300 million gamers were put at risk. Israeli security firms Check Point said that attackers could take advantage of a "chain of vulnerabilities" to attack players of games such as FIFA, Maden NFL, NBA Live, UFC, The Sims, Battlefield, Command and Conquer, and Medal of Honor.
According to a 2018 IBM study, the average cost of a data breach for a U.S. company is $7.91 million, while the average cost of a lost or stolen record that contains sensitive or confidential information is $148. Unfortunately, these figures are only rising.
Cyber attacks continue to not only cost companies more money but have also grown larger and more aggressive because of how profitable cybercrime has become. Despite the ongoing advances in IT security, threats continue to emerge just as fast as security measures evolve. Though cybercriminals will continue to find new, creative ways to gain access to business data, there are simple tactics you can implement to better protect your company.
Every year a new iPhone hits the market and there are thousands of different Android devices in circulation. Both Apple and Google are constantly adding new features and functions to incorporate emerging technologies, maintain competitiveness, and cement their reputations as innovators.
Commercial focus typically sits with the clamor of more surface-level, UI related features like Memojis, Group FaceTime, gesture navigation, the features that consumers are drawn to rather than the patching of CVE-2018-4249. It’s all a matter of priorities, people want a device with all the mod cons, a mobile device just needs to be secure enough, meeting minimum expectations. It also doesn’t help that there has been a long held misconception that mobile OSs are secure enough and users don’t need a security solution. Despite mobile OSs becoming relatively hardened, usage is very different compared to traditional form factors, and there are a number of threat vectors that an OS can’t protect against.
Security researchers from Mimecast Threat Center have discovered an Excel exploit that could leave 120 million users vulnerable to attack.
The security flaw means that it is possible to use Excel's Power Query tool to dynamically launch a remote Dynamic Data Exchange (DDE) attack on a spreadsheet and actively control the payload. The researchers also found that Power Query could be used to embed malicious code in a data source and spread malware.
Google has a pretty good record when it comes to protecting its users against online threats. Part of this is its Safe Browsing technology which scans billions of URLs each day to discover dangerous websites.
But research by mobile threat defense specialist Wandera has discovered a disparity between the protections available within Google’s desktop browser compared to its mobile browser.
Cybersecurity is often as much about people as it is about technology. But despite increasing their spending, organizations are still struggling to close the cybersecurity skills gap.
Training and certification company Offensive Security is launching a new program for enterprises designed to simplify the cybersecurity training process and allow organizations to invest more in cybersecurity skills development.
Researchers at Check Point working with CyberInt have uncovered a chain of vulnerabilities in the Origin gaming client developed by Electronic Arts (EA). If exploited, the vulnerabilities could have led to player account takeover and identity theft.
Researchers have responsibly disclosed the vulnerabilities to EA, in accordance with coordinated vulnerability disclosure practices, to fix the vulnerabilities and roll out an update before threat actors could exploit the flaw.