Articles about Security

Over 140 apps on the Google Play store have been discovered to contain malicious Windows executable files.

Researchers at Palo Alto Networks found that among the infected apps, several had more than 1,000 installations and carried 4-star ratings.

Continue reading →

Researchers at Kaspersky Lab have detected a new wave of spear phishing attacks disguised as legitimate procurement and accounting letters, that have hit more than 400 industrial organizations.

The emails have targeted approximately 800 employee PCs, mostly in Russian companies, with the goal of stealing money and confidential data from the organizations, which could then be used in new attacks.

Continue reading →

While breaches often focus on consumer or payment information, they also put at risk key intellectual property and business assets.

Virualization-based security specialist Bromium is announcing a new product called Protected App, which allows organizations to establish robust, end-to-end protection around their critical intellectual property (IP) and high value assets (HVAs).

Continue reading →

How much do you trust businesses with your data? A new report from CA Technologies reveals 48 percent of consumers have stopped using the services of an organization because of a data breach.

Yet the study, conducted by analysts Frost & Sullivan shows varying attitudes to data stewardship among businesses, with nearly half admitting to selling customer data, while claiming that data protection is paramount.

Continue reading →

Companies are facing a constant battle against cyber threats, add to this a growing skills gap and security teams don't always have the staff or knowledge to effectively monitor and respond to threats.

Automated detection and response company Fidelis Cybersecurity is launching a new managed detection and response (MDR) service to supplement in-house security resources.

Continue reading →

Traditional signature-based security solutions find it hard to keep up with the fast pace of malware development, so security companies are turning to other solutions.

FireEye is launching a new version of its Endpoint Security product with the addition of a machine learning engine called MalwareGuard.

Continue reading →

As businesses shift their systems to the cloud there is inevitably an increase in complexity that makes maintaining security more of a challenge.

Security policy management specialist AlgoSec is launching a new version of its Security Management Solution to enable policy management across clouds and software-define networks.

Continue reading →

Anyone who has dabbled in Bitcoin or other cryptocurrencies knows that the wallet process for storing and using coins can be a bit of a pain.

Wallet users are often forced to use long private keys and mnemonic phrases to back up their crypto-assets, with most wallet apps asking users to print their private keys and mnemonic phrases onto a piece of paper, something which can easily be lost or stolen.

Continue reading →

Thanks to legislation like GDPR businesses need to report data breaches promptly or face large fines. However, in the heat of a security incident it can be easy to overlook vital procedures.

Privileged account management specialist Thycotic is aiming to help with the launch of a free Incident Response Policy Template to help businesses take the right steps at the right time.

Continue reading →

Password manager app Dashlane is launching the latest version of its software complete with a new Identity Dashboard, which provides a complete picture of a user's online security and clear actionable steps to improve it.

The dashboard integrates dynamic new features like dark web monitoring, as well as a new Password Health assessment, that put people in complete control of their digital identities.

Continue reading →

IT security professionals are more than twice as worried about data breaches and cyberattacks today than they were this time last year according to two new reports.

The International Cyber Benchmarks Index and The Changing Face of Cyber Attacks, from the Neustar International Security Council (NISC), reveal the greatest threats as system compromises and ransomware, with 20 percent listing both as their primary concern

Continue reading →

Google now has its own hardware security keys -- the Titan Security Key. These FIDO-compatible keys include Google firmware that verifies the integrity of security keys at the hardware level. The Titan Security Key offers secure hardware-based two-factor authentication, and is available to Google Cloud customers.

The keys are similar to those offered by Yubico -- so similar, in fact, that the company has gone out of its way to stress that it is not manufacturing the devices for Google.

Continue reading →

The vulnerability scan results security departments issue to the operations teams typically contain hundreds of pages and thousands of vulnerabilities to address. It’s a massive list often containing some prioritization based on the criticality of the vulnerabilities observed; and for some more mature organizations, an assessment and opinion of the security team. Typically, operations teams care about security in the endpoints. But, their job is to guarantee uptime and user satisfaction, which often suffers when deploying patches requires reboots and application restarts. And then there’s the resource constraint issue, like the difficulty of prioritization in a world where everything seems to be urgent, the lack of visibility, questions around ownership and available time, and so on. It’s a tough ask to minimize the risk in the endpoints without a holistic, multi-departmental collaboration focused on specific risk policies and profiles.

Compliance pressure doesn’t help either, because frequently it ends up being just a check-box, and not a mechanism for improving security. Therefore, while the bare minimum is undertaken very reluctantly to satisfy the auditors, there’s still a significant amount of fire drill and distraction from the daily grind.

Continue reading →

Malware writers have been using a free market model to sell their wares for some time. The success of this approach is clear from new research by Positive Technologies that finds demand for malware creation on the dark web is three times greater than supply.

Demand for malware distribution is twice the supply. This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include malware-as-a-service and malware distribution-for-hire.

Continue reading →

Data breaches have serious consequences for SMBs and if not handled correctly can cause serious damage to the business.

It's perhaps no surprise then that according to a survey from IT infrastructure company Kaseya security remains the top IT priority for SMBs with 54 percent citing it as their main concern in 2018, up 14 percent from 2017.

Continue reading →