Articles about Security

Security operations centers are understaffed according to 45 percent of professionals who work in them, and of those, 63 percent think they could use anywhere from two to 10 additional employees.

This is among the findings of a new survey from Exabeam released today at Infosecurity Europe. It shows 62 percent of managers and frontline employees see inexperienced staff as a problem, compared to just 21 percent of CIO and CISOs.

Continue reading →

MyHeritage -- a website that helps people research their family tree and also offers a DNA testing service -- has suffered a "cybersecurity incident". A file containing the usernames and hashed passwords of more than 92 million users was discovered on an external server by a security researcher.

The file was found to be genuine and MyHeritage is now undertaking an investigation to determine what happened. The security breach affects all users who signed up to the site up to October 26, 2017. The company says that it is taking steps to inform the relevant authorities in line with GDPR.

Continue reading →

A study by cybersecurity company Webroot in conjunction with the Ponemon Institute finds Florida to be the worst state in the US for cyber-hygiene.

Ponemon surveyed 4,000 people across the US about their cybersecurity knowledge and internet safety practices. Wyoming and Montana come close behind Florida in poor internet habits. The safest online behavior is displayed in New Hampshire, Massachusetts, and Utah.

Continue reading →

A poll of 1,000 IT professionals across North America and Europe finds that while 88 percent of respondents acknowledge the importance of endpoint management, nearly a third don't know how many endpoints they actually manage.

The study by identity and access management company LogMeIn shows a worrying 30 percent of IT professionals don't know how many endpoint devices exist within their organization. Those who do report an average of 750 endpoints including servers, employee computers and mobile devices.

Continue reading →

Serverless computing is increasingly popular as it allows developers to upload code for functions to the cloud rather than run it on local servers.

But specialist in serverless security PureSec has released a report detailing how hackers can turn a single vulnerable serverless function into a virtual cryptomining farm by taking advantage of the scaleable nature of the architecture.

Continue reading →

Analysis of malware samples found among finance firms has uncovered an unusually large number of iSpy keylogger samples. iSpy is a variant of the notorious HawkEye logger.

Network-based malware protection specialist Lastline intercepted the logger's communication with the command and control server and detected the active exfiltration of website, email and FTP credentials, as well as license key information for installed products.

Continue reading →

A new survey from data analytics platform Sumo Logic finds a staggering 98 percent of European companies face organizational challenges implementing security in cloud environments.

The survey of over 300 IT security professionals responsible for environments with significant investment in both cloud and on-premise IT infrastructure covered the US and Canada, and Europe, The Middle East and Africa (EMEA).

Continue reading →

In the last 12 months, 44 percent of organizations have suffered at least one data breach. More worrying is that of those reporting a data breach, the average was almost 30 data breaches per organization in the last year.

This is according to a study from identity management company SailPoint, released at this week's Infosecurity Europe. These breaches cost the organizations nearly $1 million to address from an IT perspective, which excludes fines, lost revenue and brand damage.

Continue reading →

Event ticketing service Ticketfly -- owned by Eventbrite -- has fallen victim to what it describes as a "cyber incident". The company took down its website late on Thursday, and it remains inaccessible two days later.

The full extent of the security breach is not yet known, but Ticketfly says that "some client and customer information" was compromised. The attack saw the site defaced with an Anonymous-style masked figure from the movie V for Vendetta, and the hacker threatened to provide download links to customer databases. A hacker by the name of IShAkDz has claimed responsibility.

Continue reading →

Kaspersky has had something of a tough time of it over the last year, first being hit by a ban on its software being used by the US government, and then a ban on advertising on Twitter. The Russian company sued the Trump administration over the software ban, and a judge has now dismissed the suits.

Kaspersky Lab had been looking to overturn the governmental ban, saying "we've done nothing wrong" in response to claims that the company is linked to the Russian government. The firm says it plans to appeal against the latest ruling.

Continue reading →

It's well known that sound at particular levels can cause problems -- we've all seen demonstrations of wine glasses being shattered by high frequencies, for example.

You might not think that's much of an issue for computers, but researchers at the University of Michigan and Zhejiang University in China have shown that sounds can be used to interfere with disks.

Continue reading →

Application protection specialist Arxan Technologies is launching its latest Arxan for Android product.

It offers the industry's first protection technology for apps developed using Kotlin, the rapidly growing development language supported by Google for Android app development.

Continue reading →

While Wi-Fi security cameras are a super convenient way to monitor your home, understandably, some people might be nervous to use them. After all, a person's home is meant to be their sanctuary, so privacy is paramount. If a camera gets hacked, your private activities could be exposed. No hardware is 100 percent secure, so to mitigate your risk, you want to buy such cameras from reputable makers, such as Logitech with its excellent "Circle" cameras. You should avoid no-name manufacturers.

Today, a popular and reputable company -- D-Link -- unveils a trio of new Wi-Fi security cameras. They are shockingly affordable, starting at just $59.99. Fans of voice assistants will appreciate the Amazon Alexa and Google Assistant support.

Continue reading →

Over the weekend, the Bank of Montreal and Simplii Financial both issued statements indicating that they had fallen victim to hackers. In the case of Simplii Financial, around 40,000 customer accounts have been affected, but numbers have not been revealed for the Bank of Montreal.

Both banks' statements indicate that they were contacted by "fraudsters" on Sunday, May 27, but it is not clear whether the two incidents relate to the same group.

Continue reading →

Employee experience platform Sapho is announcing a new identity solution to simplify how employees authenticate into systems and access their data and daily workflows.

Sapho's patent-pending Consolidated Identity system means employees can access what they need from a variety of applications without having to go into each application separately.

Continue reading →