Articles about Security

When asked which items would concern them most if stolen, 55 percent of Americans responding to a new survey named personal data, compared to 23 percent their wallet, 10 percent their car, and just six percent each their phone or house keys.

The study by cyber security and application delivery company Radware  surveyed over 3,000 US adults finds that social security numbers are the data people value most with 54 percent saying they would be most concerned if this was stolen.

Continue reading →

Since switching all of its sites to secure HTTPS rather than plain old HTTP, the BBC has found that it is completely blocked online in China.

The corporation has issued a statement recommending that people in the region looking to access its services should turn to either a VPN, or the censorship-busting app Psiphon.

Continue reading →

A large majority of organizations are struggling to implement security into their DevOps processes, despite saying they want to do so, according to a new report.

The study commissioned by application security specialist Checkmarx looks at the biggest barriers to securing software today depending on where organizations sit on the DevOps maturity curve.

Continue reading →

How do you know if you're reading tweets from a real person or a bot? As bot technology becomes more sophisticated it's increasingly hard to tell.

Researchers at Duo Security have collected and analyzed data from 88 million public Twitter accounts using machine learning to spot the tactics used by malicious bots to appear legitimate and avoid detection.

Continue reading →

A major virus infection forced the closure of Taiwan Semiconductor Manufacturing Company (TSMC) factories just before the weekend; some remain closed or only partly-operational. TMSC is the largest semiconductor manufacturer in the world and is responsible for producing iPhone processors for Apple.

The company issued a statement indicating that it was not carried out by a hacker. The impact on Apple's iPhone production schedule is also not known, although TSMC expects the incident "to cause shipment delays and additional costs".

Continue reading →

Fortnite for Android is one of the most eagerly-anticipated game launches of recent times, but the impending release could turn out to be something of a security nightmare. Following on from recent rumors, Epic Games has confirmed that Fortnite will not be made available through the Google Play Store.

Instead users will have to download the game directly from Fortnite.com -- something which means they will have to lower the security settings for their phone by allowing the installation of apps from unknown sources. Despite the security risks involved in this, Epic is eager to avoid paying a 30 percent cut to Google for Play Store distribution; but how long before the plan backfires?

Continue reading →

Increasingly cybercriminals are using their initial attacks to probe systems and look for other vulnerabilities or network resources that they can later exploit.

Threat detection platform Preempt is launching new capabilities that allow enterprises to prevent lateral movement and unauthorized domain access due to the misuse of network credentials in reconnaissance tools.

Continue reading →

Security and operations teams often have no reliable way to assess the current state of endpoints across their enterprise.

Lack of visibility is a major concern which leads to greater risk of a breach and a lack of information to take appropriate action after a problem occurs.

Continue reading →

SMBs are just as likely to be attacked by cybercriminals as larger businesses, yet they lack the budgets and resources to secure their systems and deal with the aftermath of an attack.

It’s not surprising then that a poll of more than 350 SMBs worldwide by cybersecurity specialist Untangle finds that firewall and network security are rated as the top security concerns, particularly as more systems move to the cloud.

Continue reading →

Researchers at Trustwave have uncovered an attack on tens of thousands of MikroTik routers which is being used to embed CoinHive cryptominer scripts in websites.

A surge in CoinHive actvity in Brazil at the start of this week alerted researchers that something was happening. Further investigation showed that MicroTik devices were at the root of the problem and all were using the same CoinHive site key.

Continue reading →

Reddit has revealed details of a security breach that enabled a hacker to gain access to private messages, usernames and encrypted passwords. The self-proclaimed "front page of the internet" is undertaking an investigation and taking steps to improve security.

The attack took place between June 14 and June 18 this year, and the perpetrator was able to access "all Reddit data from 2007 and before including account credentials and email addresses", the site said in an announcement. The breach was made possible after the attacker beat SMS-based two-factor authentication and compromised several employee accounts.

Continue reading →

Over 140 apps on the Google Play store have been discovered to contain malicious Windows executable files.

Researchers at Palo Alto Networks found that among the infected apps, several had more than 1,000 installations and carried 4-star ratings.

Continue reading →

Researchers at Kaspersky Lab have detected a new wave of spear phishing attacks disguised as legitimate procurement and accounting letters, that have hit more than 400 industrial organizations.

The emails have targeted approximately 800 employee PCs, mostly in Russian companies, with the goal of stealing money and confidential data from the organizations, which could then be used in new attacks.

Continue reading →

While breaches often focus on consumer or payment information, they also put at risk key intellectual property and business assets.

Virualization-based security specialist Bromium is announcing a new product called Protected App, which allows organizations to establish robust, end-to-end protection around their critical intellectual property (IP) and high value assets (HVAs).

Continue reading →

How much do you trust businesses with your data? A new report from CA Technologies reveals 48 percent of consumers have stopped using the services of an organization because of a data breach.

Yet the study, conducted by analysts Frost & Sullivan shows varying attitudes to data stewardship among businesses, with nearly half admitting to selling customer data, while claiming that data protection is paramount.

Continue reading →