Articles about Security

Of over 200 respondents to a new survey, more than half report the most vulnerable aspects of their IIoT infrastructure as data, firmware, embedded systems, or general endpoints.

But at the same time the survey by information security training organization SANS Institute reveals an ongoing debate over what actually constitutes an endpoint.

Continue reading →

Tomorrow -- Tuesday, 24 July -- sees the release of Chrome 68. Many people will regard this as just another browser update, but the release sees an important change to the way Chrome handles unencrypted websites.

The new way in which non-HTTPS sites are handled means that Chrome is going to start throwing up warning messages whenever an insecure site is encountered -- a reversal of the way things have been up until now.

Continue reading →

According to a new study, 80 percent of IT decision makers and IT security professionals believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years.

The survey by Vanson Bourne for endpoint security company CrowdStrike  finds two-thirds of the surveyed organizations experienced a software supply chain attack in the past 12 months.

Continue reading →

Cyberattacks come in many forms and from many sources, but a new report from endpoint security company Carbon Black reveals an increasing number originate from nation states with espionage as their goal.

The findings show that 81 percent of incident response (IR) professionals say the majority of attacks come from Russia, while 76 percent say the majority come from China. These foreign actors are seeking more than just financial gain or theft -- 35 percent of IR professionals say the attackers' end goal is espionage.

Continue reading →

In 1941, the US Military was trying to save on security costs by mooring its battleships close together while they were in port. Aircraft were also parked neatly in rows. Many of the most valuable assets of the Pacific Fleet were all centralized in one convenient spot that was well organized, easy to find, and therefore easy to attack.

On 7 December 1941, a date that will live on in infamy, that is exactly what happened.

Continue reading →

According to a new report, 52 percent of US retailers have suffered a data breach in the past year and 75 percent have had one at some time in the past.

The latest Thales Data Threat Report, Retail Edition, also shows that US retail data breaches more than doubled from 19 percent in the 2017 survey to 50 percent, making retail the second most breached industry vertical this year.

Continue reading →

When usernames and passwords are exposed through a data breach or attack on users, criminals harvest these credentials and test them on a wide range of websites and mobile applications, a practice known as 'credential stuffing'.

A new report by security and anti-fraud specialist Shape Security looks at the lifecycle of stolen credentials and at the damage their use can cause.

Continue reading →

Phisherfolk love to try to trick people into thinking they are a major brand in order to get them to reveal passwords or personal data.

New research from Vade Secure reveals that in the second quarter of this year Microsoft has supplanted Facebook as the most spoofed brand. The social network drops two places to third, behind perennial phishing favorite PayPal.

Continue reading →

Security-as-a-service provider Alert Logic is using the AWS Cloud Summit to launch an industry first network intrusion detection system (IDS) for containers.

It’s available in Alert Logic Cloud Defender and Threat Manager solutions and is able to inspect network traffic for malicious activity targeting containers, providing organizations with faster detection of compromises and reduced risk of attacks to cloud workloads on Amazon Web Services.

Continue reading →

As businesses move more of their systems into the cloud the protection they require to keep them safe needs to be more flexible.

Cybersecurity specialist McAfee is responding to this challenge with the launch of McAfee MVISION, a portfolio of products which strengthens the device as a control point in security architectures, delivers simplified management, stronger Windows security, behavior analytics, and threat defense for Android and iOS devices.

Continue reading →

It is no secret that the technology sector has a labor problem. As demand for new products and services continues to rise, we are simply not producing enough qualified developers to keep up. Just ask any company where their greatest pain point is and they will have hiring somewhere towards the top of that list.

This shortage is felt especially acutely when it comes to security professionals that understand both how code is written, and how to keep it secure. A 2018 report from the Enterprise Strategy Group (ESG) found that 51 percent of respondents reported shortages of cybersecurity skills as an area of concern. These concerns have been on the rise in recent years, spiking from a reported 23 percent in 2014 citing cybersecurity skills as a problem, up to the latest 51 percent statistic from this year.

Continue reading →

Malwarebytes already offers a decent security app for Android, but the company has never had a version for iOS -- until now.

While iPhone and iPad users are less at risk from malware than their Android counterparts, thanks to Apple’s walled-garden, they aren’t necessarily completely safe -- the threat of spam calls, scam websites, fraudulent texts and bad ads remains.

Continue reading →

With every new privacy scandal that erupts across the digital landscape, we smartphone users and digital nomads must ask ourselves the same question: Have we reached diminishing returns on the usefulness of modern technology? It seems sometimes like every new convenience arrives with a litany of security concerns attached.

The latest news to strike a blow to our expectations of digital privacy is that smartphone apps appear to have been taking screenshots of users' devices and records of their keystrokes without their knowledge.

Continue reading →

Traditional signature-based antivirus solutions struggle to cope with the pace of change in today's malware world. But while enterprises have had access to sophisticated machine learning solutions for a while these have largely been denied to consumers.

Now though Cylance is launching an AI-based antivirus solution aimed at the domestic internet user.

Continue reading →

There's growing interest in biometric security solutions as passwords are increasingly seen as outmoded and at risk from phishing and other attacks.

Biometric solutions provider ID R&D is launching a new version of its voice biometric security solution, IDVoice. Enhancements to the product allow it to deliver what is claimed to be the industry's fastest and most accurate text-independent biometric verification.

Continue reading →