Articles about Security

It's World Password Day and we've already looked at tips for safe password use, but a new survey from identity management company SailPoint reveals that IT professionals aren't practising what they preach when it comes to password use.

In partnership with research company Vanson Bourne, SailPoint surveyed 400 IT decision makers about their password habits and came up with some worrying results.

Continue reading →

Ransomware attacks grew by 400 percent last year, largely down to the success of the WannaCry attack. It’s perhaps not surprising that other variants slowed down, but this signals a shift in the way ransomware is being used.

A new report from F-Secure shows WannaCry accounted for nine out of every 10 ransomware detection reports by the end of the year.

Continue reading →

We're constantly being told that the password's days are numbered. No less a figure than Bill Gates predicted the end of the password as far back as 2004. Yet we still rely on them to protect many of our day-to-day activities.

To mark today’s World Password Day, Raj Samani, chief scientist and fellow at McAfee, has produced a set of tips that people can follow to make the best use of passwords.

Continue reading →

A new study of password and account security on 55 of the world's most popular travel-related sites reveals that 89 percent leave their users' accounts potentially exposed to hackers due to unsafe password practices.

The research by password management company Dashlane tested each website on five critical password and account security criteria. A site received a point for each criterion it met, for a maximum score of 5/5. Any score below 4/5 was considered failing and not meeting the minimum threshold for good password security.

Continue reading →

A critical remote code execution vulnerability has been discovered in two Schneider Electric applications heavily used in manufacturing, oil and gas, water, automation and wind and solar power facilities.

The vulnerability, discovered by cyber exposure company Tenable, could, if exploited, give cyber criminals complete control of the underlying system.

Continue reading →

The most common infection vectors are still email phishing and drive-by downloads according to the latest threat report from AI security specialist Cylance.

The report provides a real-world glimpse into major cyber threats that affected Cylance’s customer base in 2017. Along with industry trends and analysis, and data from thousands of government entities and organizations of all sizes across 160 countries that have adopted a prevention-first approach to security.

Continue reading →

With a name like 'SiliVaccine' you could be forgiven it's something your doctor would give you if you were worried about turning into a clown. But in fact this is North Korea's home grown antivirus product.

Check Point Software has obtained and analyzed a rare copy of the software and discovered key components of its source code to be identical to a 10-year old copy of Trend Micro's AV software.

Continue reading →

A new study from IT solutions provider US Signal reveals that businesses are seeing a greater number of security challenges.

The survey of security experts from a cross-section of organizations also shows 40 percent of respondents experienced at least one security incident in the last year, and 13 percent didn't know if they had.

Continue reading →

Earlier today, we revealed that Amazon is bumping up the price of a Prime subscription by 20 percent, but this is not the only news coming from the online giant. A newly discovered and little-advertised portal on the Amazon site finds the company offering smart home security installation services.

Ranging in price from $240 to $840, the Smart Home Services packages include the cost of both hardware and installation. In all, there are five packages to choose from, covering everything from simple smart lighting, to full-home security systems.

Continue reading →

Long-lasting DDoS attacks made a return in the first quarter of 2018 with the longest attack seen lasting 297 hours (more than 12 days). The last time a longer attack than this occurred was at the end of 2015.

This is among the findings of Kaspersky Lab's latest DDoS intelligence report which reveals that in the first quarter of 2018, DDoS attacks were registered against targets in 79 countries.

Continue reading →

A vulnerability arising from the default installation of popular business management platform SAP could lead to a full compromise of the system say researchers.

SAP security and compliance specialist Onapsis has revealed the flaw which is found in SAP Netweaver and can be compromised by a remote unauthenticated attacker with only network access to the system.

Continue reading →

For Microsoft, the patches it produced for the Meltdown chip vulnerability proved to be just about as problematic as the original issue, further reducing the security of systems. Following the emergence of an exploit for the Windows-maker's first patch, users are advised to hurry up and install the patch-for-a-patch that was later released.

Last month, Ulf Frisk from Sweden revealed that Microsoft's Meltdown patches were making things worse for Windows 7 and Windows Server 2008, making it possible to read and write kernel memory and gain total control over the system. Now code has been posted online that can be used to exploit the "Total Meltdown" vulnerability.

Continue reading →

Chances are you're not currently friends with Kim Jong Un on Facebook. And it's not likely to happen any time soon according to researchers at Recorded Future who have been looking at the internet usage patterns of North Korea's leaders.

In July last year they found that the country's ruling elite were plugged into contemporary internet society, were technologically savvy, and had patterns of internet use that were very similar to users in the West.

Continue reading →

Most hotel chains these days rely on some sort of electronic key card mechanism rather than more traditional locks.

Researchers at F-Secure have found that hotels worldwide are using an electronic lock system with a flaw that could be exploited by an attacker to gain access to any room in the building.

Continue reading →

Although endpoint security solutions have improved, a new survey of IT security professionals finds that three quarters believe their existing anti-malware solutions would be able to prevent no more than 70 percent of infections.

The study from anti-evasion specialist Minerva Labs shows nearly half of the respondents surveyed (48 percent) say that they have seen about the same number of malware infections than previous years while 32 percent claim to have seen an increase in infections.

Continue reading →