Articles about Security

Given recent scares about digital assistants recording conversations, it's perhaps not surprising that levels of trust in these devices are not high.

The latest State of Digital Lifestyles survey from Limelight Networks reveals that adoption of digital assistants is highest in the US where 35 percent of consumers currently own one, however, these consumers still have major trust issues with the devices.

Continue reading →

The rise in popularity of smart devices in the home -- coupled with our continuing love of laptops, tablets and phones -- means that we're more reliant on wireless networks than ever before. But the security we rely on to keep things safe is at least 14 years old, if not older (the widely used WPA2 started life back in 2004).

Clearly, it's time for a security upgrade, and to this end, the Wi-Fi Alliance has just started certifying devices that support WPA3 -- the predictably-named successor to WPA2. This latest security protocol includes a number of important enhancements, and is available in two varieties: WPA3-Personal for the average home user, and WPA3-Enterprise for environments that work with sensitive data and require even greater security.

Continue reading →

When it comes to messaging tools, people have started to show greater interest in whether encryption is used for security, and the same for websites -- but not so much with email. Thanks to the work of the Electronic Frontier Foundation, however, email security is being placed at the top of the agenda.

The privacy group today announces STARTTLS Everywhere, its new initiative to improve the security of the email eco-system. STARTTLS is an addition to SMTP, and while it does not add end-to-end encryption, it does provide hop-to-hop encryption, which is very much a step in the right direction.

Continue reading →

Every month there are fresh cryptocurrencies springing up, but new research by Positive.com has discovered an average of five separate vulnerabilities in each initial coin offering (ICO) project examined in 2017.

What's more, 47 percent of the ICO vulnerabilities uncovered were medium to high severity. Just one vulnerability is enough for attackers to steal investors' money and do irreparable damage to corporate reputation.

Continue reading →

DRM is something that's usually associated with streaming music and video, but there's no reason that it can't be put to other uses. Proving this, Google has started using a form of DRM to improve app security by verifying that APKs originate from the Play Store. It's a system that works much like signed drivers in Windows.

The aim is simple: to improve the security of Android users by ensuring that they are using genuine apps that have not been tampered with in any way. Google is not referring to the new system as DRM, saying instead that it is adding a "small amount of security metadata on top of APKs to verify that the APK was distributed by Google Play".

Continue reading →

Enter the wrong passcode into an iPhone and you'll not only be denied access to it, but also run the risk of wiping its contents if you enter an incorrect code too many times. This is a problem faced by law enforcement agencies when they encounter iPhones in the cases they're working on -- as well as people trying to hack into phones for nefarious purposes -- so it's little wonder that hackers are constantly trying to find a way to earn unlimited guesses at passcodes.

One hacker thought he had cracked it. Security researcher Matthew Hickey proudly boasted at having discovered a delightfully simple method for brute-forcing entry into an iPhone -- he even posted a video of his hack in action. But there's no need to panic. Apple explains that "incorrect testing" renders Hickey's method worthless.

Continue reading →

Google has unveiled a new look for users' accounts, making information clearer, improving transparency and adding new options.

To make it easy to find information, Google has added a search function and there's also a cleaner look to aid navigation. Building on the previous update to Security Checkup, your Google account now also highlights settings you can change to improve your security.

Continue reading →

Researchers at RiskIQ have uncovered a scam app that seeks to steal information and launches advert clicking to make money for the scammers.

The app is advertised as a battery saver. The twist here is that though it will actually do what it says and cut battery use, it does a lot of nasty stuff too.

Continue reading →

Office 365's dominant share of the online business tools market has made it a popular target for cybercriminals launching phishing and malware attacks.

To offer users extra protection, email security specialist Vade Secure is launching a new solution that's fully integrated into Office 365 and offers filtering powered by artificial intelligence.

Continue reading →

Global financial services organizations are targeted by sophisticated cyber attackers in an attempt to steal critical data, according to a new report.

The study from threat hunting company Vectra says attackers build 'hidden tunnels' masquerading as other web traffic to break into networks and access critical data and personal information. These tunnels are used to remotely control an attack and steal data while remaining largely undetected.

Continue reading →

A new survey of IT professionals finds that automating endpoint detection and response processes is a top priority.

The study from cyber security training company, the SANS Institute, shows 42 percent of the IT professionals surveyed say their endpoints had been breached, and 82 percent of that group say their breaches involved desktops, while 69 percent cited corporate laptops and 42 percent claimed involvement of employee-owned laptops (42 percent).

Continue reading →

Website attacks increased 14 percent in the first quarter of 2018 compared to the final quarter of 2017 as cybercriminals set their sights on independent websites and small businesses.

Figures from website security specialist SiteLock show that one percent of sampled sites are infected at any one time. This may not sound much, but it means 18.7 million sites are infected.

Continue reading →

As the FIFA World Cup tournament enters its second week, cybercriminals are using a phishing campaign to trick fans into opening an infected attachment.

Emails identified by Check Point attempt to lure would-be victims into downloading a schedule of fixtures and a result tracker, but doing so will prove to be an own goal.

Continue reading →

Cryptocurrency mining malware has become a serious problem recently, and it seems the latest people to fall victim to the threat are users of the Android emulator Andy OS -- also referred to as AndY and Andyroid.

The emulator makes it possible to run Android software within Windows or macOS, but it appears that the installation harbors a dark secret -- a GPU miner trojan that secretly mines for Bitcoin. Over on Reddit there are large numbers of upset users trying to find out what's going on.

Continue reading →

A new survey of 2,000 UK adults reveals that almost three quarters worry that their details will be stolen every time they hand over bank details and email addresses to companies.

What’s more around one in five have already had their data stolen according to the study commissioned by BullGuard, and almost a third of these had been out of pocket as a result.

Continue reading →