Articles about Security

Advertising Trojans were the top mobile malware threat in 2016, however, new figures from Kaspersky Lab show their numbers declined last year but their creators turned to improved monetization methods.

Taking advantage of super-user rights to secretly install various applications or bombard an infected device with ads to make use of the smartphone impossible, ad trojans have become a major threat and are also extremely difficult to detect and remove.

Continue reading →

Security firm McAfee has announced the acquisition of VPN company TunnelBear. Full details of the deal have not been revealed, and it is not known how much money has changed hands.

With a growing awareness of the importance of online security and privacy, VPN tools have grown in popularity in recent years, and the Canada-based TunnelBear has managed to gather 20 million users around the world.

Continue reading →

Among IT professionals Malwarebytes is one of the most trusted names for malware detection and removal.

Perhaps less well known is that it also provides endpoint protection for businesses and it's now extending that to cover Apple Mac computers.

Continue reading →

Locking your PC is fundamental to preventing others from accessing it when you leave it unattended. But now security researchers have shown that it is possible to use none other than Windows 10's Cortana to bypass a password-protected lock screen.

A pair of Israeli researchers found that it is possible to use voice commands to access a locked computer and install malware.

Continue reading →

Almost two-thirds (64 percent) of IT leaders say their security teams are considering implementing consumer-grade access to cloud services for employees.

According to the 2018 Identity and Access Management Index from digital security company Gemalto 54 percent of respondents believe that the authentication methods they implement in their businesses are not as good compared to those found on popular sites including Amazon and Facebook.

Continue reading →

What's your identity worth? Not very much according to research by VPN comparison service Top10VPN.com.

The site has released its first Dark Web Market Price Index which reveals that an entire personal identity can be bought for just $1,200.

Continue reading →

Azure is a popular cloud platform for business, but firms need to ensure their applications, underlying cloud infrastructure and data are protected.

McAfee is addressing this by extending its Cloud Security Platform to consistently protect Azure, delivering an extensive solution to secure Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS).

Continue reading →

The cloud brings many benefits to businesses, but it also brings with it risks, the biggest of which concerns the security of information.

A new survey from cloud governance specialist Netwrix looks at how different sectors and geographies deal with cloud security.

Continue reading →

Cyber criminals have started using sophisticated infection methods and techniques borrowed from targeted attacks in order to install mining software on attacked PCs within organizations says Kaspersky Lab.

Some 2.7 million users have been attacked by malicious miners in 2017, according to Kaspersky's data. That's around 50 percent higher than in 2016 (1.87 million). But at the same time ransomware attacks have seen a decline.

Continue reading →

Managing security policy can be a headache for organizations with lots of users. But now business-driven security policy management specialist AlgoSec is launching an as-a-service policy management solution.

AlgoSaaS allows enterprise organizations to quickly and easily get the benefits of cloud-based security service offerings. It needs minimal end-user maintenance and is scalable to cope with business growth.

Continue reading →

Text messages via SMS are often used as part of two-factor authentication strategies to protect login accounts.

But a new and worrying study from Positive Technologies shows that real-world attempts to intercept SMS messages are 100 percent successful.

Continue reading →

The words "data security" made news once again last month when researchers revealed that Tesla’s AWS cloud systems were compromised for the purpose of cryptojacking. Cryptojacking, which is defined as the secret use of a computing device to mine cryptocurrency, has risen in popularity over the past few months. This is primarily due to 1) the surge in cryptocurrency value and 2) the discovery of clever mechanisms hackers can use to mine coins while going unnoticed.

According to RedLock researchers, the hackers infiltrated Tesla’s Kubernetes console, which is an open-source platform used for managing containerized workloads and services. They were able to access the console because it was not password protected. Within the Kubernetes pod, were Tesla AWS environment credentials which contained an Amazon S3 bucket that had sensitive data such as telemetry, mapping and vehicle servicing data.

Continue reading →

A new report from information security specialist Thales e-Security reveals that 48 percent of US healthcare organizations reported getting breached in the last year, more than 2.5 times the rate from two years ago.

In addition 56 percent report feeling either 'very' or 'extremely' vulnerable to data breaches. More than three-quarters (77 percent) reported at least one breach at some time in the past. This is the highest percentage among all US vertical industries polled in this year’s report.

Continue reading →

Nearly half (46 percent) of entry-level employees, and 28 percent of all employees, don't know if their company has a cyber security policy, according to new research.

The study of 1,000 full time workers from B2B research firm Clutch also shows that employees at all levels of an organization are likely unaware of the IT security threats their companies potentially face.

Continue reading →

Over the last few years, the website Have I Been Pwned (HIBP) has given people the chance to check whether their personal data was compromised in any data breaches. Now the site reveals that the UK and Australian governments are using its services to monitor official domains.

That governments should check the site's database for the presence of their own email addresses is perhaps not surprising -- it's used by just about every type of body imaginable. But now the mechanics have been opened up for these two governments.

Continue reading →