Articles about Security

A new report from IoT security specialist ZingBox looks at the security of connected medical devices, from infusion pumps and patient monitors to imaging systems and medical device gateways.

The most common types of risk originate from user practice issues (such as using embedded browsers on medical workstations to surf the web, conducting online chat or downloading content), accounting for 41 percent of all security issues.

Continue reading →

More than half of phishing attacks in 2017 were aimed at getting hold of financial information according to a new report.

Kaspersky Lab's anti-phishing technologies detected more than 246 million user attempts to visit different kinds of phishing pages, with 54 percent being attempts to visit a financial-related website, compared to 47 percent in 2016.

Continue reading →

A new survey reveals that 52 percent of companies admit to cutting back on security measures to meet a business deadline or objective.

The report into SecOps (Security Operations) from intrusion detection company Threat Stack also reveals that 68 percent of companies say their CEO demands that DevOps and security teams don’t do anything that slows the business down.

Continue reading →

Mid-market organizations -- those with 1,000-5,000 employees -- have been hit the hardest with ransomware in 2017, with 29 percent experiencing a ransomware attack, according to a new report.

Security awareness training company KnowBe4 has released its 2018 Threat Impact and Endpoint Protection Report which shows organizations in manufacturing, technology and consumer-focused industries experienced the most ransomware attacks.

Continue reading →

Amazon has opened up its wallet and splashed more than $1 billion on buying Ring. Famed for its selection of smart doorbells, security cameras and other security devices, the purchase of the Santa Monica, California firm is Amazon's latest foray into home security.

While details of the deal are currently a little thin on the ground, it is expected that the Ring name will live on, and it is likely that future products released under the brand will feature Alexa smart assistant integration.

Continue reading →

Single sign on (SSO) is popular with businesses as it allows control of access to multiple resources without the need for lots of different credentials.

But researchers at Duo Security have uncovered a vulnerability that can allow attackers to trick systems based on the commonly used SAML (Security Assertion Markup Language) into giving them a higher level of access.

Continue reading →

One of the key planks of the upcoming GDPR legislation is the right to removal of personal data, the so-called, 'right to be forgotten'.

But a new study from big data application provider Solix Technologies reveals that 65 percent of organizations are unsure if an individual's personal information can be purged from all their systems.

Continue reading →

A new study of 165 IT and security professionals at medium-sized companies across the US reveals that 53 percent believe their organization was breached one or more times in 2017.

The report from security-as-a-service company Cygilant shows a lack of confidence in respondents' ability to protect customer data, with only 16.6 percent very confident that they can successfully protect customer data.

Continue reading →

Growing complexity is a major issue in securing and managing corporate wide area networks according to a new survey.

The study by software-based networking and security specialist Versa Networks shows 68 percent of respondents think deploying and managing network security devices at branch locations is the most challenging aspect of WAN management, followed by increasing costs (53 percent) and information security risks at branch locations (49 percent).

Continue reading →

Security firm Symantec has announced that it will no longer offer discounts on its products to members of the National Rifle Association.

Following the school shooting in Parkland, Florida last week, the gun debate is very much back on the table. There has been pressure on numerous companies to sever ties with the NRA, and Symantec is the first big name in tech to make the move.

Continue reading →

The financial impact of a DDoS attack is continuing to rise globally -- totaling on average over $120,000 per attack for SMBs and over $2 million for enterprises.

These findings come from a study by Kaspersky Lab which shows that the cost of a DDoS attack in 2017 was almost $20,000 higher for SMEs than in 2016 and more than half a million dollars more for enterprises.

Continue reading →

Intel is facing criticism from the US government after it was revealed that the company did not inform cyber security officials about the Meltdown and Spectre vulnerabilities even though they had been known about for months.

Reports about the Meltdown and Spectre flaws were leaked by the Register, and it wasn't until this information hit the public domain that Intel decided to speak to US-CERT about the matter. The lack of communication from the chip-maker was revealed in a series of letters sent by technology firms to lawmakers this week.

Continue reading →

Samsung has revealed a new, free Android app -- Samsung Max, which it says is "designed to promote mobile data savings and application privacy management". The app replaces Opera Max and anyone with this app currently installed should find that it automatically updates to Samsung Max.

While Opera Max included a fully-fledged VPN tool, Samsung Max downgrades this to a DNS-masking service. There are, however, other security and privacy options, as well as tools for reducing data usage.

Continue reading →

2017 saw a sudden increase in code signing certificates being used as a layered obfuscation technique to deliver malicious payloads.

Recorded Future's Insikt Group has been investigating the criminal underground and has identified a number of vendors currently offering both code signing certificates and domain name registration with accompanying SSL certificates.

Continue reading →

US Federal agencies reported more breaches last year (57 percent) than any other industry sector by a wide margin, well ahead of the global average of 36 percent according to a new report.

Yet the findings from Thales eSecurity show that only 42 percent of government respondents claim to be 'very' or 'extremely' vulnerable, compared to 68 percent of US respondents across the board.

Continue reading →