Articles about Security

New research reveals that 56 percent of surveyed decision makers from IT and risk, fraud or compliance functions report that their organization has suffered a ransomware attack in the last 12 months, compared to under half (48 percent) who said the same in 2016.

The study of 500 businesses in the UK, France, Germany and USA commissioned by SentinelOne and carried out by Vanson Bourne shows 69 percent say the most successful ransomware attack resulted in the attacker being able to encrypt some data, with five percent paying the ransom to decrypt the data.

Continue reading →

According to new research, 97 percent believe unsecured IoT devices could be catastrophic for their organization, yet just 29 percent actively monitor for related third-party risks.

The study conducted by the Ponemon Institute and risk assurance body Shared Assessments shows 81 percent of respondents say that a data breach caused by an unsecured IoT device is likely to occur in the next two years.

Continue reading →

Although it's relatively new, the cryptocurrency industry was the fifth most attacked by DDoS in the final quarter of 2017.

Imperva's latest Global DDoS Threat Landscape Report finds the spike in cryptocurrency prices has attracted the attention of attackers. Also the number of exchanges has increased to 190, up from 70 in Q3.

Continue reading →

Attacks such as ransomware are able to bypass legacy security solutions because organizations are neglecting to patch, update, or replace their current products according to a new report.

The study from cyber security company Webroot also shows cryptojacking gaining ground, with over 5,000 websites being compromised with JavaScript cryptocurrency miner CoinHive to mine Monero since September 2017.

Continue reading →

Cyber security is seen as one of the biggest threats to business. Yet employees are not being supported by their organizations when it comes to investing in their continued education and career development.

Crowd sourced IT and security training solution Cybrary, along with cyber security research body the Cyentia Institute, have produced a report looking at the cyber skills gap.

Continue reading →

A new report from digital threat management company RiskIQ states malicious mobile apps declined at the end of 2017.

To reach these findings the firm analyzed 120 mobile app stores and it puts the decline down largely to a decrease in the inventory of AndroidAPKDescargar, the most prolific dealer of blacklisted apps.

Continue reading →

As much as we'd like to think otherwise, no software is free of security issues. That's why it's important for tech companies to play an active role in finding and fixing as many bugs as possible before they're exploited. Implementing a bug bounty program can be very effective, as the product is exposed to various testing mindsets and approaches which can uncover some nasty surprises.

Netflix, which has over 100 million users across the globe, today introduces its first bug bounty program that's open to the public, with rewards that can reach $15,000 for the most-valuable findings that security researchers report.

Continue reading →

AMD has confirmed that some of its processors contain vulnerabilities after they were found by CTS Labs researchers. In all, 13 critical flaws were found, including RyzenFall, MasterKey, Fallout and Chimera. They affect a range of AMD products.

The flaws are not dissimilar to the previous Meltdown/Spectre vulnerabilities, and CTS Labs gave AMD just 24 hours' notice before going public. The chipmaker says that patches are on the way, and tries to suggest that the vulnerabilities are not a cause for major concern.

Continue reading →

The US has repeatedly voiced concerns about Kaspersky Labs, expressing distrust of the Russian company. So concerned is the Trump administration about possible ties to the Russian government, that Kaspersky software is banned from official computers.

This is clearly something that the company is not happy with, and it has already launched a lawsuit against the US government. In a bid to silence those who say that data is being fed to the Kremlin, Kaspersky is planning to open a data center in Switzerland.

Continue reading →

The foundations of the digital world are set to be shaken in the next two years according to the findings of a new report from the Information Security Forum (ISF).

The Threat Horizon 2020 report highlights nine major threats, broken down into three themes, that organizations can expect to face by 2020 as a result of  developments in technology.

Continue reading →

The average website was attacked 44 times a day during the last quarter of 2017, according to new research from security specialist SiteLock.

The company analyzed six million sites to identify trends in the behavior and tactics of attackers. Though the number of attacks represents a 25 percent decrease over the previous quarter, it still means a site could be attacked 16,000 times a year.

Continue reading →

Hackers and cyber criminals often seek to exploit human errors like misconfigurations, poor security practices and the use of shadow IT.

In order to help businesses assess the risk XM Cyber is launching an automated advanced persistent threat (APT) simulation platform, HaXM, to continuously expose all attack vectors, above and below the surface.

Continue reading →

If you're a Firefox user, it's highly possible that you use the browser to store your login usernames and passwords for the sake of ease. Supposing you're a little security conscious, you may well have enabled the 'master password' function to prevent unauthorized access to your password database.

Well, there's a little bad news. It's nowhere near as secure as you may have thought. Wladimir Palant -- the guy behind the AdBlock Plus extension -- found that the system, which is used by both Firefox and Thunderbird, can be very easily brute-forced, leaving passwords vulnerable to malware and hackers.

Continue reading →

Over the past year or so the idea of using artificial intelligence as an aid to cyber security has gained a lot of support.

But what role does AI and machine learning have, and what will the future of security look like when it's in widespread use? We spoke to Gene Stevens, co-founder and CTO of network security company ProtectWise to find out.

Continue reading →

Compatibility issues with patches for the Meltdown and Spectre vulnerabilities saw Microsoft blocking the rollout of security updates to Windows users. The company has just changed its policy for Windows 10 users, but this does not help anyone running Windows 7 or 8.x.

The problem is that updates are blocked for people who have not installed antivirus software known to be fully compatible. When such software is installed, a registry entry is created, and this allows updates to be installed. If you've decided to run the risk of operating without antivirus software installed, this registry won't be created and you won't receive security updates. Unless you hack it, that is.

Continue reading →