Articles about Security

A new report from risk management and threat intelligence company Digital Shadows shows that cyber criminals are looking to exploit the boom in interest and adoption of cryptocurrencies.

The study highlights the most common methods used by these criminal actors, which include crypto jacking, account takeovers, mining fraud and scams against initial coin offerings (ICOs).

Continue reading →

Security is the main priority when selecting cloud solutions according to a new report which shows businesses are increasingly adapting their security to suit the cloud.

The study for cloud security automation company Lacework carried out by analysts Hurwitz & Associates shows that 'safe and secure' tops the list of desirable cloud characteristics, cited by 53 percent of respondents.

Continue reading →

Microsoft is taking a firmer line with misleading system utilities and tools that try to scare users into paying for software. An update to Windows Defender means that software found to be "coercive" could be ripe for automatic removal.

New policies come into play in March as Microsoft tries to banish software that makes misleading claims or adversely affects system performance. Tools that exaggerate problems or resort to scare tactics are among those in the firing line.

Continue reading →

APIs power many of our digital experiences, but because they provide a window into applications they also present a security risk.

A new study from cyber security company Imperva reveals that 69 percent of companies have public-facing APIs which offer a route to the sensitive data behind applications.

Continue reading →

Leaked documents show that the Trump administration is considering plans to nationalize the 5G network. In the documents, seen by Axios, a senior National Security Council official says that a centralized, government-controlled 5G network is needed to offer security against China.

But while the government may believe it makes sense for it to be in control of the future mobile network, the idea has attracted vocal opposition. Among the opponents is FCC chairman Ajit Pai.

Continue reading →

If you have a ThinkPad, ThinkCentre or ThinkStation system, Lenovo has an important security patch for you to install. And you should install it right now.

Reporting vulnerability CVE-2017-3762, the computer manufacturer says that it discovered a weak algorithm used to encode fingerprint data could be bypassed with a hardcoded password. The problem affects the Lenovo Fingerprint Manager Pro utility for Windows 7, 8 and 8.1.

Continue reading →

Threat intelligence is becoming an essential part of protecting systems. But this information often comes from many different sources, making it hard to see the big picture and limiting flexibility and effectiveness.

To address this issue, Recorded Future is launching a new product providing centralization, collaboration, and customization of intelligence. Called Fusion, it's powered by machine learning and allows users to centralize and customize proprietary and internal threat data with external threat intelligence.

Continue reading →

Military personal who used the fitness app Strava have unwittingly contributed to revealing the location of secret army bases around the world. Strava published a "heatmap" of global user activity in November, and from this data visualization the location of secret military bases was accidentally exposed.

The company argues that the information had already been made public by users who chose to share their location data. It goes on to suggest that military users might want to consider opting out of the heatmap feature of the iOS and Android app.

Continue reading →

The discovery of the Meltdown and Spectre vulnerabilities in processors caused a great deal of panic and confusion. The poor reliability and performance hit brought about by patches did little to help consumer confidence, but Intel says it will be releasing processors in 2018 that are free from the problems.

The move will be welcomed by customers who have been frustrated by problematic bug fixes designed to mitigate against the bug but which brought issues of their own. A timescale for the hardware solution has not been pinned down more specifically than "later this year."

Continue reading →

Ahead of this Sunday's (January 28) Data Privacy Day, enterprise cyber security company Tripwire has conducted a poll of Twitter users asking who they were most concerned about collecting their private information.

Of the more than 300 people who took part, 40 percent say they would be most worried about corporations stealing their information. While nearly a third (27 percent) say they are most concerned about the government gathering their critical data.

Continue reading →

With 99 percent of organizations using big data, 94 percent Internet of Things devices, and 91 percent using or working on mobile payments, there are more attack surfaces than ever and new risks that need to be addressed.

A new study from systems and cyber security company Thales e-Security finds the extent and impact of increased threats clearly shown in levels of data breaches and vulnerability.

Continue reading →

The latest annual State of Malware Report from Malwarebytes shows that ransomware had a bumper year in 2017, though it began to trend downwards towards the end of the year.

Ransomware launched against consumers was up more than 93 percent and ransomware against businesses up 90 percent. As the year end approached though many avenues known for ransomware drops were seen diversifying their payloads with banking Trojans and cryptocurrency miners instead.

Continue reading →

With increasing interest in cryptocurrency it's inevitable that cyber criminals will see the potential to make money from investors and users.

Threat management company RiskIQ has found that hackers are targeting the Apple, Google Play, SameAPK, APKPlz and other app store users with malicious cryptocurrency apps aiming to steal money and personal data.

Continue reading →

When systems are in the cloud, 45 percent of organizations perceive their own employees to be the biggest security risk, according to a new report.

According to user behavior specialist Netwrix, even though the majority of attacks they experienced over the year were external, organizations blame their own IT staff (39 percent) and business users (33 percent) as much as or more than their cloud providers (33 percent).

Continue reading →

With 1.9 billion records stolen in the first six months, more than in the whole of 2016, 2017 proved a bumper year for cyber crime.

According to cyber security company Venafi, this trend is set to continue into 2018, with state-sponsored attacks to the fore.

Continue reading →