Articles about Security

Following the shooting in a Texas church a couple of weeks ago, it quickly emerged that the FBI was having trouble accessing data stored on the shooter's encrypted phone. While authorities refused to disclose the make and model of the device, when Apple said that it had contacted the FBI to offer help, it all but confirmed early reports that an iPhone was at the center of the case.

Now Apple has been served with a warrant to help local law enforcement officers to access messages, photos and other data stored on gunman Devin Patrick Kelley's iPhone SE.

Continue reading →

Regulators in Germany have introduced a ban on children's smartwatches citing privacy concerns. Telecoms regulator the Federal Network Agency (FNA) describes the wearables as "spying devices" and advises parents to destroy them.

The FNA said that parents had been using such smartwatches to listen in on their children at school, and warned teachers to be on the lookout for them. But a lack of regulation of the devices means that many have poor security, meaning they could be used by others to spy on wearers.

Continue reading →

Since Vista, Windows has included a security feature known as ASLR. Address Space Layout Randomization uses a random memory address to execute code, but in Windows 8, Windows 8.1 and Windows 10 the feature is not always applied properly.

A security analyst discovered that in the last three versions of Windows, ASLR was in fact not using random memory addresses, essentially rendering it useless. The good news is that there is a fix -- but you will have to apply it manually.

Continue reading →

The CoinHive malware, designed to mine the Monero cryptocurrency when a user visits a web page -- without the user's approval -- was the sixth most common malware during October.

The latest Global Threat Impact Index by Check Point released this week shows the RoughTed ad-blocker malware and Rocky ransomware are still the top two threats. However, there's a new trend toward sneakier programs with Seamless -- which redirects the victim to a malicious web page -- at number three.

Continue reading →

A new study of over 850 organizations around the world shows that all of them have experienced a mobile malware attack.

The research by cyber security company Check Point shows an average of 54 mobile malware attacks per business with Android and iOS platforms both proving vulnerable.

Continue reading →

Over the past several years we have seen a multitude of security problems plague major retail stores around the world. Breaches have come in many forms and have frequently targeted credit card information, though in some cases personal data has been part of the haul.

Now we find ourselves looking at yet another incident. Retail chain Forever 21, which is wildly popular among young people in the United States -- you can barely find a mall that doesn't have one -- has officially announced that its systems were compromised.

Continue reading →

According to a new study, 25 percent of employees have tried to look at data at work that they weren't supposed to, and 60 percent were successful at accessing that data.

The survey by adaptive threat prevention company Preempt also reveals widespread bad habits, with 41 percent of employees using the same password for both personal and work accounts.

Continue reading →

Malware is a worldwide problem affecting every nation state on the planet according to the latest Comodo Threat Research Labs report.

Comodo detected almost 400 million malware incidents around the globe in the third quarter of this year, with even the tiny island nation of Kiribati in the central Pacific being affected. The top five malware hit countries are, Russia, the US, Poland, the UK and Germany.

Continue reading →

Most enterprises and government organizations fell vulnerable to insider threats and around half have experienced an insider attack in the last year, according to a new report.

Commissioned by Cybersecurity Insiders, the study is based on a comprehensive online survey of 472 cyber security professionals.

Continue reading →

Healthcare providers are spending a lot of money on connected devices. But this comes at a time when cyber attacks on healthcare targets are increasing with medical devices a prime target.

Israeli start up Medigate has secured backing for a technology platform, that lets security teams defend networked medical devices from cyber attacks. It combines knowledge and understanding of medical workflow and device identity and protocols with the reality of today's cyber security threats.

Continue reading →

According to a new report, one in four UK healthcare IT professionals aren't confident in their organization's ability to respond to cyber attacks.

Research from network intelligence company Infoblox finds that disruption caused to the NHS by WannaCry in May 2017 means many healthcare organizations are preparing themselves for further ransomware attacks.

Continue reading →

A new survey of IT decision makers shows that 89 percent are confident their organizations are in a good position to protect themselves from attacks, but four out of 10 are not taking steps to lock down information, putting themselves at risk of data loss.

The study from security software company Varonis polled 500 IT decision makers in the UK, Germany, France and the US. Fifty-four percent of respondents believe their company will face a major attack in the next year.

Continue reading →

Containerization is increasingly a part of enterprise IT strategy, and like any other systems it needs to be properly secured.

Container security specialist NeuVector is releasing a new version of its container firewall security solution with key security, integration, and UI additions, along with a version aimed specifically at enterprises.

Continue reading →

The inability of law enforcement agencies to access encrypted data stored on smartphones is a relatively new one, but it's one that really came into the spotlight with the San Bernardino shooting latest year. With the recent shooting in Texas, the US government is talking about the issue once again.

We've already learned that the FBI has been unable to access data stored on the shooter's phone due to the fact that it's encrypted. We also know that Apple has been in contact with the FBI to offer help -- despite having previously said there was no way it could access encrypted data. Now it seems that the US government, specifically Deputy Attorney General Rod Rosenstein, is using the case to add pressure to phone manufacturers to include backdoors.

Continue reading →

Following on from its Vault 7 series of leaks relating to CIA hacking tools, WikiLeaks has kicked off a new series -- Vault 8. The purpose of this latest series is to reveal the source code of previously exposed hacking and surveillance tools, and the first release relates to Hive.

The tool itself is interesting enough, serving as backbone to the CIA's malware operations, but there's more. What's intriguing about the first leak in the Vault 8 series is that it seems to show the agency impersonating Kaspersky, by making use of a fake certificate for the anti-virus company.

Continue reading →