Articles about Security

Apple's macOS is a great operating system. Not only is it stable and beautifully designed, but it is very secure too. Well, usually it is. Unless you live under a rock, you definitely heard about the macOS High Sierra security bug that made the news over the last couple of days. In case you somehow are unaware, the bug essentially made it so anyone could log into any Mac running the latest version of the operating system.

Luckily, Apple has already patched the bug, and some people -- like me -- have forgiven the company. Understandably, not everyone will be as forgiving as me. Undoubtedly, there are Mac users that are ready to jump ship as a result of the embarrassing bug. While that is probably an overreaction, if you are set on trying an alternative operating system, you should not go with Windows 10. Instead, you should embrace Linux. In fact, rather serendipitously, a Linux distribution with a UI reminiscent of macOS gets a new version today. Called "deepin," version 15.5 of the distro is now ready to download.

Continue reading →

Endpoint systems continue to be the weakest point for most organizations, allowing a potential route for hackers to penetrate networks and steal data.

IT and security operations specialist Ivanti is launching a new version of its Endpoint Manager and Endpoint Security aimed at simplifying endpoint management and security with an integrated console and workflows.

Continue reading →

I am not a rich man. With that said, when I bought my first-ever Mac computer last year -- a 2016 MacBook Pro with Touch Bar -- parting with that much cash was a very big deal for me. I spent more on this laptop than my first car! Why did I buy it? After being impressed by iOS and liking the way the two operating systems worked together, I decided to use Mac OS X (now macOS) in addition to my favorite Linux distributions. To be honest, I feel more safe on Apple's desktop operating system than on Windows 10. I also like how Tim Cook and company stand up for privacy. In other words, I trusted Apple.

And then yesterday happened. It was revealed that macOS High Sierra had one of the worst security bugs ever. By entering "root" as the username, followed by a blank password, anybody could access any Mac running macOS 10.13.1. As soon as I read about this embarrassing vulnerability, my heart sank. I gave Apple thousands of my hard earned dollars because I valued security and privacy, and I was rewarded with incompetence. Well, I am happy to say that my head is much cooler today, and Apple has regained my trust. Why? Because the company has already patched the bug.

Continue reading →

Some Facebook users have reported that the social network is asking them to upload a selfie as a means of verifying their identity.

It seems that the company is testing out a new form of captcha as it asks that you "upload a photo of yourself that clearly shows your face." Just like Facebook's recent idea that users could protect themselves against revenge porn by uploading naked images of themselves, the test is likely to raise concerns about privacy.

Continue reading →

German independent testing institute AV Test has released the results of its latest test of Windows home user antivirus programs.

In a surprise result, Kaspersky Internet Security shares first place in the test with relative unknown AhnLab V3 Internet Security. Both achieved an 18/18 rating, the only two programs in the test to do so.

Continue reading →

In the week when cryptocurrency values have reached new levels some worrying research from web security firm High-Tech Bridge reveals that more than 90 percent of the most popular cryptocurrency mobile apps on Google Play have common vulnerabilities and weaknesses.

The company used its free Mobile X-Ray service to test apps for security flaws and design weaknesses that can endanger the user, data stored on the device or sent and received via the network, or the mobile device itself.

Continue reading →

If you thought that you needed a password to access a password-protected Mac, think again. A massive security hole has been discovered in macOS High Sierra that makes it possible to log in with admin rights without the need to provide a password.

The problem appears to be specific to High Sierra, and the ease with which it is possible to gain unfettered access to a system has many people -- understandably -- concerned.

Continue reading →

If a company suffered a data breach, 70 percent of consumers would stop doing business with it, according to a new survey of 10,000 people worldwide.

The study carried out for digital security company Gemalto also reveals that 37 percent now believe that they could be a victim of a breach at any time, compared to those surveyed in 2016 (35 percent) and 2015 (27 percent).

Continue reading →

Most data thefts are down to relatively simple techniques, like phishing, in order to get hold of login credentials. But even where systems are well protected, hackers can find ingenious ways of breaching security.

VPN advice site Top 10 VPN has compiled information from research and from real world attacks to highlight some of the more innovative ways of stealing data in an infographic.

Continue reading →

A new study from threat intelligence platform Anomali reveals that the volume of credential exposures among FTSE 100 companies in the UK has dramatically increased to 16,583 from April to July 2017, compared to 5,275 in last year’s analysis.

According to the findings 77 percent of the FTSE 100 -- the 100 largest companies listed on the London stock exchange -- were exposed, with an average of 218 usernames and passwords stolen, published or sold per company.

Continue reading →

Businesses are increasingly turning to technology to speed up application development and delivery, but this has placed additional pressure on making sure they’re secure.

Cloud security specialist CloudPassage is launching a new set of automated compliance and security controls for containers designed to protect container images, running containers and the container engine/host.

Continue reading →

While much of the US was celebrating Thanksgiving, social image hosting site Imgur was made aware of a security breach that took place back in 2014. Around 1.7 million user accounts were affected.

This is a relatively small percentage of Imgur users, and COO Roy Sehgal points out that the site has never asked for "personally-identifying information." Nevertheless, the company is contacting the owners of affected accounts, advising them to change their passwords.

Continue reading →

When securing systems most people's thoughts turn to the technology of firewalls, anti-virus programs and so on. What’s often neglected is the human aspect.

Many breaches are down to poor password practices or falling for phishing emails, things which can be prevented with better education. We spoke to Stephen Burke, founder and CEO of security awareness specialist Cyber Risk Aware to get his views on how awareness training can be used to drive better behavior and make businesses more secure.

Continue reading →

The news that ride hailing service Uber has suffered, and covered up, a major hack means that millions of people could unknowingly have had their data put at risk.

Data security company Egress Software Technologies ran a flash survey of 500 UK adults this morning to find their reactions to the story.

Continue reading →

Security researchers have discovered critical issues with the hidden firmware used in some Intel chips. Security firm Positive Technologies discovered a series of serious vulnerabilities in Intel's Management Engine (ME), Server Platform Services (SPS) and Trusted Execution Engine (TXE).

The security flaw could allow an attacker to run code that would be invisible to the operating system, opening up the possibility of invisible rootkit or malware infections, as well as the risk of exposing valuable data. The problem is believed to affect millions of computers and servers.

Continue reading →