Articles about Security

As the adoption of Internet of Things (IoT) and other connected devices increases and is projected to reach over 50 billion by 2020, Arm has unveiled a new systems architecture aimed at securing and protecting these devices from being exploited by cyber attackers.

The British semiconductor firm unveiled its new Platform Security Architecture (PSA) which is designed to serve as a common industry framework for developers and hardware manufacturers to increase the security of devices built on its system-on-a-chip (SoC) Cortex processors.

Continue reading →

Earlier in the month, news emerged that Kaspersky software had been used by Russian hackers to identify and steal sensitive NSA files from a US computer. Following the revelation, Kaspersky Lab started an investigation, and now the company has published its findings.

Kaspersky concedes that its software had indeed identified classified NSA data -- specifically a hacking tool -- but says that it was unintentional. The unearthed source code was attributed to the Equation Group, and company head Eugene Kaspersky ordered the code be destroyed when the matter was reported to him.

Continue reading →

Yesterday, Bloomberg ran a story suggesting that Apple had faced problems getting the iPhone X to market on time. In an attempt to speed up production, Bloomberg said Apple gave suppliers permission to reduce the accuracy of its Face ID face recognition feature.

But Apple refutes this claim, dismissing it as "completely false" -- but Bloomberg is standing by its story.

Continue reading →

The ongoing debate between law enforcement agencies and device manufacturers over customers' digital privacy was a major point of discussion during the San Bernardino terrorist attack in 2016 and now the FBI has revealed that it was unable to access almost 7,000 devices because of encryption in this year alone.

At the International Association of Chiefs of Police conference in Philadelphia, FBI Director Christopher Wray brought up the issue in a speech to highlight how law enforcement agencies are still at a loss as to how to access the data on mobile phones protected with encryption.

Continue reading →

News broke earlier about the spread of a new form of ransomware going by the name of Bad Rabbit. It name drops Game of Thrones and bears more than a passing resemblance to WannaCry and Petya.

While the main impact of Bad Rabbit has been felt in Eastern Europe, some instances of the ransomware have also been detected in the US. Thankfully, it's relatively easy -- and free -- to protect your computer. By simply tweaking a couple of files, you can stop the ransomware in its tracks.

Continue reading →

The cyber security industry continues to face a skills crisis, but a new study from security vendor ProtectWise and analyst ESG suggests that the adoption of new technologies could be instrumental in attracting new talent.

The survey of over 500 16 to 24 year-olds finds that 74 percent say that the use of gaming and VR technology in the fight against cyber crime would increase the likelihood of them pursuing a cyber security career.

Continue reading →

The recent crackdown on popular dark web markets AlphaBay and Hansa is driving cyber criminals to migrate to messaging apps like Discord, ICQ, Skype, Telegram and Whatsapp, according to a new report.

The study from threat management company IntSights analyzed thousands of black markets, text storage/paste sites, hacking forums, IRC channels, apps and social media pages, and uncovers a steady increase in threat actors inviting cyber crime forum users to join their chat groups.

Continue reading →

A new strain of ransomware -- dubbed Bad Rabbit -- has struck in Russia, Ukraine and other parts of Eastern Europe. It is thought to be a variation on Petya due to a number of similarities, and it is wreaking havoc with media outlets and transport systems, including an airport in Ukraine, and the underground in Kiev.

Like many other forms of malware, Bad Rabbit was initially spread through a fake Flash installer, but it was then able to spread via networks to hit a larger number of machines. The spread of the ransomware is further facilitated by using the open source Mimikatz for extracting credentials, and DiskCryptor for encrypting data.

Continue reading →

Recent breaches like that at Equifax have highlighted the importance of supporting victims with identity management services in the aftermath of an attack.

Identity and data defense firm CyberScout is launching a comprehensive marketplace for identity management, privacy, and cyber security education products and services, aimed at providing individuals with a one-stop-shop solution for all services relating to cyber protection.

Continue reading →

Operational technology networks are used with specialized Industrial Control Systems (ICS) to monitor and control physical processes such as assembly lines, mixing tanks, and blast furnaces. These networks are ripe targets for adversaries according to a new study from industrial cyber security company CyberX.

Many of these networks are exposed to the public internet and easy to crack using simple vulnerabilities like plain-text passwords. Lack of even basic protections like antivirus can enable attackers to quietly perform reconnaissance before sabotaging physical processes.

Continue reading →

Maintaining security in the cloud and container environments is an increasing problem according to a new survey.

The study by intrusion detection platform Threat Stack finds that 31 percent of those interviewed say they are unable to maintain security as their cloud and container environments grow. As a result, 62 percent say that they’re seeking greater visibility into their public cloud workloads.

Continue reading →

UK consumer group Which? is calling on the government to make an amendment to the Data Protection Bill that's currently being debated in Parliament. The group is looking for a change in the law that would make it easier for organizations to seek redress for groups of people in the event of a data breach.

Research by Which? suggests that there is confusion surrounding who is responsible for safeguarding data, and little knowledge among consumers about how to go about obtaining compensation.

Continue reading →

Text messages are often used as a means of implementing two-factor authentication on websites and in apps, but now Google is actively pitching its own alternative, known as Google prompt, to customers.

Traditionally users would receive a one-time code on their mobile device contained within a text message which they would have to enter to gain access. With Google's solution though, they will receive a prompt asking if they are trying to sign in. Users trying to sign in will gain access while those not expecting the login prompt will be denied.

Continue reading →

Ransomware is one of the most concerning, and the most prevalent, forms of malware around at the moment. While there are numerous security tools out there that you can install to keep yourself protected, if you have upgraded to Windows 10 Fall Creators Update you have a built-in tool at your disposal.

Called Controlled Folder Access, the feature locks down files and folders to protect them against unwanted changes -- including encryption by ransomware. It's not enabled by default, so here's what you need to do.

Continue reading →

Smartphone users have been urged to ensure their devices are properly protected against cyber threats, in a new report from one of the world's top security firms.

The latest Kaspersky Cybersecurity Index has warned that over-reliance on mobile devices could be putting consumers around the world at risk as they stop using PCs for many everyday tasks.

Continue reading →