Articles about Security

The second quarter of this year has seen DDoS attacks continue to target IoT networks according to attack protection specialist Nexusguard.

Nexusguard gathers DDoS attack data through botnet scanning, honeypots, ISPs and traffic moving between attackers and their targets, so the data is unbiased by any single set of customers or industries.

Continue reading →

A new study shows that companies and government agencies are being overwhelmed by frequent, severe ransomware attacks that have become the number one threat organizations face.

The 2017 Ransomware Report from Crowd Research Partners, commissioned by Cybersecurity Insiders is based on the responses of over 2,200 cybersecurity professionals.

Continue reading →

We all know we need to protect our computer systems when they're connected to the internet, but there’s generally less awareness of the threat posed by the latest generation of Internet of Things devices.

Cyber security company Comodo wants to make these devices more secure with the launch of a new IoT Security Platform that will allow device manufacturers and network providers to issue and manage PKI and SSL certificates for private ecosystems.

Continue reading →

The healthcare industry accounted for 26 percent of security incidents in the second quarter of 2017 according to a new report.

The study from McAfee Labs sees healthcare surpass the public sector to report the greatest number of security incidents in Q2. The health, public, and education sectors combined comprised more than 50 percent of total incidents in 2016-2017 worldwide.

Continue reading →

It has been quite some time -- nearly a year in fact -- since we were talking about the Dirty COW vulnerability affecting the Linux kernel. Now the vulnerability is back, but this time it is Android users who need to be concerned.

The privilege escalation vulnerability has been exploited by a piece of malware by the name of ZNIU, or AndroidOS_ZNIU. The malware uses the Dirty COW exploit to root devices and install a backdoor which can then be used to collect data and also generate profit for the attackers through a premium rate phone number.

Continue reading →

Apple has only just released macOS High Sierra, but before the update was even out of the door, a 0-day vulnerability had been discovered. A flaw in the Mac keychain makes it possible for malicious applications to steal the contents of the keychain, including plaintext passwords. It affects not only High Sierra, but also older version of macOS.

The way keychain works means that it should not be possible for the keychain to be accessed without providing the master password, but the vulnerability bypasses this requirement. The problem was discovered and demonstrated by security researcher Patrick Wardle from Synack, who is also a former NSA hacker.

Continue reading →

Five percent of all small and medium-sized companies in the entire world were victims of a ransomware attack in 2016 alone, with the money paid out to reclaim data reaching new highs, new research has revealed.

Datto's new State of the Channel Ransomware Report found that an estimated $301 million (£222 million) was paid to ransomware hackers from 2016-2017.

Continue reading →

Global accountancy firm Deloitte -- known as one of the "big four" -- has been hit by a sophisticated hack. With echoes of the Equifax data breach and CCleaner hack, the cyberattack went undetected for months and results in confidential emails being accessed, as well as company plans, and the private information of high-profile, blue-chip clients.

Deloitte says that only a small number of its clients have been affected, but the size and importance of those that it deals with -- including US government departments -- means that even a limited number could have great impact. The firm is said to have discovered the hack in March, but it is possible that attackers gained access as long ago as October 2016.

Continue reading →

Keeping Windows up to date with the latest fixes is a major challenge for enterprise IT teams and can leave endpoints vulnerable, according to a new report.

The study from systems management company Adaptiva reveals that 59 percent of companies take up to a month or longer to complete Windows OS updates.

Continue reading →

One of the UK’s leading security experts has called for a major shake-up in the way businesses train their employees in online safety.

Symantec CTO Darren Thomson said that workers can effectively be an extra layer of protection for companies looking to prevent themselves falling victim to cyber-attack.

Continue reading →

Russian hackers successfully compromised election systems in some states during the 2016 election. There have long been suggestions that Russia tried to influence the outcome of the Trump vs Clinton election, and now the Department of Homeland Security has informed 21 states that their systems were targeted.

This means that the DHS has concerns about almost half of the states of America, but so far only Illinois has been confirmed as having been successfully compromised.

Continue reading →

Every month, almost 1.5 million new phishing websites are created. This is according to a new report by Webroot, showing just how big of an industry phishing really is.

The Webroot Quarterly Threat Trends Report says that 1.385 million new phishing sites are created every month. May was the busiest of them all, with 2.3 million sites created.

Continue reading →

Hacking outranks other threats including climate change, nuclear power, hazardous waste, and government surveillance in Americans' perceptions according to a new survey.

The study by cyber security company ESET asked randomly selected adults to rate their risk perception of 15 different hazards. Six of the hazards were cyber-related while the rest were other forms of technology hazard.

Continue reading →

Almost two billion data records were either lost or stolen in the first half of this year, according to a new report by Gemalto.

The company found that 1.9 billion records were lost or stolen during the first half of 2017 -- more than in the whole of last year, and equivalent to 10,439,560 records per day -- or roughly 3,000 whilst you read these few sentences.

Continue reading →

Security researchers from Adguard have issued a warning that the popular GO Keyboard app is spying on users. Produced by Chinese developers GOMO Dev Team, GO Keyboard was found to be transmitting personal information about users back to remote servers, as well as "using a prohibited technique to download dangerous executable code."

Adguard made the discovery while conducting research into the traffic consumption and unwanted behavior of various Android keyboards. The AdGuard for Android app makes it possible to see exactly what traffic an app is generating, and it showed that GO Keyboard was making worrying connections, making use of trackers, and sharing personal information.

Continue reading →