Articles about Security

The UK government has made no secret of its dislike of encrypted messaging tools, and it has made frequent reference to the problems WhatsApp causes it with regard to investigations into terrorism. Calls have been made by the government to force companies to allow access to encrypted content when asked.

In the wake of Theresa May's "more needs to be done about extremist content" speech, it has emerged that WhatsApp refused to add a backdoor that would allow the government and law enforcement agencies to access private conversations.

Continue reading →

The Librem 5 smartphone by Purism has a long and difficult road ahead of it. Competing against the likes of Apple and Google on the mobile market has proven to be a death sentence for many platforms -- including Microsoft with its failed Windows 10 Mobile. With that said, I am rooting for Purism and its Pure OS, as the world would benefit from a device that uses Linux and focuses on both privacy and security. Such an alternative to iPhone and Android would be a breath of fresh air.

Luckily, Purism has found itself a new partner on this project -- one of the most important organizations in the Linux community -- The GNOME Foundation. Yes, the maker of the absolute best desktop environment is offering to assist with the Librem 5 -- if it is successfully crowdfunded, that is. To date, it is only about 33-percent funded, although there is still more than a month to go.

Continue reading →

One of the hardest things for security teams to do is accurately evaluate the level of risk that their organization is facing.

Cyber security firm Nehemiah Security is launching the latest version of its AtomicEye RQ (Risk Quantifier) platform that can calculate a system's exploitability and generate comprehensive risk reports.

Continue reading →

Effective password management is essential in helping to control data breaches, but employees often use the same passwords for both work and personal use, leaving corporate data potentially exposed.

Password management company Dashlane is launching its new Dashlane Business 2.0 enterprise password solution.

Continue reading →

Despite training and other efforts to combat the problem, phishing is still proving a remarkably effective tactic for cyber criminals according to a new report.

The study by cloud business applications company Intermedia shows that while 70 percent of office workers say that their organization regularly communicates with employees about cyber threats as a means of prevention, there are significant gaps between confidence and effectiveness.

Continue reading →

With most organizations now increasingly using a wide variety of software and IT tools to maximize their potential, keeping track of all your various services has never been more important.

This importance has been highlighted by new research from CA Technologies showing that those organizations that are able to adopt modern software development practices are seeing overwhelmingly more benefits than those who don't.

Continue reading →

BT is set to launch its first cybersecurity R&D center outside of the UK with the opening of a new hub in Sydney.

The office will focus on developing security services than can be deployed both locally and across the world, with BT saying this will include areas such as  cyber security, machine learning, data science analytics and visualization, big data engineering, cloud computing, and data networking, as well as "the full life cycle of software engineering."

Continue reading →

The latest report from risk management and cyber security company Nopsec looks at the use of social media in risk analysis.

Twitter in particular seems to be becoming the go-to resource for security researchers and attackers looking to disseminate proof-of-concept exploits.

Continue reading →

Microsoft has revealed a major new addition to its Azure cloud platform, aimed at keeping user data safe.

The feature, called Confidential Compute, will make sure the data is being encrypted even when it’s being computed on in-memory. So far, it’s been encrypted while stored or while in transit on a network.

Continue reading →

When news broke yesterday that CCleaner had been hacked and a dangerously modified version had been available to download for a number of weeks, there were understandable concerns from the program's large userbase. And the concern is well-placed -- some 2.27 million machines are thought to have installed the infected software.

Avast now has something of a PR nightmare on its hands as it tries to rebuild the trust of its users. To this end, company CEO Vince Steckler and CTO Ondřej Vlček have written an article clarifying what happened with CCleaner, and give some details about how they plan to protect their customers -- as well as "correct[ing] some misleading information that is currently circulating."

Continue reading →

An architecture flaw in mobile networks could allow hackers to intercept SMS one-time passwords and access Bitcoin wallets.

The vulnerability uncovered by enterprise security specialist Positive Technologies means that with just a person's first name, last name, and phone number, researchers were able learn the email address linked to the wallet, obtain control over it, and gain access to the wallet itself including withdrawing funds.

Continue reading →

With the EU's General Data Protection Regulation set to come into force in May next year, companies are rushing to ensure that their systems will comply with its rules.

Yet a new report from cloud security company Netskope finds that almost three-quarters of cloud services still lack key capabilities needed to ensure compliance with the GDPR regulations.

Continue reading →

A new report into mobile threats reveals that in the first half of 2017, there were more common vulnerabilities and exposures (CVEs) registered for Android and iOS than in all of 2016.

The study by mobile threat defense company Zimperium, based on data from its z3a app analysis tool, also shows that many devices aren't running the latest operating systems, leaving them vulnerable.

Continue reading →

Users of cleanup, privacy and optimization tool CCleaner are being warned to update their software after it emerged the tool was compromised by hackers. Security researchers at Cisco Talos say that there are a "vast number of machines at risk."

CCleaner is produced by Piriform, now a subsidiary of security firm Avast, making the compromise not only serious, but also embarrassing. With 2 billion downloads -- a number that's rising at a rate of 5 million per week -- the software was targeted by hackers who added a backdoor that could be used to download malware, ransomware and keyloggers. The problem is being compared to the NotPetya ransomware threat.

Continue reading →

An overwhelming majority of the UK’s IT professionals (90 percent) have their worries when it comes to securing the public cloud, according to a new study.

Research by Bitdefender found that 90 per cent of British professionals had concerns around the security of public cloud. A fifth (20 per cent) also said that their business doesn’t have security measures set up for sensitive data outside the company infrastructure.

Continue reading →