Articles about Security

When looking to protect their systems from attack most companies focus on the  protection of endpoints, but it can prove hard for admins to gain visibility into individual systems.

Endpoint protection specialist SentinelOne is launching a new Deep Visibility module for its SentinelOne Endpoint Protection Platform, aimed at providing better visibility at all levels.

Continue reading →

To improve the security of their products, many high profile tech companies have introduced bug bounty programs. The rewards can be pretty substantial, depending on the severity of the bug and the quality of the report, as Samsung's first such initiative focused on its mobile devices proves.

Called the Mobile Security Rewards Program, Samsung's bug bounty program will pay researchers up to $200,000 for finding security vulnerabilities in its mobile devices and related software.

Continue reading →

As we saw earlier this week, the cyber security industry is looking for new blood in order to solve the skills crisis.

Another study this week by security and compliance firm Tripwire underlines this, with 81 percent of existing security professionals believing that the skills required for the job have changed in the past few years.

Continue reading →

Although cyber attacks regularly make the headlines, it's easy to fall into the trap of thinking that it can’t happen to your business. You might think that you’re well protected or that you’re too small to worry about.

A new infographic from communications and cloud company CBTS reveals why everyone is potentially at risk.

Continue reading →

Researchers at Symantec have warned that a "sophisticated attack group" is targeting the energy sector in Europe and North America, and has been doing so for some time. A group known as Dragonfly has been detected carrying out attacks since 2011, and the campaign of attacks was recently stepped up a gear.

Dubbed the Dragonfly 2.0 campaign, the attacks included disruption to the Ukrainian power system in 2015 and 2016. After a quiet period, the group's activities have started up again, with targets hit in US, Turkey and Switzerland. On the hit list are energy facilities -- something that could have devastating consequences.

Continue reading →

According to a new survey of attendees to this year’s Black Hat USA conference, concerns around emerging threats like ransomware and polymorphic malware have sparked a significant increase in collaboration by the cybersecurity industry.

The study by security management specialist AlienVault spoke to over 600 participants at the conference and found that for 43 percent, ransomware is their biggest security concern.

Continue reading →

Following Avast's acquisition of rival firm AVG last year the two companies' products have largely continued side by side.

Today sees the launch of one of the first fruits of the union in the form of Avast Business, combining technology from AVG and Avast, and aimed at smaller businesses and managed service providers.

Continue reading →

Thanks to increased use of mobile and BYOD devices, there's a significant risk to business networks from un-managed and uncontrolled devices which could offer a route for security breaches.

Israeli startup company Axonius is looking to solve this problem with a new platform designed to eliminate blind spots on the network and provide a single place to understand, manage and control the security of all end user, compute and IoT devices.

Continue reading →

Lenovo has settled with the Federal Trade Commission after selling laptops with VisualDiscovery adware pre-installed. The Superfish-developed adware was installed without users' consent and made machines vulnerable to man-in-the-middle attacks.

On top of this, the adware shared users' browsing data with third parties. As part of the settlement, Lenovo must gain explicit consent from users before engaging in similar tactics in the future, and must not misrepresent software that serves to inject ads into browsing sessions. The FTC did not, however, prohibit Lenovo from installing adware on its hardware, nor did it impose a financial penalty on the Chinese company.

Continue reading →

Business Email Compromise (BEC) has become one of the most popular tactics deployed by fraudsters in recent years. A step up from the numerous but low-quality spam campaigns that clog most inboxes on a daily basis, BEC attacks involve a planned attack on a specific target, aided by the impersonation of a trusted contact.

The most commonly seen tactic is to take on the guise of the CEO and use their authority to trick a financial department into transferring funds, while variations include impersonating suppliers and business partners, and going after sensitive data rather than direct payment. In its most recent report, the FBI estimated that financial losses from these attacks is more than $5.3bn since October 2013.

Continue reading →

As the threat of invading malware increases (viruses, worms, Trojans, bots, just to name a few), companies, small and large, will continue to use technology as a means of defence. The antivirus industry is extremely large and continues to garner major investment. As with any technology niche, there is both good and bad within what’s called advanced endpoint security, but it will continue to be installed as a means to protect against modern malware and other possible threats.

It is interesting to me that the term virus has become the way most people understand how computers or enterprise systems become infected. I think it is because people understand the flu and the common cold. And they generally understand how to protect against catching the flu or catching a cold. The most important protection is information.

Continue reading →

New research from research organization the SANS Institute reveals that frontline IT professionals consider ransomware to be the top overall threat to data availability.

Insider threats and denial of service are also considered top threats to sensitive data. While the majority of respondents indicate that they escaped actual compromise of sensitive data in the last year, enough respondents did lose data to provide valuable lessons from these events.

Continue reading →

Senior figures in IT security see enticing staff from non-IT backgrounds and encouraging young people into the industry as vital to addressing the cyber security skills shortage.

A new study commissioned by MWR InfoSecurity and carried out by security discussion and networking group RANT shows respondents feel the core skills needed in cyber security are curiosity (46 percent) or on-the-job experience (34 percent), with no respondents saying a university IT degree is crucial.

Continue reading →

Juniper Networks has announced plans to acquire security analytics software firm Cyphort.

By acquiring Cyphort, Juniper will have access to its open-architecture platform that features a machine learning powered analytics engine that is capable of integrating with existing security tools to aid companies in detecting threats that have been missed by their first-line of security.

Continue reading →

According to a new study of 1,000 UK teenagers, 47 percent have been cyber bullied with 70 percent experiencing it on social media and Facebook being the most common platform.

The survey by McAfee reveals part of the problem appears to be that teens are not getting proper guidance at home or at school about staying safe online.

Continue reading →