Articles about Security

In the wake of the recent breach at credit agency Equifax it's only natural that people are keeping a close eye on their bank statements and credit reports.

Of course the bad guys know this too and a new report by Barracuda Networks looks at an email attack that is impersonating a 'secure message' from financial institutions.

Continue reading →

A bug has been uncovered in Internet Explorer which makes it possible for websites to view anything that is typed in to the address bar. This means that web addresses and search terms could be accessed by a hacker or malicious website.

The vulnerability was discovered in the very latest version of Internet Explorer, and Microsoft is yet to release a patch for it. Discovered by security researcher Manuel Caballero, the attack can be made completely invisible to a victim.

Continue reading →

Equifax chairman and chief executive Richard Smith has stepped down from his leadership role at the credit rating agency following the data breach that affected 143 million US consumers and 400,000 in the UK earlier this month.

Equifax has released a statement in which it said that Smith will vacate the company after working there for more than ten years and that its Asia-Pacific president, Paulino de Rego Barros will now serve as its new chief executive.

Continue reading →

British mobile users are putting their personal details at risk by keeping large amounts of information on unsecured mobile devices, new research has warned.

Security firm Bitdefender has revealed a report showing that almost half of users in the UK store their sensitive personal and private information on smartphones that are often neither updated or protected.

Continue reading →

In an effort to protect its users from the effects of distributed denial of service (DDoS) attacks, Cloudflare has announced that its customers will receive a new protection tool for free.

The Unmetered Mitigation feature, which will be available for both paying and non-paying users, will receive the new feature intended to protect against all DDoS attacks regardless of their scale. Company CEO Matthew Prince believes that is time for security firms to change the way they treat customers affected by an attack.

Continue reading →

The cyber security market doesn't stand still for long and there's a constant arms race between the good and bad guys.

Security company BullGuard is doing its bit to keep up by launching its next-generation anti-malware engine that's capable of detecting the latest zero-day threats. It will be rolled out across a range of BullGuard endpoint protection products.

Continue reading →

Threat detection company RiskIQ has released the latest of its quarterly reports into threat trends, this one looking at phishing.

It finds that in the second quarter of 2017 there were 39,320 unique phishing domains, down from 45,025 back in the first quarter. However, there were 316 targeted phishing brands in Q2 -- up 15.7 percent from the 273 brands targeted in Q1.

Continue reading →

As part of the European Cyber Security Awareness Month, the first week of October in the UK marks Security Serious Week.

This not-for-profit event set up by Eskenzi PR will present five panel-style webinars for participants from UK businesses on the theme of Bridging the Cyber Skills Gap through Diversity and Creativity.

Continue reading →

The second quarter of this year has seen DDoS attacks continue to target IoT networks according to attack protection specialist Nexusguard.

Nexusguard gathers DDoS attack data through botnet scanning, honeypots, ISPs and traffic moving between attackers and their targets, so the data is unbiased by any single set of customers or industries.

Continue reading →

A new study shows that companies and government agencies are being overwhelmed by frequent, severe ransomware attacks that have become the number one threat organizations face.

The 2017 Ransomware Report from Crowd Research Partners, commissioned by Cybersecurity Insiders is based on the responses of over 2,200 cybersecurity professionals.

Continue reading →

We all know we need to protect our computer systems when they're connected to the internet, but there’s generally less awareness of the threat posed by the latest generation of Internet of Things devices.

Cyber security company Comodo wants to make these devices more secure with the launch of a new IoT Security Platform that will allow device manufacturers and network providers to issue and manage PKI and SSL certificates for private ecosystems.

Continue reading →

The healthcare industry accounted for 26 percent of security incidents in the second quarter of 2017 according to a new report.

The study from McAfee Labs sees healthcare surpass the public sector to report the greatest number of security incidents in Q2. The health, public, and education sectors combined comprised more than 50 percent of total incidents in 2016-2017 worldwide.

Continue reading →

It has been quite some time -- nearly a year in fact -- since we were talking about the Dirty COW vulnerability affecting the Linux kernel. Now the vulnerability is back, but this time it is Android users who need to be concerned.

The privilege escalation vulnerability has been exploited by a piece of malware by the name of ZNIU, or AndroidOS_ZNIU. The malware uses the Dirty COW exploit to root devices and install a backdoor which can then be used to collect data and also generate profit for the attackers through a premium rate phone number.

Continue reading →

Apple has only just released macOS High Sierra, but before the update was even out of the door, a 0-day vulnerability had been discovered. A flaw in the Mac keychain makes it possible for malicious applications to steal the contents of the keychain, including plaintext passwords. It affects not only High Sierra, but also older version of macOS.

The way keychain works means that it should not be possible for the keychain to be accessed without providing the master password, but the vulnerability bypasses this requirement. The problem was discovered and demonstrated by security researcher Patrick Wardle from Synack, who is also a former NSA hacker.

Continue reading →

Five percent of all small and medium-sized companies in the entire world were victims of a ransomware attack in 2016 alone, with the money paid out to reclaim data reaching new highs, new research has revealed.

Datto's new State of the Channel Ransomware Report found that an estimated $301 million (£222 million) was paid to ransomware hackers from 2016-2017.

Continue reading →