A new survey of IT and security professionals reveals that many teams lack the appropriate endpoint detection and response tools to quickly and efficiently deal with security alerts without the need to take endpoints offline to re-image them.

The survey of 385 North American professionals by forensic security specialist Guidance Software reveals that 95 percent of respondents say advanced software functionality for malware removal and system recovery -- without the need to re-image a system -- is important in an endpoint security suite.

Continue reading →

As the overall percentage of encrypted traffic increases, hackers are increasingly using SSL to conceal device infections, and hide their other activities.

A new study from Zscaler finds that an average of 60 percent of the transactions in the Zscaler security cloud have been delivered over SSL/TLS.

Continue reading →

The latest DDoS intelligence report from Kaspersky Lab shows that long-lasting attacks are making a comeback.

The longest attack in the second quarter of this year was active for 277 hours (more than 11 days) -- which is a 131 percent increase compared to the first quarter and a current record for the year.

Continue reading →

Millions of smartphones around the world could have been affected by a Wi-Fi security flaw, security researchers have claimed.

Broadcom's mobile Wi-Fi chips hid a vulnerability on them which could have allowed malicious actors to potentially attack a billion Android or iOS devices.

Continue reading →

Amber Rudd, the UK Home Secretary, has claimed that "real people often prefer ease of use and a multitude of features to perfect, unbreakable security." Rudd holds the Conservative government's belief that it should be able to access encrypted messages, even when end-to-end encryption is used, such as with WhatsApp.

Using terrorism as a justification for wanting to gain access to encrypted messages, she goes on make extraordinary and misguided claims about what she and the government want. Her bizarre and misinformed rant in the Daily Telegraph is deeply concerning, not only because of the implications her suggestions have on privacy, but also the lack of technical knowledge she demonstrates while making her claims and demands.

Continue reading →

The second quarter of this year has seen two of the largest recorded cyber attacks in WannaCry and NotPetya, and the latest quarterly report from Panda Security reveals there's been an increase in unknown threats too.

PandaLabs analyzed attack data collected from all devices protected by one of Panda Security's solutions and discovered a 40 percent increase in attacks from unknown threats from the previous quarter.

Continue reading →

Small and medium sized businesses increasingly feel that they're vulnerable to cyber threats but most aren't prepared to meet them.

A new survey from endpoint security specialist Webroot finds that 96 percent of businesses with 100 to 499 employees in the US, UK and Australia believe their organizations will be susceptible to external cybersecurity threats in 2017. But although they recognize the threats, 71 percent admit to not being ready to address them.

Continue reading →

As we acquire more voice activated smart devices, there's always the risk that they could be eavesdropping on day-to-day conversations.

We've already seen reports of spying TVs, and now MWR InfoSecurity has exposed a vulnerability in Amazon Echo that can turn it into a listening device without affecting its functionality.

Continue reading →

Ransomware is often considered a somewhat low-stakes annoyance: in most cases, the data itself doesn’t leave the network and public operations aren’t compromised. NotPetya changed the game -- it’s shown us the potential of how wildly damaging ransomware infections can be from here on out. It can feel like science fiction at times, but is now utterly reasonable to consider any data or device with a CPU and memory on your network as something that can be held hostage by ransomware.

Ransomware has proven to be a lucrative endeavor: more and more central and important systems are being targeted. Cryptolocker targeted family photos. Later variants somewhat indiscriminately encrypted any user file they had access to -- and last month, we saw NotPetya locking out machines entirely.

Continue reading →

A distributed denial of service or DDoS is a method used to deny access for legitimate users of an online service. This service could be an e-commerce website, a bank, a SaaS application, or any other type of network service. Some attacks even target VoIP infrastructure.

DDoS attacks are becoming threatening to every type of business. Whether, ecommerce or other online business, none of the firms are safe these days. The situation turned grave especially since 2010 onwards. Hundreds of businesses, both small and large, have lost millions of dollars because of the DDoS attacks.

Continue reading →

HBO is the latest company to suffer a hack and subsequent leak of shows. Hackers are said to have breached the network's security and gained access to 1.5TB of data including Game of Thrones scripts and unaired episodes of shows.

Episodes of Ballers and Room 104 have been leaked online, but it is the release of what appears to the script to next week's Game of Thrones that's drawing the most attention.

Continue reading →

Buying a house is the biggest purchase most people make, with large amounts of money involved it’s not surprising that these transactions are attractive to cyber criminals.

Security specialist Barracuda Networks has released an analysis of a recent mortgage spear phishing attempt where an attacker attempted to divert a payment.

Continue reading →

It's hard -- for me at least -- to get too excited about hard drives. They get bigger, they get faster, and that's about it. But the iStorage diskAshur2 is a little different. This is a 1TB USB 3.1 external hard drive with a twist.

It offers hardware-level AES-XTS 256-bit encryption -- so no software is needed -- secured with PIN authentication. As you can see from the photo, there's a PIN pad built into the drive for easy locking and unlocking, and it's compatible with Windows, macOS and Linux ("it will work on any device with a USB port!"). We've already look at the diskAshur Pro 2, but this diskAshur2 drive is nearly 20 percent cheaper.

Continue reading →

US suspicions about Kaspersky's links to Vladimir Putin are not diminishing. The government has been tracking the Russian security company, and now Congress is seeking information from 22 government agencies about the firm.

The US House of Representatives Committee on Science, Space and Technology has written to the agencies asking for documents, citing fears that Kaspersky Lab's products could be used to carry out "nefarious activities against the United States."

Continue reading →

A new study from anti-malware specialist Malwarebytes reveals that UK users are most likely to pay up if hit by ransomware.

The study of over 1,000 companies across the US, France, UK, Germany, Australia, and Singapore reveals that 56.9 percent of UK businesses surveyed opted not to pay the ransom, and 46.2 percent lost files by not paying. In comparison, 84.1 percent of French businesses surveyed opted not to pay the ransom, and only 24.5 percent lost files.

Continue reading →