Adding extra features like plugins and social media links makes websites more likely to be compromised according to a new report.

The study by website security company SiteLock finds that sites with between one and five plugins have 1.5 times more chance of being compromised than the average site.

Continue reading →

There is a notion by many people that Linux-based operating systems are impervious to malware and are 100 percent safe. While operating systems that use that kernel are rather secure, they are certainly not impenetrable. In fact, users are arguably less safe when they believe that stereotype, since they could be less vigilant.

Many of these same people view Windows as being Swiss cheese-like. With that said, would you be surprised if I told you that threat methods for Linux increased an astonishing 300 percent in 2016, while Microsoft's operating systems saw a decrease? Well, according to a new report, that is true.

Continue reading →

Police in the Ukraine have seized the servers of Intellect Service, a company supplying accounting software, as part of their investigation into the NotPetya ransomware attack.

A malicious update to Intellect's MeDoc accounting package is believed to have been responsible for some of the initial NotPetya infections.

Continue reading →

In order to speed up development times and roll out their apps across multiple platforms without the need to create entirely new code, companies are increasingly turning to hybrid apps. The problem is that these rely on HTML and JavaScript code which is relatively easy to reverse engineer.

How can businesses prevent this and keep their apps and the data they handle safe from hackers? We spoke to Andrew Whaley VP of engineering for Europe at application protection specialist Arxan Technologies to find out.

Continue reading →

As the US government decides whether or not to continue using Kaspersky security software, the Russian company has indicated its willingness to hand over source code for review.

Eugene Kaspersky, speaking to the Associated Press, said that "if the United States needs, we can disclose the source code." Rumors have long circulated about Kaspersky's ties to Putin, leading to speculation that the company's software could be used to spy on Americans.

Continue reading →

The Vault 7 leaks continue to flow thick and fast from WikiLeaks, shedding more and more light on the hacking and infiltration capabilities of the CIA. The latest batch details the OutlawCountry project which finds the CIA targeting Linux systems.

With Linux-based operating systems usually lauded for their impenetrability, news of a possible chink in the armour will undoubtedly cause concern. With OutlawCountry, it seems the CIA was able to redirect network traffic from a target machine to an agency-controlled machine for infiltration.

Continue reading →

Slightly over half (53 percent) of local authorities in the UK are ready to take on a cyber-attack, according to a new report by PwC.

When it comes to local authority leaders, 35 percent are confident their staff are well equipped to deal with such an attack. Three quarters (76 percent) of UK CEOs are concerned about cyber threats, and almost all (97 percent) said they’re currently addressing cyber breaches that are affecting business information or critical systems.

Continue reading →

Businesses have been warned that they may be hit for damages in multiple ways after being affected by a cyber-attack.

A new report by Lloyd's of London says there are two different costs linked to a cyber-attack: a one-off cost, and a "slow-burn" effect. The one-off cost is the visible one -- notifying customers, paying ransom, paying for public relation expenses, things like that.

Continue reading →

A new study finds that while attacks increase and financial losses continue to mount, a growing number of companies are preparing to respond to breaches

The research from forensic security company Guidance Software finds that 54 percent of organizations feel well prepared to respond to a major breach in the coming year (up from 51 percent in 2016). Additionally, 25 percent of respondents say they're looking to build a formal security and incident management team within the next year up from 12 percent in 2016.

Continue reading →

Cyber attacks are becoming a regular feature of everyday life and it's more important than ever to be aware of the risks and take steps to protect yourself.

But, according to a survey of 1,000 people across the US by password management company LastPass, different age groups have very different attitudes to security.

Continue reading →

VMWare is finally going to release its security solution for virtual machines, and according to the company's senior VP, it could be released in the third quarter of this year.

Speaking at a global roadshow in Melbourne, Australia, Jeff Jennings said the product (which will probably be called App Defense) will be looking at the "context of a virtual machine."

Continue reading →

With ransomware hitting the headlines at the moment thanks to the Petya/NotPetya attack, a timely new report from cloud data protection specialist Druva reveals it's becoming a ubiquitous global threat affecting enterprises large and small and devices of all types.

The survey of more than 800 companies shows that over 80 percent of respondents report ransomware attacks are on the rise and that half of businesses hit by ransomware have been attacked multiple times.

Continue reading →

All organizations have valuable data which they need to protect, but as their digital footprint gets larger it becomes harder to keep track of and guard all their information.

Content collaboration and governance specialist Egnyte is launching a cloud-based governance solution, Egnyte Protect to provide real-time analysis of all content within an organization and deliver insights to help administrators prevent potential data breaches.

Continue reading →

Charities, just like other organizations, rely heavily on email for their communications, but a new study reveals that in the UK most are not protected against the risks of fraudulent emails and phishing attacks.

The study by platform-as-a-service provider Red Sift analyzed the email domains of over 78,000 charities and found that under one percent have adequate protection using DMARC authentication.

Continue reading →

The ransomware attack we reported yesterday may have begun in the Ukraine, but it spread rapidly across Europe and has now hit companies in Australia and the US including pharmacy giant Merck.

A variant of the Petya ransomware now being dubbed 'NotPetya', it spreads initially by phishing emails and once on a system the ransomware demands $300 in bitcoin. When it's installed on one system behind a firewall it's able to spread rapidly to others on the same network.

Continue reading →