It's a common belief that anything that appears online is fair game for downloading and sharing, and this idea extends to Facebook profile pictures. Facebook has found that in India in particular there is great concern from users -- particularly woman -- about uploading a profile picture in case it is download and shared elsewhere.

Responding to this, the social network is trialling features that will grant users more control over their profile pictures. Facebook is not only introducing a new profile picture guard, but also encouraging people to add a design layer to their images to discourage misuse by others. If the trial proves successful, the feature will enjoy a wider rollout.

Continue reading →

For decades, the Microsoft Security Bulletins have provided IT administrators with a monthly list of vulnerabilities and accompanying patches. Much to the chagrin of the IT community, these Bulletins have been replaced by the Security Update Guides portal (SUG), which many administrators believe will be a lot more work for them, especially for patch management professionals who already have enough on their plate.

Moreover, the additional time to research and understand the security patches required for their unique environments will only lengthen the time to patch. While the portal is searchable by Common Vulnerabilities and Exposures (CVE), Knowledge Base (KB) article, product or release date, the change in process will impact the daily routines of IT administrators and security professionals around the world.

Continue reading →

Cisco has unveiled its network of the future designed with the ability to learn, adapt and evolve to combat security threats and manage the increased load put on networks by an ever-increasing number of devices.

The company created its new network with the intent of developing an intuitive system that can anticipate actions, stop security threats and continue to evolve and learn over time. Cisco's network of the future will allow businesses to solve the challenges they face in a time of increased connectivity and distributed technology.

Continue reading →

Retailers are facing losses of up to $71 billion globally as the number of fraudulent card-not-present (CNP) transactions rises hugely within the next five years.

A new report from Juniper Research has revealed that a number of different factors are driving the increase in fraud, including the US shifting towards EMV cards, delays in 3DS 2.0 and click-and collect fraud methods.

Continue reading →

Getting your Android apps through Google Play is considered safe, but there are times when even the search giant's store is dangerous. Case in point, Kaspersky uncovered two more trojan-infected apps that weren't removed until they had over 60,000 installs.

Kaspersky security researcher Roman Unuchek reports that, since September 2016, he has discovered "several dozen new malicious apps" on Google Play, all of which "were rooting malware that used exploits to gain root rights on the infected device." Obviously, Google failed to catch any of those in time either.

Continue reading →

Given the recent increase of violent incidents around the world, in addition to everyday risks and natural disasters, businesses are naturally concerned about protecting their staff.

New research by enterprise safety application company Everbridge  shows that mobile workers expect that their companies will be able to provide safety information to them should something happen or should they be in the proximity of a serious event. It also shows staff are willing to sacrifice privacy to achieve this.

Continue reading →

A report released today shows that, while an average of 16 percent of websites across all industries can thwart simple bot attacks, only five percent are able to properly protect against sophisticated attacks.

The study from bot detection specialist Distil Networks, in conjunction with the Online Trust Alliance (OTA), evaluated the top 1,000 websites in retail, banking, consumer services, government, news media, internet service providers and OTA members.

Continue reading →

A growing number of British consumers are using their neighbors' Wi-Fi, sometimes even without permission, because they can't afford their own.

This is according to a new report by Santander, which also says that the price of phone and broadband services has increased hugely over the past ten years.

Continue reading →

Two weeks ago, Kaspersky Labs filed antitrust complaints against Microsoft in Europe, alleging that the software giant disabled third-party antivirus software in Windows 10 in order to benefit Windows Defender.

In a long blog post today, Rob Lefferts, director of program management for Windows enterprise and security, admits (without mentioning Kaspersky specifically) that Microsoft "temporarily" disabled some parts of AV software it considered incompatible with Windows 10 Creators Update.

Continue reading →

The cost of a ransomware attack can be pretty substantial. Businesses that are not well prepared are looking at lost revenue from downtime and massive damage to their reputation, not to mention a pretty hefty ransom bill as well.

For web hosting company Nayana, that was $1 million. Nayana, which is based in South Korea, had 153 of its Linux-based servers infected by the Erebus ransomware on June 10. The attack affected roughly 3,400 customers that relied on its services for hosting websites, databases and multimedia content.

Continue reading →

When the WannaCry attack hit last month, a patch was already available to prevent it. Its victims were those who had failed to deploy it.

Software management company Flexera is aiming to help companies close the risk window between patches and attacks with the launch of its new Software Vulnerability Manager.

Continue reading →

The largest share of data breach incidents involved the retail industry, closely followed by food and beverages, according to a new report.

The 2017 Global Security Report from Trustwave shows that 22 percent of incidents involved the retail industry, followed by food and beverages at 20 percent.

Continue reading →

ProtonMail has opened up its free VPN service to anyone who wants to use it. ProtonVPN was previously only available to a limited number of beta testers, but now everyone can secure their internet connection for free.

The company is best known for its encrypted email service, but the prospect of a free VPN tool will also be enticing to anyone who has concerns about privacy. It also provides a free way of bypassing internet restrictions that may be put in place by governments or ISPs.

Continue reading →

People have been hiding secrets in everyday objects for hundreds of years. The digital world is no exception, and McAfee Labs has released its latest Quarterly Threat Report, part of which looks at how evasion techniques can be used to distribute malware.

The use of evasion techniques started in the 1980s, when a piece of malware defended itself by partially encrypting its own code, making the content unreadable by security analysts. Since then a dark market for off-the-shelf evasion technology has developed and several contemporary malware families now make use of evasion techniques.

Continue reading →

Nearly a month after it struck devices around the globe, new information has emerged surrounding the major WannaCry ransomware attack.

The BBC says British officials from the National Cyber Security Center (NCSC) are now claiming infamous North Korean cyber-criminal group Lazarus was behind the attack.

Continue reading →