The rapidly changing world of cyber security means that companies need to be able to respond quickly to threats.

Security information management company EventTracker is launching a new version of its SIEM platform, which provides advanced features to combat modern ransomware and mutating malware, along with expanded threat intelligence.

Continue reading →

If you have $20 to spare and some "basic programming knowledge," you can create a powerful hacking tool that can collect huge amounts of user credentials, easily. The best part about it is that you don’t even need to use any malware or viruses -- everything can be clean as a whistle.

The news was revealed by security experts Kaspersky Lab, which was able to create such a device using a Raspberry-Pi microcomputer that was then configured as an Ethernet adapter.

Continue reading →

The recent WannaCry attack has highlighted the dangers of running out of date and un-patched systems.

New research by security ratings company BitSight has released a new report showing that organizations with more than 50 percent of their computers running outdated versions of an operating system are more than three times as likely to experience a breach. In addition those with more than 50 percent of their computers not running the latest version of an internet browser are more than twice as likely to experience a publicly disclosed breach.

Continue reading →

It’s the latest in a long line of cybersecurity incidents involving a well-known brand: In April, Chipotle Mexican Grill notified customers that it detected "unauthorized activity" on a credit card payment processing system. This put the restaurant chain in a position no company wants to be in -- recommending that customers "closely monitor" their bank statements for unauthorized charges.

With the incident, Chipotle joins the ranks of high profile organizations that have suffered breaches of their payment processing networks. The impact proves damaging: A study from the Federal Reserve Bank of Boston found that only 35 percent of consumers believed their personal information was secure during credit card purchases before the Target breach in 2013. But after that breach, this low level of confidence plunged even further to 24 percent.

Continue reading →

According to extensive research from the Israeli cyber-security firm Check Point, a Chinese digital marketing company called Rafotech has infected millions of computers worldwide with adware that redirects user traffic to fake search engines.

The fake search engines then divert their search queries through Google and Yahoo's affiliate programs to earn a commission for the company behind the adware. So far Rafotech has infected over 250 million computers according to a rough estimation from Check Point.

Continue reading →

The majority of financial services are at risk of insider cyber threats because their mainframe environments have blind spots, according to Compuware.

The company's latest research claims that organizations such as banks keep the majority of the sensitive customer data on the mainframe, as they consider it the securest in the entire enterprise. However, they are not monitoring it close enough to truly understand what those with privileged access are doing with that data.

Continue reading →

The number of impersonation attacks rose by 400 percent this quarter, new research has revealed.

According to a new report by Mimecast, attacks where malicious actors carefully impersonate C-level executives, employees or business partners are on the rise.

Continue reading →

Researchers from the Kromtech Security Research Center have discovered an unprotected database online that includes information on about 10 million cars sold in the US.

As well as data such as VIN and details of payment plans, the database also includes detailed information about owners, such as name, address, phone numbers and occupation. It has been left exposed online for over four months, but it's not clear who the owner is -- or how to address the security risk it poses.

Continue reading →

New research from threat intelligence company Recorded Future reveals that of 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75 percent were publicly reported online before they were published to the NIST's centralized National Vulnerability Database (NVD).

Sources reporting include easily accessible sites such as news media, blogs, and social media pages as well as more remote areas of the internet including the dark web and criminal forums.

Continue reading →

A new report into cyber security trends shows healthcare to be the most frequently targeted industry, with 164 threats detected per 1,000 host devices.

Next most targeted are education and media, which had 145 and 123 detections per 1,000 host devices, respectively. By comparison, the food and beverage industry came in as the least targeted industry with just 17 detections per 1,000 hosts.

Continue reading →

Security software firm Kaspersky Labs has filed antitrust complaints against Microsoft in Europe. The complaints center around Microsoft disabling third party antivirus software in Windows 10 to favor its own Windows Defender.

The Russian company complained to the German Federal Cartel Office and the European Commission, saying that Microsoft abused its position. Microsoft has made some changes to the way Defender works, but Kaspersky does not believe this goes far enough.

Continue reading →

The UK government, and Theresa May in particular, has been criticized for an apparent lack of awareness in how online encryption actually works following the Prime Minister’s call for tighter regulation following the attacks.

Declaring that some internet giants were providing extremist ideology "the safe space it needs to breed," PM May took aim at not just the companies, but the internet itself, in her statement yesterday.

Continue reading →

Security researchers have warned that more dangerous malware has been released from the recent NSA dump that resulted in the WannaCry ransomware outbreak.

Experts at Secarma have revealed that the attack could be hiding another malicious package, which could be as dangerous as WannaCry.

Continue reading →

With growing numbers of data breaches and increasing pressure from regulations like GDPR, companies need to enact stricter security policies.

Object and cloud storage specialist Scality is addressing this with the launch of Scality RING7, a new software-defined, multi-site file system and object storage solution.

Continue reading →

Companies face the possibility of security breaches from many different sources, which means they must constantly react to new threats.

New player in the security field Balbix aims to put security professionals ahead of the game with the launch of its predictive breach-risk platform. It can be used to predict top breach scenarios, prioritize security fixes and provide risk insights to prevent security incidents before attacks happen.

Continue reading →