A new report from cloud security company Netskope reveals that while enterprise cloud adoption continues to rise, unsanctioned use of services remains a problem.

The results show that half of all users of officially sanctioned cloud storage services like Box and Dropbox also have a personal instance of the same service. This can make detection of unauthorized copying of data more difficult.

Continue reading →

Of companies that use two-factor authentication, 74 percent admit that they receive complaints about it from their users -- and nearly 10 percent of them just ‘hate it.’

This rather surprising information comes from a studty by access control company SecureAuth, carried out in conjunction with Amplitude Research, which surveyed 300 IT decision makers and cybersecurity professionals on industry perspectives and concerns over 2FA.

Continue reading →

A new survey reveals that 65 percent of senior IT and security executives think that the biggest security risks for business come from public clouds.

The study from IT solutions company BMC in conjunction with Forbes Insights also shows that 69 percent of respondents say digital transformation is forcing fundamental changes to existing cybersecurity strategies.

Continue reading →

It only takes one successful cyber-attack to seriously hurt a company, so it’s shocking to see that UK businesses suffered, on average, almost 230,000 cyber-attacks in 2016.

This is according to Beaming. The ISP says a third of attacks was targeting company databases, but two thirds were, in fact, attacking connected devices, such as security cameras or building control systems. Such devices can be controlled remotely, through the internet.

Continue reading →

It’s that time of the year again: when the great and good of the cybersecurity industry reach for their crystal balls to anticipate what the threat landscape might look like in the next 12 months. We all know cybercriminals by and large don’t operate to annual deadlines.

But December still represents a good opportunity for us to point out what might be coming down the road. It’s what Trend Micro’s 1,200-strong global threat research team does all year round to ensure we’re prepared for anything the black hats can throw at us. The good news for the UK’s CISOs is that much of what we’ll see is a steady evolution from threats that will already be familiar to many. The bad news: that won’t make them any less dangerous.

Continue reading →

Facebook, Apple and Google face a drop in ad revenue if EU proposals to apply the same rules to online messaging services that currently apply to telecoms companies go through. In a nutshell, the proposals suggest that the likes of WhatsApp, Gmail and iMessage should ask for explicit user permission to allow tracking with a view to delivering targeted ads.

Google and Microsoft have already faced criticism for scanning emails and using the contents to tailor advertising to the recipient. The EU wants online message services to be subject to the ePrivacy Directive to help improve confidentiality and security.

Continue reading →

A new report from cyber security and application delivery company Radware reveals that almost half of businesses (49 percent) say they’ve been the subject of a cyber-ransom campaign in 2016.

Ransom was the top motivation behind cyber-attacks they had experienced according to 41 percent, followed by insider threats (27 percent), political hacktivism (26 percent), and competition (26 percent).

Continue reading →

We're all looking for ways to save time and effort, so it's hardly surprising that some web browsers offer a feature that automatically fills in online forms with commonly requested personal information. While incredibly useful, the feature can also be exploited to extract data a user might not want to share with a particular website.

Chrome, Opera and Safari all offer to save and automatically fill in details such as name, address, phone number, and so on, and users are ordinarily only aware of the data which is obviously filled in on their behalf. But a web developer shows how it is possible -- and very, very easy -- to use hidden fields to secretly gather all of the information saved in an autofill profile.

Continue reading →

Historically, the idea of a hacker has always conjured up images of the outsider trying to gain access to government or corporate systems.

But in recent years it's become clear that insiders can present just as big a threat, whether from malicious intent or just careless use of systems.

Continue reading →

With massive data breaches uncovered daily or weekly, it’s hard not to be a bit numb to the urgency and magnitude of the issue. For most organizations, the problem is far from solved. Apathy in place of outrage at this juncture could diminish any help before it gets started. At the same time, misguided efforts will result in continued failure.

A giant Python-esque foot has not yet come down to condemn the ludicrousness of such a broad catastrophe but losses and damage have been mounting. This year, cybercrime overtook physical crime in the UK, marking a profound changing of the times. The National Crime Agency estimates the annual loss to UK businesses of £1 billion in direct costs, although the more realistic number is far greater, particularly considering the cost of stolen intellectual property and business secrets and other loss and damage not typically reported.

Continue reading →

Last year saw the Mirai botnet harness routers and other IoT devices to launch DDoS attacks against internet services.

Is this type of attack something we’re going to see more of in 2017, and what can companies and individuals do to protect themselves? We spoke to Sam Rehman, chief technology officer at attack prevention specialist Arxan Technologies to find out more about security and the Internet of Things.

Continue reading →

This is one of the many times of year that retailers have sales, coinciding neatly with the time of year when many people are feeling the pinch after splashing out on food and presents. But if you're scouring Amazon for great deals, watch out for sellers who are actually using low prices to lure you into a phishing scam.

One seller going by the name of (among others) Sc-Elegance uses "used, like new" tech products as bait, ultimately directing buyers to a fraudulent site to make payments. Security experts are warning shoppers to be on their guard.

Continue reading →

D-Link is facing a lawsuit brought against it by the US Federal Trade Commission for the poor security of its routers and connected cameras. The FTC says the company failed to take reasonable steps to protect users from hackers.

The FTC is seeking to improve the security of all IoT (internet of things) devices in the wake of compromised devices being used to launch high-profile DDoS attacks such as Marai and Leet Botnet. D-Link argues that the charges brought against it are "unwarranted and baseless" and plans to "vigorously defend itself".

Continue reading →

With large scale cyber attacks constantly hitting the headlines, businesses ought to be aware of the need to protect themselves.

But a new study by Kaspersky Lab shows that 40 percent of businesses are unclear on how to protect themselves against targeted attacks and DDoS.

Continue reading →

Data breaches are bad news for companies not just in terms of potential losses but in damage to reputation.

Larger enterprises are realising that they need to protect not just their central locations but also their remote and franchise locations in order to guard their brand.

Continue reading →