A recent survey of 500 businesses revealed that nearly half were brought to a standstill by a ransomware attack within the last 12 months. Ransomware is malware that installs covertly on a victim's computer, executes a crypto-virology attack that adversely affects it, and demands a ransom payment to decrypt it or to not publish it.

There has been more and more documented evidence that ransomware is on the rise, particularly in the UK. It's being used as a sort of testing ground to the point whereby ransomware has become the number one threat facing British organizations in 2016.

Continue reading →

The recent US elections served up plenty of drama and even more suspense as the campaign entered its final stretch. Pollsters and forecasters crunched data continuously to accurately predict the paths to victory or defeat for both parties.

One of the most publicized concepts was the supposed "blue firewall", a group of states that had consistently voted for the Democratic party in past elections. If the Democrats could hold onto their lead in these states, they’d all but guarantee victory, or so the polling experts predicted…

Continue reading →

Online, hooked up, plugged in and "on the cloud". Whether it is your own personal information such as saved passwords or credit card information or if it is your client's’ personal information, so much of our personal lives can now be easily accessed just with a little Wi-Fi. With our new found accessibility -- everything at the click of a button -- our lives have become all that much more convenient, and our businesses and assets have become all that much more vulnerable. Cybercrime has boomed over the last decade and has become a real problem for businesses, large and small alike.

In the U. S. alone, more than 35,000 computer security incidents happen each day, and that is only the reported attacks. Many more attacks happen but go unreported as businesses aren’t legally required to report some types of attacks. According to PwC’s 2015 US State of Cybercrime Survey, a total of 79 percent of respondents detected a security incident in the past year. The security firm Gemalto estimated that in 2015 alone, more than 700 million data records were compromised, but unfortunately only 37 percent of organizations have implemented a dedicated cyber incident response plan.

Continue reading →

Employees have poor security practices and use completely unsecured private devices for work, putting their organizations at huge risk of cyber-attacks, a new report by WinMagic says. After polling workers in the UK, the report says more than four in ten (42 percent) use private devices for work, accessing corporate data and e-mail accounts.

More than half (52 percent) use private accounts, including enterprise file sharing services (EFSS), which they use to either store or access corporate files. Only a third (34 percent) say they had never done so. Laptops, smartphones and USB devices are the top three personal devices used for work, and Hotmail, Gmail and Dropbox are the top three online services used by employees.

Continue reading →

Gamification is increasingly used by business as a means of enhancing the usability of software. But now it seems hackers are exploiting the technique too.

Researchers at threat protection company Forcepoint have uncovered a DDoS package being shared on Turkish hacking forums employing a gamified approach.

Continue reading →

Nine in ten NHS trusts still rely on Windows XP, even though Microsoft stopped supporting the platform with new patches and security fixes a year and a half ago.

This information was released by Citrix, and it is based on a Freedom of Information (FoI) request. Out of 63 trusts Citrix reached out to 43 responded, and 90 percent say they still use Windows XP.

Continue reading →

Public awareness of data security issues has never been higher. Not only have data breaches made the news but the FBI's battle with Apple has put encryption in the headlines too.

Yet despite the high profile of threats a new survey of IT security professionals from secure browser company Authentic8 shows that businesses aren't taking basic steps to protect themselves.

Continue reading →

HP has redesigned the way it protects printers, setting a new industry standard, the company announced in a press release this week.

Its new Secure Managed Print Services (MPS) offer "advanced" security professional services and solutions, as well as expanded core delivery capabilities, which now include a new remote fleet security management service. The company also says it will be pre-configuring its print devices for security.

Continue reading →

Phishing has proved to be one of the most profitable techniques for hackers. A new report from cyber security company Imperva reveals that the availability of turnkey services is making it even more effective.

Imperva researchers explored the darknet marketplace to estimate the cost of phishing campaigns and to get a clear picture of the hackers' business model. They discovered phishing-as-a-service (PhaaS) campaigns were easy to buy and low cost.

Continue reading →

If there’s one thing you can say with certainty about cyber-security in 2017, it’s that many companies are going to fail because they are simply not doing the right thing. Fundamental flaws still exist.

Until the technical people lift their heads up and see that security and business are different sides of the same coin, we will inevitably see more damaging attacks. When security people learn to speak in the language of business they will begin to understand just where in the organization they need to apply their expertise.

Continue reading →

With more of us than ever doing our shopping online over the holiday period we want to feel that we can do so safely.

But a new report from security ratings company SecurityScorecard exposes cyber security vulnerabilities across 48 of the biggest US retailers.

Continue reading →

The past year has been a pretty eventful one for many reasons, not least in the area of cyber security which has seen attacks gaining in sophistication and persistence.

If you were expecting 2017 to be an improvement you may be in for a disappointment according to the Information Security Forum (ISF) which is today publishing its outlook for the threats businesses will face in the next year.

Continue reading →

Terrorism is a daily threat to our freedoms. It is unfortunate, as we used to be able to go throughout our days without the thought of violence. Now, it dominates the news. Heck, when I am in Penn Station in NYC, I see soldiers with machine guns. Sigh.

Unfortunately, terrorists thrive on the internet too. Using social media and video platforms like YouTube, these evil-doers look to recruit new members while sharing propaganda. Today, Google announces that it is partnering with some major players -- Facebook, Microsoft, and Twitter -- to fight online terrorism with a special database. The partners will look to protect user privacy in the process.

Continue reading →

Following the massive attack that took down the servers of the DNS service provider Dyn and a number of high profile websites including Netflix, Twitter, Spotify and Reddit last month, Amazon Web Services (AWS) has announced a new technology to protect sites against distributed denial of service (DDoS) attacks.

The new tool, which is called AWS Shield, was announced at the company's re:Invent developer event in Las Vegas. Amazon's own site was affected by the attack on Dyn and the company has now decided to launch its own DDoS protection service to ensure that its site and those that use AWS are able to withstand future attacks.

Continue reading →

Social engineering, as a method of cyber-security attacks, is very popular and quite widespread, according to a new report by cybersecurity firm Agari. It had polled 200 professionals from healthcare, government, financial services and education sectors.

Six in ten (60 percent) of security leaders say their organization either was, or "may have been" a victim of at least one targeted social engineering attack, on the last year alone. Two thirds of those attacks (65 percent) led to employees’ credentials getting compromised.

Continue reading →