According to security firm Flashpoint, the latest strain of the Mirai malware responsible for infecting Deutsche Telekom routers has spread to devices in at least 10 countries other than Germany.

The firm has discovered that the new strain of Mirai has infected routers in places like the UK, Brazil, Iran and Thailand. It is still unknown how many devices have been infected in total, but Flashpoint estimates that five million devices could be vulnerable to the malware.

Continue reading →

Ransomware is expected to deflate a bit next year, but hackers won’t be resting on their laurels, that’s for sure. Instead, they might just move to dronejacking, for a "variety of criminal or hacktivist purposes".

This is according to McAfee Labs, whose new report, the McAfee Labs 2017 Threats Predictions Report, identifies 14 cyber-security trends to watch in 2017.

Continue reading →

Hackers and cyber criminals are often seen as the biggest threat to company IT systems, but a report from behavioral firewall company Preempt shows that insiders, including careless or naive employees, are now viewed as an equally important problem.

The survey carried out for Preempt by Dimensional Research finds that 49 percent of IT security professionals surveyed are more concerned about internal threats than external threats.

Continue reading →

A new study shows that 75 percent of large businesses attempting implementation of the DMARC email authentication standard are not presently capable of using it to block unauthorized email.

This means that enterprises are putting their own security, compliance, and brand protection at risk. Automated mail authentication specialist ValiMail looked at email authentication policies for more than a million business domain names, including those of Fortune 1000, NASDAQ 100, and FTSE 100 businesses.

Continue reading →

Artificial intelligence (AI), machine learning and automation are technology trends dominating discussions in many different industries at the moment and cyber security is no exception.

As cyber criminals become more advanced and the threat landscape continues to develop, businesses are looking to new technologies that can help secure their organization in a more proactive way.

Continue reading →

One of the more popular ways of securing logins in recent times has been the use of push-to-accept technology, sending a verification message to a user's mobile device.

However, this runs the risk of users inadvertently approving login requests that they didn't initiate. Adaptive access company SecureAuth is launching its new Symbol-to-accept technology to boost security without sacrificing convenience.

Continue reading →

A new study from cyber security company Agari reveals the scale of social engineering attacks on industrial organizations across the US.

Of over 200 security leaders surveyed 60 percent say their organizations were, or may have been, victim of at least one targeted social engineering attack in the past year, and 65 percent of those who were attacked say that employees' credentials were compromised as a result. In addition, financial accounts were breached in 17 percent of attacks.

Continue reading →

One of the problems sales teams face is knowing how their pitches, presentations and marketing materials are perceived by the customer.

Cloud-based sales and content management platform Pitcher is hoping to offer teams better insight with its newly patented Sentiment Analysis Module (SAM).

Continue reading →

German telecommunications giant and T-Mobile parent company Deutsche Telekom was the victim of a cyber-attack over the weekend, which left some 900,000 users affected, the company confirms in a blog post.

This weekend, a hacker (or more likely, hackers) infiltrated the company, and tried to infect users' home routers with malware. Deutsche Telekom said its network was not affected "at any time".

Continue reading →

The BitLocker feature of Windows is supposed to offer a degree of peace of mind that files are going to be secure -- but one expert points out that a simple key combo is all it takes to bypass the security feature.

A bug has been discovered in the way Windows 10 handles a Feature Update -- the installation of a new build of the operating system. By taking advantage of the bug, it is possible to access a Command Prompt and gain unrestricted access to the contents of the hard drive.

Continue reading →

If your office was broken into, you would fear what the intruders might take. Being so concerned about the possibility, you fit all the right locks and alarms and have good door and window security. However, do all the service providers that access your office do the same? If they’re not as security conscious, and they get broken into, the intruders could get hold of the access card or key to your office and then they’re in.

It would be galling because, despite having done all the right things to protect your company’s assets, your defenses were still breached. There was a weakness but it wasn’t your security. You gave a vendor the means to access your business to do you a service, and that access was exploited by someone with the skills to take advantage of their weak security.

Continue reading →

The Investigatory Powers Act 2016, the Snooper's Charter, legalized spying: call it what you will, the UK now officially has some of the most extreme internet surveillance powers in the world. The Investigatory Powers Bill was today given royal assent, meaning it has now passed into law.

Unsurprisingly, there have been huge protests from privacy groups, and an online petition against the new powers has already gained more than 136,000 signatures. The Investigatory Powers Act 2016 not only requires ISPs to store records of their customers' browsing history, but also make this data available to dozens of government agencies, and even permits state hacking of phones and computers.

Continue reading →

In the run up to one of the hospitality industry's busiest periods, cyber criminals are targeting hotel chains with a series of targeted attacks.

Cyber security company Trustwave has investigated the attacks, which combine social engineering with sophisticated malware, against a number of its clients in the past month.

Continue reading →

The general consensus appears to be that two-factor authentication (2FA) is the answer to our authentication needs. Be that from usage of consumer sites in our personal lives or as part of our daily requirements when signing into enterprise infrastructure and applications at work.

However the cyber-attack on Three's customer upgrade database is yet another example of how 2FA is not enough. Organizations must move away from relying solely on usernames and passwords, as once again access was gained with a stolen employee login.

Continue reading →

The Great Firewall of China is a famous tool of censorship and state control of the internet -- and Russia wants to throw up its own version of the web filtering system. Russia already operates the so-called 'red web' which is used to not only monitor what Russian citizens are up to online, but also implementing blocks and filters such as the recent ban on LinkedIn.

But now President Putin wants to step things up a notch. Russia and China have become close allies in recent years, particularly in the field of state control of the internet, and there are plans to roll out even greater controls over what web users are able to do and access online, ostensibly from fears of an uprising against the government.

Continue reading →