Articles about Security

Privacy-focused search engine Startpage.com relaunches with new look, faster speeds and Anonymous View

Startpage,com relaunch

Startpage.com is a privacy-focused alternative to the likes of Google (although the search results are provided by Google -- minus all the ads and stripped of tracking), and the search engine has just relaunched with a new look and new features. The visual changes will be apparent to anyone who has used the site before, but for anyone who is concerned about their online privacy, it is new options such as Anonymous View that will be of greater interest.

This new feature makes it possible to visit websites completely privately, essentially using Startpage.com as a proxy. Importantly, this extra level of privacy and protection does not come at the expense of speed, meaning you can browse the web anonymously without compromise.

Continue reading

Firefox Monitor Notifications will issue a warning if you visit a breached site using Mozilla's web browser

Firefox Monitor

If a website suffers a security breach you may well decide that you want to give it a wide berth. The problem is that it is impossible for individuals to keep track of all of the breaches that take place, and Mozilla wants to help out.

After teaming up with Have I Been Pwned recently, Mozilla created Firefox Monitor to help inform people about breaches, and this is now expanding to more languages. On top of this, the organization has also now launched Firefox Monitor Notifications that will issue a warning if you visit a site that has been breached.

Continue reading

70 percent of SMBs suffer cyberattacks

Hacker detection

Cyberattacks are often thought of as being a problem just for large organizations. But a new study by the Ponemon Institute, sponsored by Keeper Security, shows that small businesses increasingly face the same cybersecurity risks as larger ones.

The number of attacks is on the rise -- with 67 percent experiencing a cyberattack and 58 percent experiencing a data breach in the last 12 months.

Continue reading

85 percent of companies permit BYOD but security remains a concern

BYOD key

While a large majority of companies now permit employees to use their own devices for work, they have concerns over security and privacy.

Organizations are making BYOD available to employees (76 percent), contractors (27 percent), partners (25 percent), customers (22 percent), and suppliers (19 percent).

Continue reading

Phishing emails with .com payloads target finance departments

credit card phishing

There has been an increase in the use of .com extensions in phishing emails that target financial service departments, according to a new analysis.

In October alone, anti-phishing company Cofense Intelligence analyzed 132 unique samples with the .com extension, compared to only 34 samples analyzed in the nine months before. Four different malware families were utilized.

Continue reading

New software capability helps manage third-party cyber risks

Risk dial

With digital transformation enabling supply chains to become ever more integrated, businesses no longer have to worry just about the risks posed by their own systems, they must consider those they are connected to as well.

Vendor monitoring solution RiskRecon is launching a new tool that enables enterprises to automatically produce assessments and action plans based on their unique risk requirements, allowing risk professionals to easily understand and act on their third-party risk.

Continue reading

Misconfiguration and runtime security are top container worries

cloud containers

Container and Kubernetes security company StackRox has released a new report looking to understand how adoption of these technologies affects security concerns.

The State of Container Security report finds that more than a third of organizations worry that their strategies don't adequately address container security.

Continue reading

Security researchers discover seven more speculative execution attacks like Spectre and Meltdown

Spectre and Meltdown logos

One of the biggest security stories of 2018 has been the discovery of the Meltdown and Spectre chip flaws. Known as speculative execution exploits, the flaws make it possible to steal potentially sensitive information and there has been an on-going battle to issue patches wherever possible.

Just as things were starting to die down a little, security researchers have revealed details of no fewer than seven more speculative execution attacks. While some of these attack vectors have already been mitigated against, this is not the case for all of them.

Continue reading

New tool helps identify and block phishing attacks

Phishing

People are often the weakest link in the IT security chain and hackers are keen to exploit this with ever more sophisticated attacks.

Predictive email defense specialist Vade Secure is launching a new anti-phishing solution that helps security operations centers identify and block targeted phishing attacks.

Continue reading

Poor security habits made worse by the speed of digital transformation

password reminders

According to a new study, 75 percent of people admit to reusing passwords across accounts, including work and personal, compared to 56 percent who admitted to doing so in 2014.

The Market Pulse Survey by identity management specialist SailPoint shows that digital transformation efforts are leading to increasingly complex IT environments for businesses and employees to manage securely.

Continue reading

Privacy: Cloudflare brings its DNS switching tool 1.1.1.1 to iOS and Android

Cloudflare 1.1.1.1

Cloudflare has just made it a whole lot easier to hide your mobile browsing from your ISP -- and access content that might otherwise be unavailable. The company has launched a 1.1.1.1 app for smartphone users, making it incredibly easy to switch between DNS services with a couple of taps; what amounts to a free VPN tool.

Earlier in the year, Cloudflare launched its 1.1.1.1 DNS service to bring privacy and speed, but it was a little off-putting to users unfamiliar with tinkering with such settings. With the launch of 1.1.1.1 for iOS and Android, the process is much, much simpler -- and the app and the service itself are free.

Continue reading

95 percent of IT security professionals underestimate phishing risks

Phishing

A new survey of cybersecurity decision-makers shows that most companies lack adequate safeguards against phishing threats and many don't fully understand the risks or how widespread the threat is.

The survey from phishing site detection company SlashNext reveals that 95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks.

Continue reading

Number of data breaches falls but 2018 is still set to be the second worst year on record

data breach

In the final quarter of 2018, the number of reported breaches is down by eight percent and the number of exposed records is down around 49 percent, from seven billion in 2017.

The latest Data Breach QuickView report from Risk Based Security shows that seven breaches exposed 100 million or more records with the 10 largest breaches accounting for 84.5 percent of the records exposed this year to date.

Continue reading

Exploit developer discovers security vulnerability in VirtualBox and publishes a full guide to exploiting it

VirtualBox logo

A security researcher has not only discovered a vulnerability in the virtualization tool VirtualBox, but has released details of the exploit and a step-by-step guide to the zero-day vulnerability.

Russian exploit developer Sergey Zelenyuk found a way to break out of VirtualBox's virtual environment and he chose to go public with the vulnerability because of his displeasure at the "contemporary state of infosec, especially of security research and bug bounty". Having told Oracle about the problem, he also tired of the "delusion of grandeur and marketing bullshit" he experienced in the infosec community.

Continue reading

Continuous authentication helps boost behavioral analytics

web authentication

In a move to better protect accounts, banks, retailers and service providers are increasingly looking to methods of authentication beyond the password.

Behavioral analytics specialist BehavioSec is launching an updated version of its platform, allowing it to detect the suspicious use of attack obfuscation techniques, including the use of VPNs and TOR-routed traffic during login attempts and sessions.

Continue reading

© 1998-2018 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.