When you download a mobile app you sometimes get more than you bargained for, Uber's app that tracked iPhone users for example. It can be hard to know exactly what apps on your phone are up to.
Now though, application security testing company High-Tech Bridge is launching a free 'Mobile X-Ray' service for developers that analyses native and hybrid iOS and Android apps and detects the most common weakness and vulnerabilities.
We all know that ransomware is a big problem, but a new report from cyber security company Carbon Black reveals that it's increasingly big business too.
According to the report, there are currently more than 6,300 dark web marketplaces selling ransomware, with over 45,000 product listings.
Phishing is still a key tool for cyber criminals as they seek to insert malware onto machines and to get hold of personal details.
Although most people are aware of the threat there are still some subject lines that are much more likely to deliver results for the phishermen than others, according to security awareness training specialist KnowBe4, which has released its Top 10 Global Phishing Email Subject Lines report for the third quarter of 2017.
In a world where more systems are in the cloud or virtual environments, you’d expect the importance of endpoint data to decline, but a survey conducted at this year’s VMworld US suggests this is not the case.
The survey by data security and recovery company Code42 reveals that 42 percent of organizations are storing between 50 and 100 percent of their data on endpoints. In the higher education sector it's noticeably higher, with 81 percent storing half or more of their data on endpoints.
High-volume FormBook malware distribution campaigns have targeted businesses in the aerospace, defense contractor and manufacturing sectors according to new research from cybersecurity company FireEye.
The attackers behind these campaigns employed a variety of delivery methods to distribute this information stealing malware including PDFs with download links, DOC and XLS files which contained malicious macros and ZIP, RAR, ACE and ISO archive files containing executable payloads.
Email is still the number one cybercrime infection vector, but it's far from being the only one you should be paying attention to. A new whitepaper from Symantec, entitled ISTR, says business email compromise as well as spam are also dangerous players in the game.
Here are the numbers: email is the most popular platform among scammers. One in nine email users have had a malicious email sent to them in the first six months of this year. And that's just the global average. In the Wholesale Trade industry, that figure jumps to one in every four users.
Millions of PornHub users in the US, UK, Canada and Australia were targeted by a malicious advertising campaign lasting for more than a year. The malvertising attack tried to trick users of the world's most popular porn site into installing fake browser updates.
Security researchers from Proofpoint found that PornHub users had been exposed to Kovter ad fraud malware for over a year. The KovCoreG group is believed to be responsible for distributing the Kovter ad fraud malware, so if you've visited PornHub recently, it might be a good idea to check your system for signs of infection.
News broke recently that a fake version of the Adblock Plus browser extension had made its way into the Chrome Web store. It is thought that 37,000 people installed the phony version, and now Adblock Plus -- the real one -- has responded to the news.
While acknowledging that the fake extension was removed from the store fairly quickly, Adblock Plus questions how it got there in the first place. It also provides instructions for anyone who is concerned that they may have a malicious version of the extension installed.
Microsoft is opening itself up to submissions from the public, making it possible for people to provide information about malicious websites. A new page on the Windows Defender Security Intelligence (WDSI) website gives anyone the opportunity to pass on details of phishing sites and other malicious pages directly to Microsoft.
The WDSI portal is described by Microsoft as being in preview, so it's possible that what you see now may change over time.
Researchers at SpiderLabs, the research arm of Trustwave have released results of their investigations into a major attack targeting Eastern European banks.
The attack uses mules to open new accounts with minimal deposits and, crucially, request a debit card. When the new card is delivered it's shipped elsewhere and hackers then use stolen credentials to manipulate the bank's systems and raise the overdraft limit, allowing cash to be drawn from ATMs.
Businesses are putting increasing amounts of investment into artificial intelligence, and 64 percent of decision makers expect to see a return on investment from their AI in under two years.
This is one of the findings of a new report by cyber security company Cylance which surveyed 652 IT decision makers in the US, UK, Germany and France, and finds optimism about the value of AI-powered solutions in the enterprise is high with widespread plans to continue investment in the technology.
Cyber-attacks are as serious of a threat as terrorism, the head of UK security body GCHQ has said.
Writing in the Daily Telegraph, Jeremy Fleming said extra funds the institution is getting are being spent on making GCHQ a "cyber-organization" as much as a counter-terrorism, or intelligence one.
The proliferation of online ads means that more and more people are turning to ad blockers, and Adblock Plus remains one of the most popular. Taking advantage of this, fraudulent developers pushed a fake version of the Adblock Plus extension into the Chrome Web Store, bypassing Google's checks and filters.
In all, 37,000 people were tricked into downloading the fake version of Adblock Plus. Google has now acted and removed the fake listing from the store.
Some of Europe’s top cybersecurity minds have revealed their fears about the future of technology -- with autonomous weapons at the top of their list.
At a panel entitled "the future of cyber security" at this week’s IP Expo event in London, the threat of self-aware AI that can write sophisticated malware and smart weaponry that could be hijacked by cybercriminals were highlighted as major concerns for the coming years.
EFF criticizes iOS 11's 'misleading' Bluetooth and Wi-Fi toggles for being a privacy and security risk
The strange, unintuitive way Bluetooth and Wi-Fi toggles work in iOS 11 has drawn ire from many quarters. The latest voice is that of digital rights group the Electronic Frontier Foundation (EFF) which says that the "off-ish" setting now offered is misleading.
As we have covered in a previous story, Apple has changed the behaviour of the two toggles so that when they are flicked to the off position, the Bluetooth and wireless radios are not actually switched off. EFF says that this is "bad for user security" and calls for greater clarity from Apple.