Articles about Security

Warning: Hackers can use Cortana to access a locked Windows 10 PC

Hey Cortana

Locking your PC is fundamental to preventing others from accessing it when you leave it unattended. But now security researchers have shown that it is possible to use none other than Windows 10's Cortana to bypass a password-protected lock screen.

A pair of Israeli researchers found that it is possible to use voice commands to access a locked computer and install malware.

Continue reading

Businesses under pressure to 'consumerize' logins


Almost two-thirds (64 percent) of IT leaders say their security teams are considering implementing consumer-grade access to cloud services for employees.

According to the 2018 Identity and Access Management Index from digital security company Gemalto 54 percent of respondents believe that the authentication methods they implement in their businesses are not as good compared to those found on popular sites including Amazon and Facebook.

Continue reading

On the dark web your identity could cost less than the price of an iPhone X

identity theft

What's your identity worth? Not very much according to research by VPN comparison service

The site has released its first Dark Web Market Price Index which reveals that an entire personal identity can be bought for just $1,200.

Continue reading

McAfee delivers added security for Microsoft Azure

Data cloud lock

Azure is a popular cloud platform for business, but firms need to ensure their applications, underlying cloud infrastructure and data are protected.

McAfee is addressing this by extending its Cloud Security Platform to consistently protect Azure, delivering an extensive solution to secure Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS).

Continue reading

Perception of cloud security challenges differs across industries

Secure cloud

The cloud brings many benefits to businesses, but it also brings with it risks, the biggest of which concerns the security of information.

A new survey from cloud governance specialist Netwrix looks at how different sectors and geographies deal with cloud security.

Continue reading

Ransomware gives way to miners as cyber criminals follow the money

cryptocurrency mining

Cyber criminals have started using sophisticated infection methods and techniques borrowed from targeted attacks in order to install mining software on attacked PCs within organizations says Kaspersky Lab.

Some 2.7 million users have been attacked by malicious miners in 2017, according to Kaspersky's data. That's around 50 percent higher than in 2016 (1.87 million). But at the same time ransomware attacks have seen a decline.

Continue reading

AlgoSec launches network security policy management as a service

business security

Managing security policy can be a headache for organizations with lots of users. But now business-driven security policy management specialist AlgoSec is launching an as-a-service policy management solution.

AlgoSaaS allows enterprise organizations to quickly and easily get the benefits of cloud-based security service offerings. It needs minimal end-user maintenance and is scalable to cope with business growth.

Continue reading

Reliable SMS interception leaves 2FA accounts open to attack

SMS messages

Text messages via SMS are often used as part of two-factor authentication strategies to protect login accounts.

But a new and worrying study from Positive Technologies shows that real-world attempts to intercept SMS messages are 100 percent successful.

Continue reading

Tesla hack demonstrates need to prioritize data security

The words "data security" made news once again last month when researchers revealed that Tesla’s AWS cloud systems were compromised for the purpose of cryptojacking. Cryptojacking, which is defined as the secret use of a computing device to mine cryptocurrency, has risen in popularity over the past few months. This is primarily due to 1) the surge in cryptocurrency value and 2) the discovery of clever mechanisms hackers can use to mine coins while going unnoticed.

According to RedLock researchers, the hackers infiltrated Tesla’s Kubernetes console, which is an open-source platform used for managing containerized workloads and services. They were able to access the console because it was not password protected. Within the Kubernetes pod, were Tesla AWS environment credentials which contained an Amazon S3 bucket that had sensitive data such as telemetry, mapping and vehicle servicing data.

Continue reading

Almost half of US healthcare organizations breached in the past year

Healthcare tablet

A new report from information security specialist Thales e-Security reveals that 48 percent of US healthcare organizations reported getting breached in the last year, more than 2.5 times the rate from two years ago.

In addition 56 percent report feeling either 'very' or 'extremely' vulnerable to data breaches. More than three-quarters (77 percent) reported at least one breach at some time in the past. This is the highest percentage among all US vertical industries polled in this year’s report.

Continue reading

Employees lack awareness of cyber security policies and threats

Man shrugging shoulders

Nearly half (46 percent) of entry-level employees, and 28 percent of all employees, don't know if their company has a cyber security policy, according to new research.

The study of 1,000 full time workers from B2B research firm Clutch also shows that employees at all levels of an organization are likely unaware of the IT security threats their companies potentially face.

Continue reading

Have I Been Pwned is now used by governments to check for data breaches

Have I Been Pwned

Over the last few years, the website Have I Been Pwned (HIBP) has given people the chance to check whether their personal data was compromised in any data breaches. Now the site reveals that the UK and Australian governments are using its services to monitor official domains.

That governments should check the site's database for the presence of their own email addresses is perhaps not surprising -- it's used by just about every type of body imaginable. But now the mechanics have been opened up for these two governments.

Continue reading

Imaging systems present biggest security risk among connected medical devices

Cardiac monitor

A new report from IoT security specialist ZingBox looks at the security of connected medical devices, from infusion pumps and patient monitors to imaging systems and medical device gateways.

The most common types of risk originate from user practice issues (such as using embedded browsers on medical workstations to surf the web, conducting online chat or downloading content), accounting for 41 percent of all security issues.

Continue reading

Financial targets account for more than half of phishing attacks

credit card phishing

More than half of phishing attacks in 2017 were aimed at getting hold of financial information according to a new report.

Kaspersky Lab's anti-phishing technologies detected more than 246 million user attempts to visit different kinds of phishing pages, with 54 percent being attempts to visit a financial-related website, compared to 47 percent in 2016.

Continue reading

Over half of enterprises willing to sacrifice security for speed


A new survey reveals that 52 percent of companies admit to cutting back on security measures to meet a business deadline or objective.

The report into SecOps (Security Operations) from intrusion detection company Threat Stack also reveals that 68 percent of companies say their CEO demands that DevOps and security teams don’t do anything that slows the business down.

Continue reading

© 1998-2018 BetaNews, Inc. All Rights Reserved. Privacy Policy.