Articles about Security

UK's NHS has 'pretty good procedures' for dealing with cyber attacks

UK NHS

The UK government has defended the NHS's cyber-security procedures, days after a number of trusts were taken offline by the WannaCry ransomware.

Security minister Ben Wallace said that the NHS had followed "pretty good procedures" in dealing with the attack.

Continue reading

Updated EnCase software enhances endpoint protection

endpoint shield

The weakest point in any network is usually the endpoint, so effective protection measures are essential to fend off cyber attacks.

Security specialist Guidance Software is launching an updated version of its EnCase Endpoint Security solution aimed at providing enhanced endpoint detection and response (EDR) capabilities for businesses.

Continue reading

Data breach at DocuSign leads to massive phishing campaign

Data breach wall writing man

E-signature and security firm DocuSign has confirmed a data breach in which attackers gained access to a database containing customer email addresses. The company says that no other data was revealed in the security breach, but it led to a large phishing campaign.

Attackers used the stolen email addresses to spam people with emails containing an infected Microsoft Word document. The company insists that its core service remains secure, but coming in the wake of the WannaCry ransomware attack, people around the world are on high alert.

Continue reading

Is WannaCry linked to the Lazarus Group?

hacker malware

As last Friday's WannaCry (WannaCrypt) ransomware attack continues to cause ripples around the globe, links have emerged between the malware code and the infamous Lazarus Group.

Lazarus is the group responsible for attacks on the Bangladesh Central Bank last year, Sony Pictures Entertainment in 2014, and more financial attacks in at least 18 countries.

Continue reading

Three out of five companies expect to be breached in 2017

Breach detection

As cyber attacks and security breaches continue to make the headlines, a new study suggests that three out of five companies expect to suffer a breach this year.

The latest Market Pulse survey from identity management company SailPoint also reveals that 33 percent believe they may not even know they’ve been breached.

Continue reading

US considers laptop ban on European flights

laptop ban

The Trump administration is considering a further expansion of the ban on using laptops on commercial flights to cover European travel.

According to Reuters , the US government is reviewing how to make sure lithium batteries that get stored in the luggage don’t explode during flights.

Continue reading

OS vulnerabilities up -- Patches down

install-software-laptop

If the WannaCrypt ransomware attack of the last few days has taught us anything it should be the importance of patching systems to guard against attack.

Yet a study released today suggests the message isn't getting through. The latest US country report from Flexera Software reveals the percentage of US PC users with unpatched Windows operating systems was 9.8 percent in Q1, 2017, up from 7.5 percent last quarter and 6.5 percent in Q1, 2016.

Continue reading

The WannaCrypt attack -- what we know and how to protect yourself

Ransomware

What seemed to have begun as just another ransomware attack hit the headlines last Friday (May 12th) when it began to attack hospitals and healthcare services in the UK.  It became clear pretty quickly that this was in fact something much bigger however, with problems reported at businesses and government bodies around the world.

Infections by the malware known as WannaCrypt or WannaCry, began in Spain with the Telefonica telecommunications giant one of the first to be hit. It then quickly spread to the United Kingdom, Russia, Japan, Taiwan, the United States, and many others. In total, over 150 countries have been affected by the ransomware since Friday, according to Europol.

Continue reading

Microsoft should be applauded for its response to the WannaCrypt crisis

Applause

I’ve certainly been highly critical of Microsoft in the past, particularly last year when the company began forcing Windows 10 on to users.

But in the past couple of days I have to admit that I’ve been impressed by the software giant’s response to the global WannaCrypt/WannaCry crisis, and not just in patching Windows XP.

Continue reading

Microsoft patches Windows XP to fight the WannaCrypt ransomware attacks

Windows_XP

Microsoft stopped supporting Windows XP back in 2014, but today it releases one more security update for the ancient OS.

The software giant is taking this "highly unusual" step to fight back against the WannaCrypt ransomware cyber attacks that have so far hit nearly 100 countries around the world. And XP is not the only unsupported system receiving this patch.

Continue reading

Why Access Rights Management should be an enterprise priority

enterprise security login authentication verification user password

In some ways, the new research claiming that people are still the biggest threat to cyber security is hardly surprising; this has been the case for years now. What is surprising is that even with the GDPR only one year away, this hasn't moved on. It seems that organizations are aware of the problem, which of course is a good thing, but isn't it time we began to see research saying that people aren't a threat anymore because organizations have secured their systems against these types of threats and educated their workforces in the process. That kind of research would be much more heartening. Especially so when other research suggests that there's an IT skills shortage coming soon that could make it even more difficult for organizations to secure themselves against cyber threats.

The Institute of Information Security Professionals (IISP) is behind the new research claiming that people are still the biggest threat to cyber security. The research suggests that people are still not cautious enough about phishing scams such as links or attachments in emails or about visiting websites that might not be safe. The IISP also suggests that there is a lack of technical skill that causes problems and interestingly, it also claims that another problem is with organizations making poor critical decisions around strategy and budgets, suggesting that organizations are not focused on the right ways to prevent cyber attacks.

Continue reading

NHS hospitals hit by ransomware attack [Update: Now spreading globally]

Healthcare

Hospitals and doctors' surgeries across the UK have been hit by what is being described as a large scale ransomware attack.

The attack is believedto have begun at around 1:30 pm today. Areas affected include East and North Hertfordshire, North Cumbria, Blackpool, and Barts Health in London.

Continue reading

US government is reviewing whether to use Kaspersky software, because Russia

kaspersky-mobile

Mention the US and Russia in the same sentence and the mind naturally wanders to three things. Firstly, the alleged links between the Trump administration and Russia, secondly whether or not the FBI investigation of these alleged links led to the dismissal of Comey, and thirdly whether or not Russia interfered with the US election.

But now the US government is reviewing whether or not to continue to use Russian-made security software from Kasperksy. Defense Intelligence Agency director Vincent Stewart says "we are tracking Kaspersky and their software." He does not elaborate or give reasons, but there have been -- as yet unsubstantiated -- claims that Russia has been using Kaspersky software to spy on America. The director of the NSA is "personally involved" in monitoring the company.

Continue reading

HP audio driver package comes with a built-in keylogger

face-palm-head-in-hands-embarassed cropped

ModZero security researchers have uncovered an unexpected behavior in an HP audio driver. The package, which is offered by the electronics maker through its website, secretly registers "all keyboard input," effectively working as a keylogger. Question is, is this a bug or a feature?

It is not abnormal for an audio driver to look for when certain keys are pressed, as, for instance, if you press the volume down button on the keyboard the driver needs to intercept that keystroke so it does what you asked it to, but it is uncommon for one to cast such a wide net, and, as a result, put users' private information, like usernames, passwords, personal communication and so on, at risk.

Continue reading

Majority of UK workers blindly open email attachments

email-icon

Come on, people. We’re almost halfway through 2017, and you’re still opening shady email attachments? Glasswall Solutions seems to think so. As a matter of fact, its new report says UK workers are "too trusting" of email attachments.

More than half, 58 percent, "blindly" open email attachments from unknown sources. Three quarters, 75 percent, recognize how often they get shady emails. Just 16 percent thinks they should be worried about a cyber-attack.

Continue reading

© 1998-2017 BetaNews, Inc. All Rights Reserved. Privacy Policy.