The weakest point in any network is usually the endpoint, so effective protection measures are essential to fend off cyber attacks.
Security specialist Guidance Software is launching an updated version of its EnCase Endpoint Security solution aimed at providing enhanced endpoint detection and response (EDR) capabilities for businesses.
E-signature and security firm DocuSign has confirmed a data breach in which attackers gained access to a database containing customer email addresses. The company says that no other data was revealed in the security breach, but it led to a large phishing campaign.
Attackers used the stolen email addresses to spam people with emails containing an infected Microsoft Word document. The company insists that its core service remains secure, but coming in the wake of the WannaCry ransomware attack, people around the world are on high alert.
As last Friday's WannaCry (WannaCrypt) ransomware attack continues to cause ripples around the globe, links have emerged between the malware code and the infamous Lazarus Group.
Lazarus is the group responsible for attacks on the Bangladesh Central Bank last year, Sony Pictures Entertainment in 2014, and more financial attacks in at least 18 countries.
As cyber attacks and security breaches continue to make the headlines, a new study suggests that three out of five companies expect to suffer a breach this year.
The latest Market Pulse survey from identity management company SailPoint also reveals that 33 percent believe they may not even know they’ve been breached.
The Trump administration is considering a further expansion of the ban on using laptops on commercial flights to cover European travel.
According to Reuters , the US government is reviewing how to make sure lithium batteries that get stored in the luggage don’t explode during flights.
If the WannaCrypt ransomware attack of the last few days has taught us anything it should be the importance of patching systems to guard against attack.
Yet a study released today suggests the message isn't getting through. The latest US country report from Flexera Software reveals the percentage of US PC users with unpatched Windows operating systems was 9.8 percent in Q1, 2017, up from 7.5 percent last quarter and 6.5 percent in Q1, 2016.
What seemed to have begun as just another ransomware attack hit the headlines last Friday (May 12th) when it began to attack hospitals and healthcare services in the UK. It became clear pretty quickly that this was in fact something much bigger however, with problems reported at businesses and government bodies around the world.
Infections by the malware known as WannaCrypt or WannaCry, began in Spain with the Telefonica telecommunications giant one of the first to be hit. It then quickly spread to the United Kingdom, Russia, Japan, Taiwan, the United States, and many others. In total, over 150 countries have been affected by the ransomware since Friday, according to Europol.
I’ve certainly been highly critical of Microsoft in the past, particularly last year when the company began forcing Windows 10 on to users.
But in the past couple of days I have to admit that I’ve been impressed by the software giant’s response to the global WannaCrypt/WannaCry crisis, and not just in patching Windows XP.
Microsoft stopped supporting Windows XP back in 2014, but today it releases one more security update for the ancient OS.
The software giant is taking this "highly unusual" step to fight back against the WannaCrypt ransomware cyber attacks that have so far hit nearly 100 countries around the world. And XP is not the only unsupported system receiving this patch.
In some ways, the new research claiming that people are still the biggest threat to cyber security is hardly surprising; this has been the case for years now. What is surprising is that even with the GDPR only one year away, this hasn't moved on. It seems that organizations are aware of the problem, which of course is a good thing, but isn't it time we began to see research saying that people aren't a threat anymore because organizations have secured their systems against these types of threats and educated their workforces in the process. That kind of research would be much more heartening. Especially so when other research suggests that there's an IT skills shortage coming soon that could make it even more difficult for organizations to secure themselves against cyber threats.
The Institute of Information Security Professionals (IISP) is behind the new research claiming that people are still the biggest threat to cyber security. The research suggests that people are still not cautious enough about phishing scams such as links or attachments in emails or about visiting websites that might not be safe. The IISP also suggests that there is a lack of technical skill that causes problems and interestingly, it also claims that another problem is with organizations making poor critical decisions around strategy and budgets, suggesting that organizations are not focused on the right ways to prevent cyber attacks.
Hospitals and doctors' surgeries across the UK have been hit by what is being described as a large scale ransomware attack.
The attack is believedto have begun at around 1:30 pm today. Areas affected include East and North Hertfordshire, North Cumbria, Blackpool, and Barts Health in London.
Mention the US and Russia in the same sentence and the mind naturally wanders to three things. Firstly, the alleged links between the Trump administration and Russia, secondly whether or not the FBI investigation of these alleged links led to the dismissal of Comey, and thirdly whether or not Russia interfered with the US election.
But now the US government is reviewing whether or not to continue to use Russian-made security software from Kasperksy. Defense Intelligence Agency director Vincent Stewart says "we are tracking Kaspersky and their software." He does not elaborate or give reasons, but there have been -- as yet unsubstantiated -- claims that Russia has been using Kaspersky software to spy on America. The director of the NSA is "personally involved" in monitoring the company.
ModZero security researchers have uncovered an unexpected behavior in an HP audio driver. The package, which is offered by the electronics maker through its website, secretly registers "all keyboard input," effectively working as a keylogger. Question is, is this a bug or a feature?
It is not abnormal for an audio driver to look for when certain keys are pressed, as, for instance, if you press the volume down button on the keyboard the driver needs to intercept that keystroke so it does what you asked it to, but it is uncommon for one to cast such a wide net, and, as a result, put users' private information, like usernames, passwords, personal communication and so on, at risk.
Come on, people. We’re almost halfway through 2017, and you’re still opening shady email attachments? Glasswall Solutions seems to think so. As a matter of fact, its new report says UK workers are "too trusting" of email attachments.
More than half, 58 percent, "blindly" open email attachments from unknown sources. Three quarters, 75 percent, recognize how often they get shady emails. Just 16 percent thinks they should be worried about a cyber-attack.