We're seeing attacks on endpoint systems becoming more common and increasingly clever. Yet for administrators knowing what's happening on their endpoints presents a challenge.

Privileged account management specialist Thycotic is launching a new, free Endpoint Application Discovery Tool to automatically discover and reports on applications installed on Windows endpoints.

Continue reading →

Smartphones from LG, Samsung and Motorola are all vulnerable to an attack that makes it possible to gain root access in a matter of seconds. Known as Rowhammer, the attack works using a bit flipping technique that exploits a vulnerability in the design of RAM chips.

Because the attack takes advantage of a physical aspect of design, it is going to be difficult to quickly devise a fix. In the meantime, millions of smartphones are at risk of compromise in what could be as large an issue as the recently-discovered Dirty COW bug -- and there's an app you can use to check if you are at risk.

Continue reading →

San Diego, Calif. As a general rule I never connect to public WiFi networks, which is fine except when attending an event at a hotel ballroom where T-Mobile cellular is like an apparition dancing around a Halloween grave. So as Wendell Brooks, CEO of Intel Capital, begins his speech, I sit typing narrative offline rather than tweeting live. There’s irony, I suppose, reporting old style, about investments in new innovations.

Welcome to the trials and travails of the Intel Capital Global Summit, which kicks off today and goes through October 26. Looking at the lineup, I expect to hear about newfangled tech that would make news reporting so much easier if available—although 4G cellular data would be good enough for today.

Continue reading →

Internet of things (IoT) is expected to make an enormous impact on pretty much every industry in the upcoming months and years, but it seems as organizations don’t really know how to secure their devices. This is according to a new report by ForeScout Technologies, which surveyed 201 senior IT decision makers in the UK, Germany, Austria and Switzerland.

First, the report says the threat surface is going to increase dramatically. An average business will operate 7,000 IoT devices in the next 18 months, which is "far more" than what the average company is used to securing and defending. Second, almost two thirds (65 percent) have "quite", "little", or "no" confidence in identifying and controlling their IoT devices. And third, the biggest challenge seems to be having IT functions working together.

Continue reading →

Doing more of our day to day transactions online increases the risk of falling victim to some kind of fraud. Increasingly therefore companies are turning towards biometrics to ensure users are who they say they are.

Digital verification company Jumio is adding biometric facial recognition to its Netverify product to verify users on mobile devices.

Continue reading →

According to new research from the consumers' association Which?, a number of major UK banks have failed to protect their customers online by not adopting two-factor security, which greatly protects against online banking fraud.

The association tested the customer-side security of 11 banks, revealing that over half had failed to implement two-factor ID checks on customers when they logged into their accounts. Lloyds Banking Group, Lloyds, Halifax, Bank of Scotland, Santander and TSB were the banks which scored the lowest on the tests conducted by Which?.

Continue reading →

A vulnerability discovered in the Linux kernel has been present for nine years, and users are being advised to seek out and install a patch as soon as they possibly can. Dubbed Dirty COW, the bug is a privilege escalation vulnerability which can be found in just about every Linux distro out there.

Discovered by security expert Phil Oester, Dirty COW is described as one of the most serious bugs of its type ever found in Linux. Assigned the code CVE-2016-5195, there is evidence that the vulnerability has been exploited and a website set up to alert people to the problem advises that the "security community should deploy honeypots that entrap attackers and to alert about exploitation attempts".

Continue reading →

Despite a desire to be more connected than ever before, people are simultaneously more concerned than ever about their security and privacy. This is certainly true when it comes to messaging tools, and the privacy features offered by a particular app or service can be what sways your decision to use it one way or the other.

Justice group Amnesty International has spent some time analyzing the privacy and encryption found in a number of popular messaging tools and compiled results in a ranked list. The findings make for interesting reading, not least because Facebook is ranked the most highly.

Continue reading →

Cyber attackers know that the weakest point of an organization's security is usually the endpoint and they'll increasingly try to hide malware's presence from security tools by running it only in memory.

Endpoint security specialist Endgame is releasing an update to its platform which expands coverage of the attacker lifecycle to anticipate innovations.

Continue reading →

Threats like ransomware means it’s more important than ever to keep your computers safe both online and off.

Emsisoft has just released Anti Malware 12, the latest version of its respected anti-malware software, and Christian Mairoll, the company’s CEO, took time to speak to me about the ever evolving threat landscape, the best ways to keep your system safe, and the benefits of paid versus free solutions.

Continue reading →

The UK economy lost £10.9 billion as a result of online fraud and cyber crime last year, according to new research, which works out at about £210 for every person aged over 16 in the country.

The figures come from a survey by Get Safe Online and the National Fraud Intelligence Bureau and reveal that 68 percent of people in the UK have been targeted in some way by cyber crime.

Continue reading →

Increasingly people are suffering from password fatigue, so when signing up to websites it's very tempting to use existing social media accounts.

However, according to a survey from customer identity and access management specialist Janrain, 93 percent of people are concerned about how their account data and activity are being shared and used.

Continue reading →

Yahoo users have started to lose faith in the company following the theft of millions of account details and the revelation of collusion with the NSA and FBI. But it is not just users who are becoming disillusioned and looking to move elsewhere -- Yahoo's partners are also concerned.

One such company is StartPage, described as "the world's most private search engine". Concerned by privacy violations, it is ditching Yahoo search results from its metasearch tool Ixquick.eu. The parting of ways will take place by the end of the month, and StartPage CEO Robert Beens believes more companies will follow suit.

Continue reading →

Mobile games are increasing in popularity, boosted by augmented reality apps like Pokémon GO. But if individuals are using their devices for BYOD too then these games could present a major security risk.

According to a new study from licensing specialist Flexera Software which tested 60 of the most popular iOS games, 73 percent support location services and tracking. 68 percent support social networking, 58 have calendar access and 54 percent support SMS.

Continue reading →

Network security operations are evolving and becoming more difficult to implement according to a new survey by Enterprise Strategy Group (ESG), sponsored by network visibility specialist Gigamon.

The complexity of network security operations is as difficult, or more difficult, as it was two years ago according to 85 percent of surveyed respondents. This is primarily due to increased traffic, more connected devices on the network and diversity of network and security technologies used to address emerging and known security threats.

Continue reading →