SaaS application adoption is growing fast and with it comes increasing expectations to be able to access any application from anywhere on any device.

Consequently organizations want login solutions that can help them reduce risks in their environment, deliver a better experience for their end-users, and adapt to the complexities of existing infrastructure and new applications.

Continue reading →

As we reported yesterday, privileged users can represent a significant risk to enterprise security. A new report from cyber security company BeyondTrust underlines this with findings that show organizations adhering to best practices for privileged access management are much better at mitigating the risks of a data breach.

The survey of more than 500 IT, IS, legal and compliance experts split its overall scores into top- and bottom-tier groups and finds that top-tier companies were much more likely to have a centralized password management policy -- 92 percent in contrast with just 25 percent of bottom-tier organizations.

Continue reading →

Many technology pundits talk about biometrics as the ultimate authentication solution -- the technology that will make the 'imperfect' password obsolete. Despite the hype, most companies are approaching with caution. In fact, CEB found that there are varied degrees of biometrics adoption globally, as around 20 percent of firms have actually deployed the technology.

A big reason for low adoption could be that they are less secure. And while many are touting the security of biometrics, there are four issues to consider when evaluating the technology.

Continue reading →

All businesses are aware of the danger posed by insider threats, but those threats are multiplied when they involve privileged user accounts.

Damage caused by privileged users is the most extensive, the hardest to mitigate and the hardest to detect as it involves authorized users doing things they are authorized to do. A new report from access management specialist Forcepoint in conjunction with the Ponemon Institute looks at the gap between organizations' awareness of the problem and their ability to solve it.

Continue reading →

Reusing a password on multiple sites is a recipe for disaster. Why? Well, the password is now only as safe as the weakest site. For example, if you use the same user credentials for a shopping site that you do for a banking site, and the shopping site is hacked, your banking password is now exposed. Bad guys will try stolen credentials on various sites looking for where they might work.

Today, Epic Games, maker of  popular games like Unreal and Infinity Blade, announces that its forums have been hacked. Now, if you don't reuse passwords, that isn't a huge deal, right? Sort of. True, your discussions about games might not be particularly sensitive, but you may still feel pain.

Continue reading →

Virtual Machines have been mainstream for some time, and many IT managers think they have good management processes in place; they know where their machines are, their status, and the function they are performing. But is that enough? Whilst virtual machines (VMs) allow an IT infrastructure to be extremely agile in Private, Public and/or Hybrid Cloud environments, they also create opportunities for weak points, where data can be compromised.

Encryption is one of those major weak points, where VMs can be deployed without an encryption policy being followed, subverting compliance, and leading to machines in a live environment that lack the required protection. More often than not, those VMs will contain sensitive data.

Continue reading →

Hacking by its very nature tends to be an activity that takes place in the shadows. However, analysts at security awareness specialist Digital Shadows have identified a growing trend of some hackers actively seeking the limelight to promote their businesses.

Just as in the legitimate commercial world, reputation is important and players without one are less likely to be trusted. In order to boost their profiles therefore some cyber criminals have been using publicity to add to their credibility.

Continue reading →

With so much attention focused on the file encrypting-type ransomware it's easy to forget the simpler variety, which pops up when your PC boots and won’t allow access to your system until you pay up.

Even these basic infections can sometimes be tricky to remove, but Trend Micro offers a couple of tools which may be able to help.

Continue reading →

Data breaches are everywhere, and companies feel they’re not doing a good job at preventing them. They are, however, taking steps to try and counter the trend. This is according to a new report by business documents management organization M-Files Corporation and the Association for Information and Image Management (AIIM).

According to the report, more than a third (38 percent) of organizations have suffered at least one data breach in the past 12 months. Almost a third (31 percent) feel their company isn’t doing all it can to protect sensitive information, and 36 percent say their company doesn’t have a "formally documented policy" regarding data storage, management and sharing.

Continue reading →

Plugging things into a smart electrical plug might not be the wisest of choices at the moment, because they could easily be hacked, putting both your physical and digital life at risk.

This is according to a new report by Bitdefender, which says that smart electrical plugs could be hacked, and the attacker could not only gain access to your personal data, but also reprogram the plug.

Continue reading →

As someone that grew up playing video games in the 1980s, I am rather intrigued by the current trend in watching other people play. It is not so different from when I was a kid actually -- upwards of ten children from the neighborhood would all gather around one NES waiting for their turn to play. If you think about it, we probably spent more time watching others playing than doing so ourselves.

One of the most popular video game streaming platforms is Twitch. There are countless folks broadcasting themselves playing games, and even more spectating. The service has introduced a new feature that some folks might not like. By default, it will expose your activity on friend lists. Don't like that? Luckily, there is a fix.

Continue reading →

The number of active malware families attacking businesses fell by five percent in July, but mobile malware now accounts for nine percent of the total -- up 50 percent from June.

These figures come from threat prevention company Check Point based on intelligence drawn from its ThreatCloud World Cyber Threat Map.

Continue reading →

If you aren't thinking twice every time you swipe your card at a retail location, be it a store or restaurant, then you haven't been paying attention lately. It should give you reason for pause, but sadly you still have to do it. Just cross your fingers on the other hand.

Previous examples have included Target and Home Depot to name just two. The latest is retailer Eddie Bauer. The company is warning customers it’s point of sale system was hit by malware.

Continue reading →

Researchers at Kaspersky Lab have uncovered a new wave of targeted attacks against the industrial and engineering sectors in 30 countries around the world.

Named 'Operation Ghoul' by Kaspersky's researchers, the attacks use spear-phishing emails and malware based on a commercial spyware kit to seek out valuable business-related data stored in their victims' networks.

Continue reading →

People are risking a lot when they connect to a free Wi-Fi, which is particularly important knowing how many people use mobile devices for work. According to a new report by NordVPN, a company selling VPN services, Wi-Fi networks can be hacked easily and attackers could steal valuable data, including corporate information, credit card information or identities.

"Hackers often position themselves as Wi-Fi hotspots and easily steal personal information of each individual that logs in", says NordVPN. "In addition, identity thieves have lately been using wireless sniffers, a software designed to intercept and decode data when it is transmitted over a network".

Continue reading →