Earlier this month there was widespread reporting in both the tech and mainstream media of the discovery of a potential security vulnerability in Facebook's WhatsApp messaging service. Coverage of the likely flaw, which was reportedly discovered by researchers at Berkeley University in California, was a blow to Facebook given that WhatsApp places privacy and security at the heart of its service by providing end-to-end encryption of user's messages and photos, preventing third parties including its own staff from accessing them.
In a nutshell the potential security flaw would theoretically allow WhatsApp to intercept some users' messages, which would appear to them to be encrypted. This has resulted in considerable speculation that government agencies could exploit this vulnerability as a means of covert surveillance, by targeting specific individuals' messages or on a bulk extraction basis.
The threat landscape facing businesses is more complex than ever and it's rapidly changing. No surprise then that traditional approaches to security are struggling to cope.
This has led some security companies to turn to a more dynamic approach of seeking out threats rather than simply responding to attacks.
Consumers are quite confident banks and insurers can keep their data safe, but these organizations aren’t that sure. A new report by Capgemini has shown that financial institutions lack a significant amount of confidence when it comes to data protection.
Just one in five (21 percent) of financial service organizations admitted they’re "highly confident" they could detect a data breach. On the other hand, 83 percent of consumers trust banks and insurers with their data.
The biggest fear for organizations is long-term damage to brand and reputation, yet despite this three quarters lack a comprehensive risk management strategy.
This is one of the findings of a survey for risk intelligence company RiskVision carried out by the Ponemon Institute, it reveals that 63 percent of organizations are worried about reputation and brand damage. This is followed by security breaches (51 percent), business disruption (51 percent) and intellectual property loss (37 percent).
Ethical hacking, also called penetration testing, entails thinking like the bad guys to find and plug any vulnerabilities in your system to keep it secure.
Hacking For Dummies explains how to protect your computers from malicious attacks. It usually retails for $20, but for a limited time you can download the fully updated 5th edition ebook version for free.
Even after new mobile threats have been identified the number of devices in use means it can take time for patches to be rolled out to all users.
Mobile threat defense company Zimperium is hoping to tackle this problem with the launch of a $1.5 million bounty program to purchase N-day exploits which have been identified but are still usable on unpatched devices.
More than a third of organizations that experienced a data breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent.
This is a key finding of the latest Cisco Annual Cybersecurity Report which also shows that after attacks, 90 percent of these organizations are improving threat defense technologies and processes.
The methodology of malware and cyber attacks has shown a significant shift in 2016, according to the State of Malware report from Malwarebytes.
Although ransomware is the favorite attack method used against business, ad fraud malware is growing fast and poses a substantial threat to both consumers and businesses.
Many cyber attacks are made using stolen or abused credentials. One of the ways to combat this is to collect activity data and use it to spot anomalous behavior patterns.
Leader in this field Exabeam is launching its new Security Intelligence Platform, designed to decrease the risk of cyber threats for organizations of any size. It addresses the need to collect more data than ever before, to make better connections across that data to detect threats, and to augment human analysts during incident response.
Businesses are increasingly aware of the need to protect their endpoint systems. However, they tend to concentrate most of their efforts on Windows which can leave other platforms vulnerable.
Cyber security specialist and digital certificate provider Comodo is launching a new version of its Advanced Endpoint Protection (AEP) product that extends availability of its default-deny endpoint security to Mac and Linux platforms, in addition to Windows.
Increased adoption of virtualization, the cloud, and the accelerating use of web applications and short-lived assets like containers has led to changes in how and when companies need to assess vulnerabilities.
Cyber security firm Tenable Network Security is launching a new cloud-based vulnerability management platform to enable enterprises to secure the full range of assets in modern elastic IT environments.
At the USENIX Enigma conference, Facebook unveiled a new way to overcome the problem of forgotten passwords. Known as Delegated Recovery, the mechanism essentially allows two online services a user has accounts with to be used as a form of two-factor authentication.
Delegated Recovery is something of a new take on 2FA, building on Facebook's previously announced support for U2F Security Keys. The problem with password recovery via email or SMS, is that it's easy for the recovery medium to be compromised, and security questions are easily guessed. Delegated Recovery takes a new approach, and it's being trialed on GitHub.
Security researchers from Context IS have uncovered serious vulnerabilities in a number of premium Samsung Galaxy phones which allow attackers to crash devices using a single SMS message and initiate ransomware attacks.
The report is part of a series which aims to show "how, even in 2017, SMS-based attacks on Android phones are still viable". As longtime readers might recall, iOS too was vulnerable to such attacks -- but that was nearly two years ago. While the report focuses on Samsung's Android handsets, the researchers suggest that the vulnerabilities could be found in other vendors' smartphones as well.
USB flash drives are great for storing personal files on, so you can have easy access to them wherever you go. But what happens if you lose a drive or it gets stolen? All of your personal data could be at risk.
While there are ways to secure the contents of a flash drive using software, you need to remember to do so every time. The datAshur PRO, from iStorage, offers a hardware solution that’s simple to use and will protect your data with military grade XTS-AES 256-bit encryption.
The way people access the internet is changing, with a shift towards portable devices, and that in turn has led to a shift in the software they use.
Independent testing company AV-Comparatives has conducted its annual survey focusing on which security products (free and paid) are employed by users, along with their OS and browser usage.