Articles about Security

With increased numbers of people working remotely, a new report reveals that cybercriminals are using email impersonation to prey on the sense of urgency of an increasingly distracted and dispersed workforce.

Email security company GreatHorn has collected data from over 640 security, IT and C-suite professionals to gain a better understanding of new threat vectors and attack strategies. It found almost half of respondents (48.7 percent) report seeing impersonations of people such as colleagues, customers or vendors.

Continue reading →

New research from the UK's Chartered Institute of Information Security (CIISec) shows that overwork and burnout remain major problems for the IT security sector.

The study of almost 450 cybersecurity professionals shows that 54 percent of respondents have either left a job due to overwork or burnout, or have worked with someone who has.

Continue reading →

Vulnerability management specialist RiskSense is launching a new version of its platform that harmonizes threat analysis, prioritization and risk scoring across both network-based assets and applications.

RiskSense aggregates and normalizes outputs from multiple data sources including SAST, DAST, open source software, containers, pen testing and bug bounty programs. This approach enables organizations to easily pinpoint and fix vulnerabilities in their attack surface regardless of where they arise.

Continue reading →

Microsoft has revealed details of a new platform security technology which the company says will prevent data corruption attacks.

Kernel Data Protection (KDP) works by marking sections of kernel memory as read-only, so there is no way it can be tampered with. The technology comes in response to the fact that increasing numbers of attackers are using data corruption techniques to bypass security, gain additional privileges, and more.

Continue reading →

As companies accelerate their digital transformation programs, many move data into the cloud without all the security controls necessary to protect both their organization and customers’ data. This leaves them vulnerable to cyberattacks and without evidence of compliance with data protection regulations

Cybersecurity specialist Imperva is launching a new SaaS Cloud Data Security product that gives businesses visibility and compliance oversight for data hosted in a database-as-a-service (DbaaS).

Continue reading →

According to a new study, 70 percent of security teams have seen more than double the volume of security alerts in the past five years. These high volumes of reports cause problems for IT security teams with 83 percent saying their security staff experience 'alert fatigue'.

The survey conducted by Dimensional Research on behalf of continuous intelligence specialist Sumo Logic also shows that while automation is helpful it isn't a complete solution.

Continue reading →

A new survey released today by security software firm NetMotion reveals that 47 percent of organizations believe remote work has exposed their organization to high or extreme security risk.

Of these 62 percent are most concerned that workers will visit malicious URLs that could compromise networks and devices, while 45 percent are worried about workers accessing inappropriate content.

Continue reading →

Based on a study of 34,000 sites and apps, as well as a survey of over 1,000 consumers conducted in June 2020, new research details how content abuse is a critical part of the fraud supply chain, the interconnected ecosystem of fraud.

The research, carried out by digital trust and safety firm Sift, also uncovered a fraud ring based in Russia where fraudsters executed a card-testing scheme through fake listings on an e-commerce marketplace.

Continue reading →

With a shift to remote working many more businesses are embracing BYOD, but a new report from Bitglass suggests that security arrangements are failing to keep pace.

In the study, 69 percent of respondents say that employees at their companies are allowed to use personal devices to perform their work, while 26 percent also enable BYOD for contractors, 21 percent for partners, and some even for customers, and suppliers.

Continue reading →

New research from risk prevention specialist Digital Shadows finds there are more than 15 billion sets of usernames and passwords in circulation in cybercriminal marketplaces -- the equivalent of more than two for every person on the planet.

The number of stolen and exposed credentials has risen 300 percent from 2018 as the result of more than 100,000 separate breaches. Of these, more than 5 billion were assessed as 'unique' -- that is not advertised more than once on criminal forums.

Continue reading →

Credential theft via social engineering is a major cause of data breaches, but with a more dispersed workforce it becomes harder to guard against.

Security platform MobileIron is launching a new multi-vector mobile phishing protection solution for iOS and Android devices to help organizations defend themselves.

Continue reading →

Microsoft has revealed a new anti-malware service by the name of Project Freta. The company describes it as a "free service from Microsoft Research for detecting evidence of OS and sensor sabotage, such as rootkits and advanced malware, in memory snapshots of live Linux systems".

Project Freta is cloud-based, and the memory forensics tool was created by the NExT Security Ventures (NSV) team in Microsoft Research.

Continue reading →

New analysis carried out by Kaspersky of attacks on mobile devices has revealed that 14.8 percent of its users who were targeted by malware or adware in 2019 suffered a system partition infection, making the malicious files undeletable.

It also finds that pre-installed default applications have role to play, depending on the brand, the risk of applications that can't be deleted varies from one to five percent in low-cost devices and goes up to 27 percent in extreme cases.

Continue reading →

New research from security management platform Exabeam reveals that 88 percent of UK security practitioners have accelerated their move to the cloud, driven by the need to support a remote workforce.

Significantly, almost half of respondents (44 percent) are now using cloud-based security products to protect their corporate financial information. This is a sharp increase compared to Exabeam's earlier study where just 12 percent were protecting corporate financial information in this way.

Continue reading →

In the first quarter of this year, DDoS attacks rose more than 278 percent compared to Q1 2019 and more than 542 percent compared to the previous quarter.

This is among the findings of the Nexusguard Q1 2020 Threat Report. Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals alike.

Continue reading →