Articles about Security

Cyberattacks and data breaches affect all kinds of organizations, but banks and financial services firms are at particular risk.

The shift to using mobile devices to carry out financial transactions has changed the threat landscape in recent years too. We spoke to Will LaSala, director of security solutions and security evangelist at OneSpan to find out more about what banks can do to bolster their security.

Continue reading →

Cybersecurity company ESET has released new research into FamousSparrow, a cyberespionage group attacking hotels worldwide, as well as governments, international organizations, engineering companies and law firms.

The Advanced Persistent Threat (APT) group FamousSparrow has been exploiting the Microsoft Exchange vulnerability known as ProxyLogon, which allows hackers to take control of Exchange servers.

Continue reading →

New research by Forrester for VMWare reveals a growing gulf between security and development teams.

Over half of developers surveyed (52.4 percent) say they feel that security policies stifle their innovation, and only 22 percent strongly agree that they understand which security policies they are expected to comply with.

Continue reading →

Ransomware now accounts for 69 percent of all attacks involving malware, according to the latest threatscape report from Positive Technologies.

The researchers have also identified a growing pattern of new malware specifically designed to penetrate Unix systems.

Continue reading →

It's increasingly common for enterprise systems to be in the cloud rather than in-house, but that throws up a whole range of new challenges when it comes to securing them.

We spoke to Dario Forte, vice president and general manager, security orchestration, at cloud management specialist Sumo Logic to find out more about what's involved in cloud security and how automation can help.

Continue reading →

These days a lot of us have home security systems to one degree or another. You may simply control your locks and perhaps a light; or you may be a little more invested in the technology, adding motion sensors, cameras, leak sensors and other little toys. 

The thing you need most with all of this is an operational system keeping an eye on everything when you can’t. You rely on this for protection for yourself, your family and your property.  

Continue reading →

A new report by the Cyentia Institute, sponsored by risk management company RiskRecon has analyzed over 800 cyber incidents and their impact on multiple downstream organizations.

It finds that multi-party loss events that impact thousands of downstream organizations, otherwise known as 'ripple events', can result in 26x larger financial losses than traditional single-party incidents.

Continue reading →

A new report from NTT Application Security shows that last year the education sector saw 408 publicly-disclosed school incidents, including student and staff data breaches, ransomware and other malware outbreaks, phishing attacks and other social engineering scams, plus a wide variety of other incidents.

This is 18 percent more incidents than were publicly-disclosed during the previous calendar year and equates to more than two incidents a day. The sector also has lower remediation rates and a higher than average time to fix.

Continue reading →

In the first half of 2021, cybercriminals launched approximately 5.4 million DDoS attacks, representing an 11 percent increase over the same period in 2020.

The latest threat intelligence report from NETSCOUT shows that in the first half of the year cybercriminals weaponized and exploited seven new reflection/amplification DDoS attack vectors putting organizations at greater risk.

Continue reading →

If you haven't been paying attention you may not have noticed that September is Insider Threat Awareness month, with the aim of educating individuals and organizations on the dangers of insider threats and the forms they can take.

Almost half of organizations say they find it difficult to prevent insider attacks according to a recent study, which means it's more important than ever to understand the risk. We've gathered comments from a number of industry experts on the nature of the threat and how to tackle it.

Continue reading →

Quantum computing offers incredible computing power and is set to transform many areas such as research. However, it also represents a threat to current security systems as cracking passwords and encryption keys becomes much easier.

So quantum is a security threat, but is there a solution to making systems safer? We spoke to David Williams, CEO of symmetric encryption specialist Arqit, to find out.

Continue reading →

Security researchers have discovered a vulnerability in the AMD Platform Security Processor (PSP) chipset driver for multiple CPU architectures. Tracked as CVE-2021-26333, the security flaw is comparable with the likes of Spectre and Meltdown.

The vulnerability, found by ZeroPeril Ltd, can be exploited to grab data such as password from memory, and it affects a wide range of AMD processors. AMD has issued a patch which users are advised to install as soon as possible.

Continue reading →

Nearly a quarter (24 percent) of office workers have experienced a data breach, yet 12 percent say nothing will make them take cyber security more seriously, and a third won't take extra precautions.

A survey of over 2,000 UK office staff from BlueFort Security finds 34 percent believe cybersecurity awareness is the biggest issue when it comes to hybrid working, and 33 percent cite personal use of company devices as another significant risk.

Continue reading →

Increasing numbers of apps are moving to an SaaS model and containers, but the security of these applications doesn't always get much attention.

We spoke to BetterCloud CEO, David Politis who believes that SaaS security is an area that businesses need to take much more seriously.

Continue reading →

Released at the same time as the company undergoes a redesign involving a new logo, Avast One is here to help keep you protected online. This is more than just an antivirus tool -- although an AV component is present -- this is a comprehensive suite of protective tools covering various aspects of security and privacy.

Things start off with Avast One Essentials, which is the free version of the security suite. For anyone with concerns about privacy, even this free version includes a powerful VPN with a generous weekly allowance. There is also protection against spyware, password theft and identity theft. And there is even more to explore in the paid-for editions.

Continue reading →