Security

0 Comments
UK consumers are keen to embrace the use of QR codes as the country exits COVID-19 lockdown, but security experts have warned that low awareness levels could be exploited by cyber-criminals. Security vendor Ivanti recently polled over 500 British consumers to better understand their attitudes to QR codes. The technology is increasingly being used in
0 Comments
by Paul Ducklin We investigate the controversy that was stirred up recently when the FBI in the US used malware to fight malware. The Feds accessed remote access webshells left behind after the recent Hafnium attacks to remove the webshells themselves, after a court order said they could. As helpful and as community-minded as this
0 Comments
Google is shouting about a new standard designed to enhance baseline security across mobile applications. The Mobile Application Profile is the work of the Internet of Secure Things Alliance (ioXt), a consortium of over 300 members including Google, Facebook, T-Mobile, Zigbee Alliance, Schneider Electric and many others. “With so many companies involved, ioXt covers a
0 Comments
America has issued a cybersecurity advisory that urges organizations to patch vulnerabilities it says are being exploited by Russian Foreign Intelligence Service (SVR) actors. The warning was jointly issued on April 15 by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI), as the US
0 Comments
The United States has indicted two Pakistani men on suspicion of operating an illegal online store that sold false identification documents on the dark web.  Karachi residents 34-year-old Mohsin Raza and 33-year-old Mujtaba Raza were charged in a six-count federal indictment unsealed in the District of New Jersey on April 15.  Each man is charged with conspiracy to
0 Comments
by Paul Ducklin Sophos cybersecurity expert Chester Wisniewski provides excellent, topical and timely commentary on the FBI’s recent use of a malware-like method to forcibly clean up hundreds of servers still infected in the Hafnium aftermath. With Paul Ducklin and Chester Wisniewski Intro and outro music by Edith Mudge. LISTEN NOW Click-and-drag on the soundwaves
0 Comments
Thycotic and Centrify have completed their previously-announced merger, and are now operating under the temporary name of ThycoticCentrify, it has been announced. The two cybersecurity firms have joined together to form a single cloud identity security vendor, pooling their respective expertise and tools in the area of privileged access management (PAM). The announcement comes amid
0 Comments
Cyber-attacks against global financial institutions are increasingly characterized by attempts to counter incident response, with destructive efforts surging 118% over the past year, according to VMware. The tech giant’s Modern Bank Heists 4.0 report was compiled from interviews with over 120 CISOs and security leaders from some of the world’s biggest banks. It revealed that
0 Comments
The British public are still woefully underinformed and unaware of the security benefits of multi-factor authentication (MFA), a new study from the FIDO Alliance has revealed. The industry association, founded in 2012 to promote authentication standards and reduce global reliance on passwords, recently polled over 4000 consumers in the UK, France, Germany and the US.
0 Comments
Social media giant Facebook has removed thousands of groups from its platforms over the trading of fake and misleading reviews. The cull occurred after two separate interventions by Britain’s competition watchdog, the Competition and Markets Authority (CMA). In January 2020, Facebook committed to improving its identification, investigation, and removal of groups and other pages where
0 Comments
Surging levels of fraud and financial crime during the pandemic threaten to overwhelm banking teams working from home with disjointed internal systems, according to new research from FICO. The predictive analytics company commissioned Omdia to poll 110 senior executives supporting financial crime-fighting efforts in banks across the US, UK, Brazil, Germany, the Nordics and Canada. In
0 Comments
The legal industry’s first comprehensive data security evaluation and accreditation program has been launched today. The Data Steward Program (DSP), which has been developed by the Association of Corporate Counsel (ACC), will enable quick assessments and comparisons of law firms’ data security standards by prospective clients. The ACC said the program has been introduced in
0 Comments
Security researchers have discovered new malware disguised as a Netflix application, designed to spread worm-like via victims’ WhatsApp messages. Check Point discovered the wormable malware in an application on the Google Play Store called ‘FlixOnline’. It was designed to attract Android users by promising unlimited entertainment from anywhere in the world, using the Netflix logo to