All Other security topics related articles
The latest iOS update, 11.4.1, released last Monday, brings with it a new feature meant to safeguard users’ data: USB restricted mode. From now on, if iOS devices have not been unlocked within the past hour, users will be required to enter their passcode when connecting to a Mac or PC or when trying to connect USB accessories to their iPhone, iPad or iPod touch.
This needs to be done only once when first connecting. Even if the devices are then locked, the USB accessories or computer connection will continue. If users don’t first unlock their passcode-protected iOS devices or they haven’t done so in the past hour, their devices will not communicate with the accessory or computer and, in some cases, not even charge. They might also see an alert asking them to unlock their device to use accessories.
Meeting security concernsWhile this feature may have little impact on the everyday use of…
Read more
The omnipresence of the internet, in all aspects of both our private and work lives, has digitized our existence and transformed it into sets of data, valuable to both companies and cybercriminals. While when it comes to businesses, users often agree to share their data as part of a give and take, where services are customized based on their data for a better user experience, sensitive information is also often targeted by malicious individuals through various types of scams and cyberattacks.
It is therefore important that both companies and individuals understand some of the basic, but crucial practices that help keep data secure on the internet. Here are our top five picks:
1. Two-factor authenticationMost email providers and internet services now offer two-factor authentication, a way of adding an extra layer of security on top of traditional passwords. It implies the existence…
Read more
Last week, Intel made headlines when it was reported by the Register that a security flaw in its processors forced Windows and Linux programmers to redesign their kernels. The news sent Intel stock plummeting and the cybersercurity community into a panic as further details of the extent of the vulnerability were revealed.
Since the initial news broke, several independent teams of academic and industry security researchers from around the world, among them Google’s Zero Project, confirmed they have identified three possible attacks that could exploit processors’ design security flaws. These were dubbed Spectre (variant 1 and 2) and Meltdown (variant 3).
Google had identified and informed affected companies about the possibility of Spectre attacks as early as June 2017 and Meltdown towards the end of July 2017, but chose not to make the information public to allow companies…
Read more
2017 has been a year of turmoil for information security with major breaches making headlines on a daily basis and cyberattacks being successfully deployed on an unprecedented scale. Ransomware went mainstream, corporations and government agencies failed to protect their data and the looming shadow of the EU’s General Data Protection Regulation (GDPR) sent companies into a scramble for compliance.
No company seemed safe from data leaks with big names such as Deloitte, Verizon and Uber falling victims to complex cyberattacks. The Equifax data breach, estimated to have affected over 143 million users in the US, brought the year to a grim conclusion for data security.
With December on the horizon, companies are breathing a sigh of relief to see this year of relentless breaches come to an end. But will 2018 be any different? Let’s have a look at the top trends going into the new year:…
Read more
When it comes to data protection and regulatory compliance, most of the organizations are not taking into consideration all risk factors that could hinder the security process. The lack of awareness and preparation can lead businesses into failing to protect their company data and preventing data breaches that could cost them their reputation.
No BYOD PoliciesAccording to a research study, uncontrolled user access to data and poor management of where data is stored are two of the biggest mistakes regarding a company’s data security.
Reaching compliance is already a complex process, but companies allowing their employees to transfer data inside and outside the network makes it even more difficult. No employee training or monitoring, along with no BYOD policies is a sure road to failure for any business.
The study shows that a lot of IT professionals (69%) allow employees to transfer…
Cloud Access Security Brokers (CASBs) became popular in 2016 and are continuing to get attention from companies, research analysts, and the media. They have emerged as a response to the security and compliance issues caused by cloud adoption and offer visibility into data security threats related to cloud apps usage. CASBs usually sit between users and cloud apps, acting like a gateway to intercept users’ activity and offer control and compliance. The interesting part is that they combine a sum of functionalities from different other existing solutions – firewalls, SIEM, Data Loss Prevention, encryption, and others.
Just to make sure CASBs are not confused with other tools, let’s see what CASBs can and cannot do to secure your data.
CASBs CAN1. Provide visibility into cloud apps use
CASBs can detect file uploads and downloads and data traffic for approved or unapproved apps…
Read more
Last year, Mark Zuckerberg, has incidentally revealed the simple security measures he takes to secure his MacBook: webcam and mic covered with tape. In short time, the story was covered by many news outlets, drawing everyone’s attention to the security issues. Many asked themselves why he would do such a paranoid thing. Is Mark’s fear of being seen and listened justified? If we think about the possibilities of exploiting webcams, and the fact that there’s even the smallest chance of being watched or heard without our permission, then, Mark’s concerns are totally legit. Taking into consideration the level of success of its business, he has been probably the target of many cyber attacks attempts.
Just imagine yourself sitting home, having a glass of wine and working on your laptop in your pajamas when suddenly your webcam light starts to blink, recording every…
With actual real-life successful implementations in many industries, we have to stop talking about the Internet of Things as an innovation of the future, a next generation technology. IoT is already here, it is changing our lives every day without even noticing and, in no time, we will not be able to imagine life without it. And if you are concerned that your refrigerator might know your dietary habits better than you, do not stress about it. Sooner or later you will come to peace with it.
Currently, Internet of Things (IoT) can be divided into five niche markets: smart cities, connected cars or smart transportation, smart homes, industrial internet, and wearables.
In the next few examples, we will see how IoT is currently used, what value it brings to many existing systems and how will it evolve, as well as what risks it presents.
One of the challenges IoT addresses is sustainable…
Read more
Black Friday is that day of the year when consumerization is at its peak. Everybody is searching for bargains, many even take a day off and, in many US states, it has been declared a public holiday. That means something.
The shopping buzz has determined in the last few years an increase in cyber attacks due to poor data security knowledge, and more creative and sophisticated methods used by attackers.
With a high shopping fever syndrome, people will spend hours online on various e-commerce websites, to take full advantage of Black Friday and the weekend offers, but they will unwittingly put at risk their private data and their employer’s data security, because many people search for deals from the work computer, on the company network, or from home, where protection is weaker.
The number of phishing attacks, especially against payment systems and online stores will start to bloom with…
Read more