Pirate websites expose users to more malware, study finds
The study found that the more time users spent on pirate sites the higher the likelihood that some type of malware would compromise their computers.
Cybersecurity
Employers’ best bet for appealing to security pros? Value their opinions
The report also sheds light on how not to go about attracting new hires. Vague and inaccurate job descriptions along with job postings that include insufficient qualifications were found to top the list of turnoffs for many jobseekers
New DDoS attack method breaks record again, adds extortion
DDoS mitigation service Arbor Networks has announced that an undisclosed US company has suffered an attack fueled by internet-facing Memcached servers that clocked in at 1.7 terabits per second (Tbps), beating the previous record of 1.35 Tbps.
GitHub knocked briefly offline by biggest DDoS attack ever
At its peak, inbound traffic reached a staggering 1.35 terabits per second (Tbps), outflanking the previously record-setting assault of 1 Tbps at French web hosting provider OVH in September 2016.
The rise of AI needs to be controlled, report warns
The experts urge policy-makers to work closely with technical researchers, computer scientists and the cybersecurity community to investigate, understand and prepare for possible malicious uses of AI.
Major reform of cybersecurity policies in France
This document, which is described by its authors as a “real white paper on cyber-defense”, is divided into three parts, followed by approximately 20 priority recommendations summarizing the central elements of the document.
One‑third of organizations sacrifice mobile security for business performance
Only one in seven organizations have put in place all four basic cybersecurity practices specified by Verizon – changing all default passwords, encrypting data transmitted over public networks, granting employee access on a need-to-know basis, and testing security systems regularly.
Friendly warnings left in unsecured Amazon S3 buckets which expose private data
Ethical hackers are warning businesses who use Amazon S3 cloud storage if they have left data exposed for anyone to access... by leaving "friendly warnings" on the servers.
US forms dedicated office to help avert cyberattacks on infrastructure
The vulnerability of critical infrastructure, including energy grids, to cyberattacks has been a growing concern worldwide. Many nations have been scrambling to improve their defenses vis-à-vis threats faced by services that are critical to the continuity of our daily lives.
Patch now! Microsoft fixes over 50 serious security flaws
This week saw the second Tuesday of the month, and everyone who is responsible for protecting Windows computers knows what that means: another bundle of security patches have been released by Microsoft.
Smart, Smarter… Dumbest…
While the evolution of new smartphones creates more possibilities for the user, these new devices also creates more possibilities for hackers.
World Economic Forum: Cyberthreats rising in prominence in global risk landscape
The latest survey marks a shift from optimism regarding technological risks in the previous years. The heightened levels of worry come on the back of an escalation in cybersecurity threats, which, as noted by the WEF, are growing in prevalence and in disruptive potential alike.
CES 2018 cybersecurity: Now in every single ‘whatchamacallit’
Not content anymore to just have a bed made of soft plushy stuff, now you can adjust everything about the bed, from electronically sitting up in bed to the lighting surrounding your nap: connected digital technology everywhere.
Meltdown and Spectre CPU Vulnerabilities: What You Need to Know
The first few days of 2018 have been filled with anxious discussions concerning a widespread and wide-ranging vulnerability in the architecture of processors based on Intel's Core architecture used in PCs for many years, and also affecting ARM processors commonly used in tablets and smartphones.
Now is the best time to craft your breach response
Taking time to think logically and deliberately about your assets can help you determine what needs to be secured. Preparing for the worst can help you see the best course of action to prevent those emergencies in the present.
Cybersecurity review of 2017: The year of wake‑up calls – part 2
Courtesy of its highly customizable nature – along with its ability to persist in the system and to provide valuable information for fine-tuning the highly configurable payloads – the malware can be adapted for attacks against any environment, making it extremely dangerous.
Cybersecurity review of 2017: The year of wake‑up calls – part 1
Ransomware and data breaches remain major thorns in the sides of users and organizations across the world, often piercing their defenses without too much effort.
What does revoking Net Neutrality mean for security?
Imagine the scenario where an Internet Service Provider (ISP) allows a security company providing malware protection the option to pay for their traffic to be prioritized and a lower the priority level imposed on all other providers.
Adventures in cybersecurity research: Risk, cultural theory, and the white male effect – part 2
Armed with the cultural theory described in part one as a possible explanation for why some people do not heed expert advice, we fielded a survey that queried US adults about their attitudes to 15 different technology hazards, including six that were cyber-related.
Adventures in cybersecurity research: Risk, cultural theory, and the white male effect – part 1
Again and again we have seen security breaches occur because people did not heed advice that we and other people with expertise in security have been disseminating for years, advice about secure system design, secure system operation, and appropriate security strategy.