Information security news

RSS
New Study from OneLogin Reveals that a Great Number of Ex-Employees Continue to Exploit Company Applications

The survey reveals that a leak of data has increased to 20% because of failure to deprovision employees.

In spite of the fact that companies pay more attention to security sphere, a new investigation from the identity management provider OneLogin proved that still there is a lack of attention in many businesses to critical threats issues brought on by ex-employees – San Francisco, Calif., July 13, 2017.

 » Read more about: New Study from OneLogin Reveals that a Great Number of Ex-Employees Continue to Exploit Company Applications  »

Americans are not very proficient in password algorithm

The investigation of Wakefield Research revealed that although online worry increases, password algorithms remain unimproved. For example, 81% of respondents use one password for many accounts. They are more or less digitally dodgy, but, nevertheless, 92% say they use one password for various accounts.

 » Read more about: Americans are not very proficient in password algorithm  »

phishing_email_ransomware
Email is the main source for Ransomware Attacks

Many ransomware attacks (76%) take roots in your PC performance through sending malicious messages to your email.

As Barracuda reported, phishing is a real moneymaking (particularly spear phishing). Most of the companies communicate through email, that is why it is the most commonly used tool for attackers’ tricks.

 » Read more about: Email is the main source for Ransomware Attacks  »

Gmail Works in with Machine Learning

Google created new security measures for Gmail users, including protection against phishing attacks, click-time warnings for fraudulent links and unintended external reply warnings.

The new machine learning technologies are based on a certain principle that spot-checks messages for phishing tricks. Andy Wen said that it helps to block spams and phishing messages from occurrence in the inbox folder within the accuracy of 99.9%.

The viral detection combines with Google Safe Browsing’s machine learning technologies for revealing and flagging “phishy” and malicious URLs.

 » Read more about: Gmail Works in with Machine Learning  »

7 most widespread Security Threats

There is no way to avoid the reality: cybercrime, or cyber espionage will hit. Attackers are employing methods to deliver malware and steal credentials, from old vectors like malvertising, to new ones like appliances connected to the Internet of Things.

Companies try to improve their security measures, but many of them are not aware of the biggest dangers.

The reality is that cybercrime will definitely hit. The attackers’ methods focus on credentials steal,

 » Read more about: 7 most widespread Security Threats  »

Ransomware near-term perspective

Ransomware popularity increases – a real money making

The strategy is clear: a virus infects your PC and encrypts your data until you pay a ransom. The hackers create bit by bit instruction on how much to pay and even offer how to buy bitcoin if you are a new one in such issues. Usually, the sum comes to a few hundred dollars. Many users think that this is a better solution rather than giving up.

 » Read more about: Ransomware near-term perspective  »

Your smartphone’s fingerprint scanner turned out to be not the best security

Specialists, who have created fingerprints capable of fooling the sensors, said that smartphone fingerprint scanners are not as secure as we used to believe.

They could unlock mobiles with fingerprint security by using fake ones, so it is a great way to log in and to make different payments.

The investigation results of New York and Michigan State Universities revealed the researchers’ ability to develop “master prints that could fool a scanner up to 65 per cent of the time”.

 » Read more about: Your smartphone’s fingerprint scanner turned out to be not the best security  »

7 types of Internet Security Fibs

If you are fed to the teeth with people continuously asking about browsing safety, we are with you. Different warnings about internet security… But do not forget about antivirus program, little icon of which does its work.

Practically everyone believes he can light-heartedly click, specify and skim different type of information, and surf on the huge open space that is the internet.

Do not pay attention to those internet security fibs.

 » Read more about: 7 types of Internet Security Fibs  »

Employees Quickly Give Access to Privileged Info

Almost 72% of employees are ready to share confidential information of a company and little take company’s data with them after working hours.

The Dell End-User Security Survey provides with such troublous statistics, which reveals that many employees are not only willing to share sensitive information, but they do it without using special security protocols.

Data shows that for today the working strategy of employees is based on two principles: to be efficient and hard-working on the job and to hold company information in confidence.

 » Read more about: Employees Quickly Give Access to Privileged Info  »

The coming back of Petya ransomware with all its dirty tricks

Petya ransomware creators attempt to accuse its predecessor of a crack into their system.

Investigators revealed one more Petya ransomware type last year. Besides, it contains improved crypto and ransomware patterns now.

The authentic Petya was hacked last April and the group behind PetrWrap developed a specific module that modifies the original ransomware version on-the-spot.

The on-the-spot change is intended to conceal the fact that Petya is containing the malicious element,

 » Read more about: The coming back of Petya ransomware with all its dirty tricks  »

Malware attempts to infect Microsoft and Apple operating systems revealed

Last week investigators faced with a deleterious Word file that cannot distinguish between two different OS platforms. The goal of this malicious document is to infect other Microsoft systems.

If you open such a document, the malicious Visual Basic for Applications will affect your system immediately. The macro continues to read a base64-encoded character string in the file, which is reliant on the operating system, and then puts in force a certain script.

 » Read more about: Malware attempts to infect Microsoft and Apple operating systems revealed  »

‘Password rules don’t help’, Jeff Atwood Says

Jeff Atwood, founder of the popular coding site Stack Overflow, has presented a provoking and rather interesting pompous speech about dire state of the password policy.

His post, entitled “Password rules are bullshit”, reveals that the present format of the password instructions, e.g. using particular combinations of characters, isn’t actually secure. What is more, he claimed that such instructions usually do have the reverse effect and do harm to those people who are using secure password generators.

 » Read more about: ‘Password rules don’t help’, Jeff Atwood Says  »

Trump stresses cybersecurity but postpones executive order

U.S. President Donald Trump worried about cybercrime defense and insisted on better state authorities’ protection of the networks. For this purpose, he adjourned sine die the government directions signing to give a stimulus for administration’s issue consideration.

Due to draft copy of the order, the Ministry of Defense and the Department of Homeland Security would have 60 days for the networks security improvement.
Trump had to sign this order on Tuesday but cancel a back order a short time before.

 » Read more about: Trump stresses cybersecurity but postpones executive order  »

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

Over recent years, Netgear had been trying to improve its routers derangement that increased to 30, among which 20 characterized by the embedded programme problems.

Trustwave security expert Simon Kenin identified the weak point that lies in the fact that Netgear routers firmware have some problems with the password reset mechanism.

The explorer practiced deceit with web based controller interface of Netgear WNR1000v3 routers in January 2014 for password disclosure. There were two scripts called unauth.cgi and passwordrecovered.cgi and none of them prompted for an identification action.

 » Read more about: Easy-to-exploit authentication bypass flaw puts Netgear routers at risk  »

iPads ‘more secure than voting systems’ – claim

Dutch security expert Sijmen Ruwhof has scrutinized programme support of the Dutch election precinct and now makes a statement “the average iPad is more secure than the Dutch voting system.”

Taking into account SHA1 cryptography weakness of the Dutch voting system, local television station RTL wanted the expert to examine the inconsistency of its parts.

Since 2009, the Dutch election precinct does not use the electronic voting because of the ministers’ prohibition.

 » Read more about: iPads ‘more secure than voting systems’ – claim  »

Malware museum
A new Malware Museum Launched in the Internet

Normally, people feel nostalgic about old school music, films, cars or video games. However, there are people who are so fond of outdated computer viruses that they even created a real museum of them. These two IT experts who initiated storage of old viruses on the Archive.org service are Mikko Hypponen, the chief research officer of Finnish security company F-Secure and Jason Scott, a historian and the software library manager of Internet Archive.

Hypponen has been collecting old viruses since he got started in the information security business 25 years ago.

 » Read more about: A new Malware Museum Launched in the Internet  »

Elite Keylogger was tested

New version of Elite Keylogger was tested by our testing team. The review is available by the link Elite Keylogger

 » Read more about: Elite Keylogger was tested  »

Bayrob Trojan is controlled from Amazon server

ESET company is warning users about significant rise in malware Bayrob activity recently. Cyber criminals have been using it for stealing personal data including financial credentials.

Cyberthieves distribute Bayrob through bulk e-mail. The baiting incoming message is trying to impersonate Amazon, and its attachment contains a ZIP archive with executable file.

That’s a malicious file, and if we run it, an error message appears on the screen thus putting off our guard.

 » Read more about: Bayrob Trojan is controlled from Amazon server  »

Malicious software Babar
Malicious software Babar is capable of eavesdropping on users’ talks

Malicious software Babar is capable of eavesdropping on users’ talks and steal files from their computers, according to The Register.

This French-language malware was initially detected by Canadian researchers from CSEC (Communications Security Establishment Canada). At this time, however, security experts from GDATA and Cyphort Labs warned of its spreading and gave a detailed description of the dangerous application.

In fact, Babar has extensive spy functionality. Its features include typical ones like interception of keystrokes and information from the clipboard.

 » Read more about: Malicious software Babar is capable of eavesdropping on users’ talks  »

Spyrix Personal Monitor
Spyrix Personal Monitor was tested

New version of Spyrix Personal Monitor was tested by our testing team. The review is available by the link Spyrix Personal Monitor

 » Read more about: Spyrix Personal Monitor was tested  »