Cybercriminals shift tools, tactics and procedures to improve infection rates

Trend Micro released its Midyear Security Roundup 2018, revealing that cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources. Cryptojacking attempts are making the biggest impact so far this year. Trend Micro recorded a 96 percent increase in cryptocurrency mining detections in 1H 2018…

Facebook Pulls Security App From Apple Store Over Privacy

The twin developments come as Facebook is under intense scrutiny over privacy following the Cambridge Analytica scandal earlier this year. Allegations that the political consultancy used personal information harvested from 87 million Facebook accounts have dented Facebook’s reputation. Since the scandal broke, Facebook has investigated thousands of apps and suspended more than 400 of them…

Man-in-the-Disk: A new and dangerous way to hack Android

Android is a good operating system whose developers truly care about security, but with so many OS versions and applications, keeping an eye on all of them is a tall order. Therefore, new ways to circumvent the built-in security mechanisms surface fairly often. The latest way to hack Android is called “Man-in-the-Disk,” and that is…

Blocking compromised passwords: How and why to do it

Passwords are beginning to feel like the zombie that just won’t die. Even after Bill Gates famously called for their demise in 2004, this antiquated form of user verification is still alive and kicking. Yet, many remain hopeful that passwords will slowly be phased out as the world move towards stronger authentication. That is not…

The GDPR Ripple Effect

The race to comply with the European Union’s General Data Protection Regulation (GDPR) by the May 25 deadline is over, but data security and privacy is a marathon, not a sprint. If the ever-evolving regulatory compliance landscape is any indication, GDPR is just the first of many mandates to come. Although it certainly has been…

6.4 billion fake emails sent every day

The Valimail Q2 2018 Email Fraud Landscape shows that fake email continues to be a serious problem, with an estimated 6.4 billion fake emails sent every day. That total includes only exact-domain sender spoofing, in which senders put a fake email address in the From: field of their messages. This is one of the most…

It Takes an Average 38 Days to Patch a Vulnerability

It takes over a month for the average organization to patch its most critical vulnerabilities, according to a new report detecting trends in Web application attacks. The data comes from tCell, which today released its Q2 2018 “Security Report for In-Production Web Applications.” Researchers analyzed more than 316 million security incidents across its customer base…

Who owns application security?

In July 2018, F5 released its first annual Application Protection Report. As part of the report, F5 commissioned Ponemon to survey of 3,135 IT security practitioners across the world. The survey collected information about respondent’s application security processes. A key question asked for respondents to name their organization’s primary owner of application risk. In theory,…