News

Biometric technologies that use a person’s fingerprints, voice, heartbeat or even gait (the way we walk) as methods of authentication have attracted a lot of attention here in the UK for some time now. These techniques are gaining traction as the primary form of authentication to protect devices, apps and data. Biometric authentication is already seeing rapid adoption within the consumer arena. For example, MasterCard and HSBC have recently announced the introduction of facial and...

In security, SIEM is sometimes hailed as a 'holistic' approach - while others look upon it as a box-ticking facet of security, there for compliance purposes rather than actually defending from and reacting to security incidents. With so much confusion over the issue, the Guru felt it was time to sit down with someone who knows the topics inside out - enter Graeme Stewart, managing director at LogPoint UK & Ireland. We were lucky enough...

WhatsApp users have been left perplexed after being offered 'WhatsApp Gold', a supposed upgrade that was only for top celebrities previously. The app offers a host of new features including sending over 100 pictures at once and free WhatsApp calls. Of course the app is in fact a cybercriminal production, that installs malware on the phone and siphons details such as location and personal activity. When you see what the app offers in it's message, it's...

Running behind trendy APTs we tend to forget about common-sense approach and holistic risk assessment. Almost 3 terabytes of data stolen in the Panama Gate scandal will shortly become searchable online. Mossack Fonseca, the breached legal firm behind one of the largest data leaks in the history, had numerous high-risk vulnerabilities in its front-end web applications, including its Client Information Portal. Actually, few hacking groups would spend money on expensive zero-days and complicated APTs, when the information can...

The IT Security Guru has been lucky enough to be able to share a series of videos from the security specialists at AppRiver, award winning e-mail and web security solutions providers. The videos will break down the findings from AppRiver’s Global Security Report, a quarterly study published by the company that explains the latest trends and threat actors they’ve seen as they carry out their work, securing millions of inboxes around the world. This video...

The last quarter of 2015 witnessed a series of high profile data breaches which may prove to be a tipping point in public attitudes towards data security. The TalkTalk hack, in particular, defines the new risk normal for 21st century business. Estimates put the cost to the company at £60 million and between 100,000 and 250,000 lost customers. By chance, this period also saw the release of the final draft of the new European General...

MWR InfoSecurity has just confirmed that an extra 100 people will be able to participate in this year's HackFu 2016 challenge. Players from all walks of life will be able to participate as remote delegates, providing support to those on the ground at HackFu, helping solve puzzles and solve clues to beat the challenges set out by MWR's tech boffins. Having previously incarcerated participants in a decommissioned prison, and converted a gothic mansion in Gloucestershire...

Join AppRiver's experts for another close-up on the findings of their Global Security Report. This week, we're analysing what the Distributed Spam Distraction Technique actually is and how it's developed over recent years. A cyber criminal basically uses stolen details to incur fraudulent charges - however the e-mail confirmation can't be hidden from the person being scammed. SO they will send this victim thousands of e-mails, which are very difficult to block, in order to...

I'll huff and I'll puff and I'll...bring your web application offline! The possibility of a business being targeted by some huge zombie army, or botnet, is enough to send shivers down the spine of many seasoned security veterans. Modern botnets are of vast size and power, with more sophisticated features and capabilities than ever before. Modern botnet attacks can be very precise and controlled, being pulsed and sent in different ways to make the attackers...

You are probably sick and tired of your IT team banging on about changing your passwords regularly, but there is no one to chase the IT team to change their own privileged passwords (admin, root and such). We assume they follow their own advice but ironically, the majority (55%) of IT professionals make end users change their passwords more often than they change administrative credentials. This is according to a survey of almost 200 IT professionals at...