Visit our other websites:    Consumer IT    On CE    Mobile Channels    ECI news    rAVe Europe    Digital Signage News    

 

eSP - IT Solution Providers in Europe

  • Full Screen
  • Wide Screen
  • Narrow Screen
  • Increase font size
  • Default font size
  • Decrease font size

Security

Gartner: Information Security Grows Further in 2016

E-mail Print PDF
Gartner: Information Security Grows Further in 2016

Gartner reports global information security spending is set to grow by 7.9% to reach $81.6 billion in 2016, with consulting and IT outsourcing as the largest spending categories.

By end 2020 the highest growth is forecast to come from security testing, IT outsourcing and data loss prevention (DLP). During the same period secure web gateways (SWGs) should maintain growth of 5-10% as organisations focus on detection and response, all while security practitioners retain a buying preference for preventative measures.

"Organisations are increasingly focusing on detection and response, because taking a preventive approach has not been successful in blocking malicious attacks," the analyst says. "We strongly advise businesses to balance their spending to include both."

Read more...

Europol Joins Security Companies in No More Ransom

E-mail Print PDF
Europol Joins Security Companies in No More Ransom

The Dutch National Police, Europol, Intel Security and Kaspersky Lab join forces in No More Ransom-- an initiative aimed at informing the public about the dangers of ransomware, as well as helping victims recover their data without paying cybercriminals.

No More Ransom currently offers downloadable tools for the decryption of PCs affected by common ransomware attacks, including CoinVault, Bitcryptor, Cryptxxx 1, 2 and 3. In fact, the launch of the initiative comes about with the takedown of the servers holding the decryption keys of Shade, a ransomware variant with a victim count reaching 160000.

The advice on offer by No More Ransom is basic but decent-- do regular backups, keep software up-to-date, use a solid antivirus, show file extensions by default and trust no one. In case of attack, the initative insists one should not pay the ransom, but to do so one needs to hold regular backups. Some organisations ended up prey to such attacks, including the University of Calgary, which paid $20000 to restore access to systems and data.

Meanwhile a "Crypto Sherrif" section allows the public to help in the effort by uploading malware samples and a description helping identify the kind of ransomware affecting their systems.

Read more...

Check Point: HummingBad Infections Total 10 Million

E-mail Print PDF
Check Point: HummingBad Infections Total 10 Million

There is no such thing as a completely secure mobile device, Check Point insists-- according to the security company devices infected with the HummingBad malware already total 10 million globally.

HummingBad is allegedly developed by Yingmob, the highly organised Chinese group behind the Yispector iOS malware. It infects devices through the search of that most basic of needs, pornography, requires very little in terms of technical effort to run and generates revenues worth over $300000 monthly in fraudulent ad clicks.

CheckPoint adds HummingBad represents a disturbing first step for its creators-- emboldened by its success, Yingmob can potentially take mobile malware to entirely new directions, creating powerful botnets to conduct highly-targeted attacks or sell access to devices to the highest bidder.

Read more...

Lenovo ThinkPads Hit by Critical Security Flaw

E-mail Print PDF
Lenovo ThinkPads Hit by Critical Security Flaw

Lenovo ThinkPads suffer from an exploit allowing the disabling of write protection of critical firmware areas, security researcher Dymtro "Cr4sh" Oleksiuk warns.

Dubbed "ThinkPwn," the exploit targets a privilege escalation flaw in a Unified Extensible Firmware Interface (UEFI) driver. It allows attackers to remove the flash write protection and execute rogue flaw in the System Management Mode (SMM), a privileged CPU operation mode.

Oleksiuk says the result can disable SecureBoot (prevents boot-level rootkits) and the Windows 10 Credential Guard feature (prevents theft of enterprise domain credentials). And if matters weren't bad enough, the flaw probably comes from a CPU reference specification used by a number of independent BIOS vendors (IBVs), meaning it might also affect laptops from OEMs other than Lenovo.

Read more...

Symantec Endpoint Protection Poses Vulnerability Risks

E-mail Print PDF
Symantec Endpoint Protection Poses Vulnerability Risks

Google researchers warn the core engine behind Symantec security products, including Endpoint Protection, features multiple critical vulnerabilities, putting "millions of computers" at risk.

"These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible," a Project Zero blog post reads. "In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption."

All Symantec and Norton branded antivirus products across all platforms pose the same security risks. Some of the flawed code is found in "unpackers," compression tools used to reduce executable sizes. Symantec runs unpackers in the kernel, leading to risks of clean heap overflow on Linux, Mac and other UNIX platforms, or kernel memory corruption in Windows.

Read more...

Page 10 of 50