How to craft a security awareness program that works

Employees are often considered the weakest link in organizations’ efforts to create a strong security posture. Even organizations with security awareness programs in place struggle to instill strong security behaviors. Steve Conrad, managing director of MediaPro, a learning services company that specializes in information security, data privacy and compliance, says organizations can and should do[…]


OEM software update tools preloaded on PCs are a security mess

Serious vulnerabilities have crept into the software tools that PC manufacturers preload on Windows computers, but the full extent of the problem is much worse than previously thought. Researchers from security firm Duo Security have tested the software updaters that come installed by default on laptops from five PC OEMs (original equipment manufacturers) — Acer,[…]

Will your backups protect you against ransomware?

In theory, nobody should be paying any money to the ransomware extortionists. Doesn’t everyone have backups these days? Even consumer has access to a wide variety of free or low-cost backup services. But the headlines are full of reports about institutions such as hospitals and police departments, organizations that should have business continuity plans in[…]

3 top tools to fight insider threats

Lurking inside Image by Flickr/Dennis Skley We tested three products, each concentrating on a different aspect of the insider threat problem. Fortscale did an amazing job protecting a traditional network. Its machine learning capabilities and concentration on access and authentication logs gives it an extremely high accuracy rate. Cloud-based insider threats can be even harder[…]

Stealth Falcon group uses custom spyware, fake journalists to target UAE dissidents

Meet Stealth Falcon, a sophisticated and likely state-sponsored cyberespionage group, which is hell bent on conducting targeted spyware attacks “against Emriati journalists, activists and dissidents.” The digital attacks started in 2012 and are still being carried out against United Arab Emirates (UAE) dissidents. It’s not “just” spying with custom spyware that leads to dissidents being[…]

Flaw in popular WordPress plug-in Jetpack puts over a million websites at risk

Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks. Jetpack is a popular plug-in that offers free website optimization, management and security features. It was developed by Automattic, the company behind and the WordPress open-source project, and has over[…]

New products of the week 5.30.16

New products of the week Our roundup of intriguing new products. Read how to submit an entry to Network World’s products of the week slideshow. Actiance Platform for the healthcare and pharmaceutical industries Key features: The Actiance Platform addresses communications challenges for healthcare and pharmaceutical organizations in the midst of changing regulations by ensuring companies[…]

The shocking truth of how you'll be tracked online and why

A recent study, Online tracking: A 1-million-site measurement and analysis, conducted by researchers at Princeton University discovered that Google is tracking users on nearly 80 percent of all of the Top 1 Million Domains. How are they doing this? Not surprisingly, they’re using a variety of tracking and identification techniques and they’re doing it for[…]

Shared malware code links SWIFT-related breaches at banks and North Korean hackers

Malware links suggest that North Korean hackers might be behind recent attacks against several Asian banks, including the theft of US$81 million from the Bangladesh central bank earlier this year. Security researchers from Symantec have found evidence that the malware used in the Bangladesh Bank cyberheist was used in targeted attacks against an unnamed bank[…]