Author Archives: Security on TechRepublic

Why cryptojacking will become an even larger problem in 2019

Cryptojacking was the runaway security problem in 2018, damaging devices in cybercriminals' pursuit of profits. As cryptocurrency prices fall, 2019 could see more attacks.

Why 2019 will introduce stricter privacy regulation

Privacy regulation is a complex topic with ever-changing parameters and requirements. Read some predictions for what's coming in 2019.

Brute force and dictionary attacks: A cheat sheet

Brute force encryption and password cracking are dangerous tools in the wrong hands. Here's what cybersecurity pros need to know to protect enterprises against brute force and dictionary attacks.

Brute force attacks: How to protect your business

Cracking encryption is supposed to take forever, right? Not if an attacker knows what they're doing.

5 biggest IoT security failures of 2018

The ubiquity of internet-connected devices has seen a proportional increase in security failures. Here's the most egregious failures of 2018.

Were your private photos exposed due to Facebook’s security bug?

Here's how to tell if you were one of the 6.8 million Facebook users whose private photos could have been accessed by third-party apps.

Here’s how NPM plans to improve security and reliability in 2019

NPM is working to course-correct after 2018 brought a handful of major incidents that caused usability and security headaches for system administrators.

2019 cloud security predictions

The smart attack era is upon us. Learn how AI, machine learning, IT process automation and a bit of common sense will help our cloud security.

Google is reading text in YouTube videos for search crawling without user consent

Videos uploaded as private or unlisted are subject to being crawled, but Google's documentation does not acknowledge this behavior at all.

The biggest phishing attacks of 2018 and how companies can prevent it in 2019

Phishing attacks flourished in 2018, but organizations can protect themselves with the three tips below.

15 skills you need to be a whitehat hacker and make up to $145K per year

Aspiring hackers and cybersecurity pros are joining the ethical hacking community to earn extra cash, according to Bugcrowd.

88% of organizations are not properly governing its own data

Some 88% of organizations aren't correctly managing access to data stored in files, according to a SailPoint report.

Capitalinstall malware targets healthcare sector, delivers payload via Microsoft Azure

Cloud storage providers offer virus and malware scanning, but the existence of that service is not enough to assume files from the cloud are not malicious.

3 ways dark web data trade will change in 2019, and how to protect your business

Sensitive data compromise was a huge problem in 2018 and remains a top concern going into 2019. Here are the three things companies should look out for.

Facebook data privacy scandal: A cheat sheet

Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.

What the Google+ security flaw and expedited shutdown means for enterprise users

The consumer version of the social networking service is being shut down faster than originally announced, but the enterprise version will live on.

5 cloud security trends to watch in 2019

While AWS, Microsoft Azure, and Google Cloud Platform are responsible for protecting cloud infrastructure, customers must monitor other vulnerabilities, according to Palo Alto Networks.

How to use Cloudflare encrypted DNS on Android

If you're looking for an easy means of enabling encrypted DNS on Android, the Cloudflare 1.1.1.1 app is the way to go.

IT leaders spend 10% more money improving customer experience than security

Prioritizing user experience at the expense of security can increase sales, though pivoting from passwords is still problematic.

Networking trends and news: 2018 year in review

Networking is a fairly old subject, but there are still plenty of interesting things happening. Highlights from 2018 include stories about security, 5G, net neutrality, the Linux Foundation, and more.

Top 5 ways smart homes are getting smarter

Tom Merritt explains five ways smart home technology is evolving.

Top 5 features smart homes still need

Tom Merritt explains five ways smart home technology is evolving.

7 tips for CXOs to combat cybersecurity risks in 2019 and beyond

This year alone saw more than 600 data breaches, yet only 25% of organizations are planning to defend against attacks, according to Deloitte.

22 Android click fraud apps with 2M+ downloads removed from Google Play Store

Fraudulent apps rely on a backdoor opened to receive instructions from a command and control server, opening users to greater potential harm.

10 tips to combat phishing via social media platforms

Social media platforms are just as susceptible to phishing attempts as email. Learn some strategies to protect yourself and your users from such attacks.

Android Security Bulletin December 2018: What you need to know

Another month where Android finds itself with a mixture of Critical and High vulnerabilities. Jack Wallen offers highlights.

Only 29% of EU organizations are GDPR compliant

Despite the May 2018 deadline, most companies have not implemented all necessary GDPR changes, according to an IT Governance report.

5 ways to avoid cyberattacks during holiday travel

Whether traveling for business or the holidays this month, follow these tips from Matrix Integration to keep your devices safe.

70% of businesses using bots to boost efficiency, only 5% govern their access to data

As software bots spread throughout the enterprise, business leaders must control their access to sensitive information, according to a SailPoint report.

3 ways to kick-start your organization’s cybersecurity training

Only 45% of organizations offer mandatory cybersecurity training, according to a Mimecast report. Here's how to boost your employees' security education.

Cross-site scripting attacks: A cheat sheet

Even the most trustworthy-looking website could trick you into giving up personal details through cross-site scripting. Here's what you need to know about XSS attacks.

Cross-site scripting: What is it?

Cross-site scripting is one of the biggest, most persistent threats on the internet. Are you at risk for an XSS attack?

Huawei’s smartphone OS aims to challenge iOS/Android dominance: Can it succeed?

Huawei is developing their own OS as a contingency plan in the event US sanctions make using Android unviable. In a crowded market, is there room for a third OS?

5 major data breach predictions for 2019

Biometrics and gaming are just a couple of the new cyberattack vectors professionals can expect in 2019. Here is what else to look out for.

Top 4 security threats businesses should expect in 2019

Cybercriminals are developing more sophisticated attacks, while individuals and enterprises need to be more proactive in security practices.

Man-in-the-disk attacks: A cheat sheet

A flaw in Android external storage opens up legitimate apps to being hacked and gives illegitimate ones a window to exploit. Learn more about man-in-the-disk attacks, including how to avoid them.

What is a man-in-the-disk attack?

Android users should beware of this dangerous attack that targets their mobile device's storage.

Man-in-the-middle attacks: A cheat sheet

Cybercrime takes on a lot of forms, with one of the oldest and most dangerous being man-in-the-middle attacks. Here's what you need to know about MITM attacks, including how to protect your company.

What is a man-in-the-middle attack?

Here's a quick rundown of what a man-in-the-middle attack is, and why it's so dangerous.

The top tech news of 2018, ranked

It's been a wild of a year for tech. Here are the biggest tech news stories on our readers' minds.

A free decryption tool is available for Thanatos ransomware victims

ZDNet's Danny Palmer explains the evolution of the world's weirdest ransomware.

WannaCry: One year later, is the world ready for another major attack?

ZDNet's Danny Palmer examine's the aftermath of WannaCry, Notpetya, and Bad Rabbit.

How to protect your business from botnets: 6 strategies

Cybercriminals have recently broken records for DDoS strength. Here's how to protect your network from attacks, and prevent devices from being assimilated into botnets.

Office workers beware: Holiday gift card spear phishing attacks on the rise

Attackers target office managers during the holiday season, tricking them into sending hackers gift cards, according to a Barracuda report.

How tech leaders at enterprise companies can be more inclusive

Cisco's Michele Guel, Distinguished Engineer and Chief Security Architect, explains how to recruit women into STEM and cybersecurity.

Why AI-faked videos are a danger national and business security

If you thought fake news was bad, just wait until hackers get their hands on AI-powered face swapping tech, says G2 Crowd CRO Michael Fauscette.

How hospitals can use AI to fight medical device hacking

Ben-Gurion University researchers developed a device-focused cybersecurity solution to act as a last line of defense to protect patients.

3 ways for your business to spot a spear phishing email during the holidays

Cyberattacks on organizations are predicted to skyrocket during the online holiday shopping season. Here is how to identify possible threats.

Direct Autonomous Authentication: Taking multi-factor authentication to the next level

​Direct Autonomous Authentication is an improved authentication method intended to better meet today's security needs for both wireless and wired networks.

How to install AIDE intrusion detection system on CentOS 7

Your CentOS 7 servers are rock solid, but could still use a bit of help. Find out how to install an easy to use intrusion detection system in less than five minutes.

IoT security market will hit $9.88B by 2025, as privacy issues abound

As IoT devices flood the market, consumers are pushing for more privacy initiatives, according to recent Grand View Research report.

LinkedIn used 18M non-member emails to target Facebook ads. Were you a victim?

A Data Protection Commissioner investigation found that LinkedIn violated data protection policies shortly before onset of GDPR.

8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online

The holiday season isn't just busy for shoppers--it's busy for cybercriminals, too. Here's a holiday shopping safety guide with advice on how to stay safe online.

5 reasons to improve cybersecurity by updating software

Wake up, cybersecurity pros, and don't let your business be an easy target for cybercriminals. Learn why keeping digital infrastructure up-to-date should be an essential part of cybersecurity strategy.

Google, Mozilla working on letting web apps edit files despite warning it could be ‘abused in terrible ways’

The firms, known for their Chrome and Firefox web browsers, are heading a group that is devising a way for users to save changes they make using web apps.

Why military veterans might be key to closing the cybersecurity jobs gap

Discover why it might be prudent to hire veterans who are already trained in cybersecurity and understand the concepts of militarization.

How IoT medical devices save your life and threaten your privacy

Consumers increasingly depend upon IoT devices to help them do everything from improving sleep to monitoring blood sugar levels. In the process, they may be giving up more privacy than expected.

500K Android users hit with malware, and what to do if you’re infected

13 malicious apps ended up on the Google Play store. Here's how to stay protected.

Why e-commerce is winning: Most Americans now trust online retailers with their data

Despite conflicting opinions about online privacy, customers choose to shop with companies that take reasonable security precautions.

How to install fail2ban on Ubuntu Server 18.04

Your Ubuntu Server might be vulnerable to attacks. To prevent unwanted logins, Jack Wallen shows you how to install intrusion detection system, fail2ban.

How to restore Windows Server backups from corrupt catalogs

Check out these six ways to mitigate against corruption and bounce back from a server failure.

85% of enterprises allow employees to access data from personal devices, security risks abound

As consumerization becomes the norm in most industries, devices attached to your organization require proper security protocols.

The no. 1 challenge for SMB leaders? Choosing the right tech

Despite customer demand, small businesses are slow to invest in emerging technologies like AI, IoT, and chatbots, according to Capterra.

Top 5 ways to pick a secure password

Picking a secure password is crucial to protecting sensitive information. Tom Merritt offers five do's and don'ts for picking the strongest password possible.

Excessive API growth puts enterprise security at risk

Offering APIs for external service integrations is important, but poor security practices in API access and design can put your organization in danger.

Top security tips revealed by industry experts

Tech professionals and executives share their top security tips for work--and home.

How to manage your passwords effectively with KeePass

​KeePass is a popular and free password management tool. Learn about the benefits and techniques to get the most of out of it.

The 4 key points of digital innovation

Experience, ecostructure, efficiency and cybersecurity are the four most crucial aspects of digital innovation for the enterprise.

How military-style training may enhance your cybersecurity strategy

Find out the benefits of realistic cybersecurity training, such as what is offered by IBM's X-Force Command Center. The facility is modeled on the approach used by the military and first responders.

Is retaining a cybersecurity attorney a good idea for your business?

Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.

How to auto mount FAT32-formatted drives in Samba

You might have a FAT32-formatted drive that needs to be shared out to users. To do that with write permissions, you must make use of fstab. Jack Wallen shows you how.

The majority of business pros aren’t able to prevent cyberattacks

Only 25% of organizations feel confident in their abilities to respond effectively to cyberattacks, according to recent Ponemon Institute study.

AI, supply chain, and IoT risks will dominate the 2019 cyberthreat landscape

Privileged attacks will continue and Android will close open access, according to BeyondTrust's cybersecurity predictions for the new year.

The top 5 myths about cloud-based security

Enterprises are turning to security in the cloud for greater flexibility and reduced complexity, but several misconceptions exist. Here's the truth, according to a Forcepoint report.

Cyber Monday shoppers will overlook past cybersecurity breaches for a good deal

Some 62% of online shoppers are willing to shop sites vulnerable to breaches for a discount on Cyber Monday, a DomainTools report says.

Researchers discover seven new Meltdown and Spectre attacks

Experiments showed that processors from AMD, ARM, and Intel are affected.

Micro data centers are changing IT’s role in the retail industry in unexpected ways

As brick-and-mortar retailers use micro data centers to power unique customer experiences and compete with online giants like Amazon, they're ramping up IT to manage these mission-critical systems.

AI, IoT, and edge computing drive cybersecurity concerns for 2019

As companies adopt emerging technologies, the cyber risk landscape is set to grow larger in the new year, according to a Forcepoint report.

69% of ATMs can be hacked to spit cash in minutes

ATM vulnerabilities highlight the importance of securing machines against network attacks, according to a Positive Technologies report.

How to improve enterprise IoT security: 5 tips

Some 25% of companies struggling with IoT security lost at least $34 million in the last couple years. Here are five ways to stay better protected.

4 communication fundamentals that should be in every disaster recovery plan

See where the communication breakdowns are likely to occur--and revise the disaster recovery plan accordingly.

How to download your data stored by Apple

Downloading a copy of your data that Apple stores in iCloud and other services is easier than ever. Learn more about this massive privacy change.

Android Security Bulletin November 2018: What you need to know

Another month where Android finds itself with a mixture of Critical and High vulnerabilities. Jack Wallen offers highlights.