5 best practices for IIoT project success
Based on years of pilot projects and proofs-of-concept, the Industrial Internet Consortium has detailed the best-practices organizations can use to ensure successful deployments.
Author Archives: Security on TechRepublic
MGM Hotel breach highlights need for sophisticated cloud security
Cybercriminals posted the information of more than 10 million customers on a hacker forum a year after the initial attack on a cloud server.
92% of Americans would delete an app that sold their personal information
Smartphone users don't want government encryption backdoors and would rather read "terms and conditions" than watch the movie "Cats."
70% of IT leaders say security concerns restrict adoption of public cloud
While the concerns are legitimate, Barracuda also wants IT professionals to know that practical solutions exist.
11 things you might not know about security operations center burnout
Managers and industry leaders are beginning to address mental health in the IT world - and here are symptoms to look for and solutions to try.
Compliance: Veritas tool adds intelligence and analysis to data supervision
A new release leverages machine learning to help companies reduce the search time they need to remain compliant in regulated industries.
Verizon bails on RSA: How the coronavirus is disrupting tech conferences worldwide
Verizon is the latest to withdraw from the RSA conference in San Francisco as tech trade shows around the globe are impacted by novel coronavirus (COVID-19). Here's what you need to know.
Security platform tracks rogue wireless devices via real-time map
New security tool from Bastille Networks can help security teams enforce no cell-phone zones.
How to use Restricted Shell to limit user access to a Linux system
Learn how to prevent Linux users from executing certain commands and confining them to their home directory by employing rbash.
5 free security apps to keep your Mac safe
Mac users, check out these five antivirus software options, which includes one antimalware app that is ideal for SMBs.
Cloud misconfigurations cost companies nearly $5 trillion
A DivvyCloud report finds 196 data breaches exposed more than 33 billion records due to environments without appropriate security.
Data privacy: What consumers want businesses to know
A new PwC report reveals what customers expect when it comes to expectations of privacy surrounding their data.
Security holes in 2G and 3G networks will pose a risk for next several years
Despite the growth of 5G and 4G, older network technologies beset with certain security flaws will be around for many more years, says enterprise security provider Positive Technologies.
Insider data breach survey finds directors most likely to break company policy
Report suggests IT leaders think breaches are inevitable and don't have adequate risk management in place.
Cybercriminals get creative with tax scams ahead of April 15
Hackers are going after everyone this tax season, including the companies handling our most sensitive information.
Coronavirus domain names are the latest hacker trick
One site registered in Russia offers a coronavirus cure for $300.
How to manage security and privacy in the new Microsoft Edge browser
There's a new version of Microsoft Edge in town based on Chromium. Here's how to manage the browser's security and privacy settings.
Finally, the world is getting concerned about data privacy
Consumers and employees are finally becoming more sensitive to the privacy of their data. As technology leaders it's worth getting ahead of this trend.
Is your firmware vulnerable to attack? A report says it might be
Unsigned firmware in WiFi adapters, USB hubs, trackpads, and other devices can be compromised by hackers, says enterprise firmware security company Eclypsium in a new report.
Mac attacks on the rise
Cyberattacks on Mac endpoints nearly doubled over those on Windows for the first time, according to the 2020 State of Malware Report.
Python, microservices, and more tech trends for 2020, according to O’Reilly
Interest in Kubernetes is increasing, and DevOps is losing steam, based on O'Reilly survey findings.
How to report a phishing or spam email to Microsoft
Microsoft can analyze dangerous emails to determine why those messages made it past your spam filters.
MIT finds massive security flaws with blockchain voting app
Researchers say hackers can alter, stop, or expose how an individual user has voted through the Voatz app.
Voatz defends blockchain solution for its voting via app
The for-profit company wants to make absentee voting easier for members of the military, people with disabilities, and older adults, but its biggest test included only 15,000 voters.
Cybercriminals flooding the web with coronavirus-themed spam and malware
Hackers have expanded their exploitation of the outbreak fears with hundreds of scams and operations.
How banks can protect their customers from coronavirus-themed phishing emails
The coronavirus, which has already led to the deaths of more than 1,000 people, is a topic that scammers are corrupting for their own purposes.
Android facial recognition is more secure than you think
After running real-world tests of Android's facial recognition on a Pixel 4, Jack Wallen shares his theory of why some people are so concerned about facial recognition.
Man tries to sell Jimmy Wales on blockchain for Wikipedia’s security problems–Wales doesn’t buy it
Commentary: It takes hubris to tell Jimmy Wales, the founder of Wikipedia, how to store data.
IoT device security: 5 tips for enterprises
There are now billions of IoT devices in businesses across the world, prompting the need for increased security measures to protect them.
Key components of the CEO’s agenda for the digital enterprise
CEOs are generally from a finance/business track, rather than a technology one--why their traditional agenda and practices must change.
Report: 9 times out of 10, hackers can attack website visitors
A Positive Technologies study finds 82% of web application vulnerabilities lie in the source code.
Only 17% of global organizations are considered cyber resilience “leaders”
New Accenture study says organizations need to think beyond securing just their own enterprises and take better steps to secure their vendor ecosystems.
Chinese cyber criminals are getting more organized and dangerous
Hackers are adopting organized crime tactics to make billions from victims all over the globe.
Why password management is critical to mitigating data breaches
The Identity Theft Resource Center warns that businesses of all sizes should be vigilant about data security. The COO offers advice about passwords, cloud security, and patch management.
Data breaches up 17% in 2019 over previous year
The Identity Theft Recource Center warns that businesses of all sizes should be vigilant about data security.
Cloud computing security: These two Microsoft tools can help you battle shadow IT
Finding what cloud services employees are using is only half the battle: integrating Microsoft Cloud App Security and Defender Advanced Threat Protection means you can track, block or audit cloud app usage.
How to gain more control over DNS with NextDNS: 5 steps
As an alternative to an on-site DNS server, this cloud-hosted DNS service lets you block, filter, and analyze activity across your network and devices.
Security and disaster recovery are priorities when choosing data center provider
Security and compliance are key factors to consider when outsourcing your data center, according to a report from data center provider US Signal.
51% say automation will result in job loss for IT security pros
Security automation will reshape hiring trends in both the US and the UK, according to a new report.
PayPal tops the list of most impersonated brand in phishing attacks
Facebook impersonations came in second place among phishing campaigns, followed by Microsoft, said email security firm Vade Secure.
IBM X-Force Threat Index finds Google, Apple, Amazon are most often spoofed
Attacks on industrial control systems are up and code for banking trojans and ransomware is evolving the fastest.
Kubernetes rollouts: 5 security best practices
If you don't follow these Kubernetes deployments security best practices from Portshift, your containers, their underlying technologies, and your data could be at risk.
How some presidential campaigns use DMARC to protect their domains from being spoofed
DMARC can prevent spammers from using a trusted domain name to send junk mail, a useful tactic for the presidential campaigns and for your organization, according to security provider Valimail.
13 tips to avoid Valentine’s Day online romance scams
Scammers use dating sites to try to build relationships with people to get money or personal information. Here are 13 tips to protect yourself.
Global shipping industry attacked by coronavirus-themed malware
Hackers are using malicious emails about the coronavirus to trick people with a malware called AZORult.
How to protect your privacy on an iOS device
Learn how to keep your iOS devices--and your data--secure with these iOS 13 privacy settings and Apple resources.
Hackers imitating CDC, WHO with coronavirus phishing emails
Cybercriminals are now using fears over the outbreak to steal email credentials, security officials say.
How Shadow IT could put your organization at risk
Employees who create external accounts but use them internally pose a risk to your security, says password manager company 1Password.
The most overhyped, and most significant, tech trends of 2020
A survey of IT professionals finds AR and 5G bust for 2020, machine learning and DevOps on top.
How to use 7zip to encrypt files
If you need strong command line encryption on Linux, look no further than 7zip.
The postmortem: Shadow took lots of shortcuts with Iowa 2020 caucus app
Extreme delays in reporting results shows "move fast and break things" is the wrong approach for election infrastructure, developers and business leaders say.
Why shortcuts lead to failure: Lessons from app disaster in Iowa
Quality control and standard software dev process could have prevented extended delays in reporting the results of the 2020 Iowa Caucus.
Beware of malware disguised as Oscar-nominated movies including Joker and Parasite
Joker was the hottest film among cybercriminals with 304 malicious files named after Batman's arch-nemesis, says security firm Kaspersky.
IoT is a gold mine for hackers using fileless malware for cyberattacks
Data exposure is one of the biggest threats from attacks on IoT devices. A new report recommends a shift to perimeter-less security strategies.
Tips on keeping a Google Photos-type video bug from impacting cloud-based files
The private videos of some Google Photos users were accidentally shared with other people. Here's how to secure online files to protect them from exposure.
Report: Smart bulbs have a major security problem
Many Philips Hue smart light bulbs have a firmware flaw that leads hackers into an entire network, Check Point Research found.
How to defend your organization against the latest malware, botnets and security exploits
Though the fourth quarter of 2019 saw a decrease in malicious activity, threats such as the Emotet malware continued to thrive, says Nuspire.
How to protect your organization from infrastructure as code security risks
Infrastructure as code offers advantages in automating your data center management but also carries certain risks, says Unit 42, the global threat intelligence team at Palo Alto Networks.
Why certain companies are more heavily targeted by DDoS attacks
Most of the targets in 2019 were in the gaming and gambling industries, says security company Imperva.
How to sign up for Firefox breach alerts
Mozilla offers users a service that will send alerts for account breaches associated with email addresses. Find out how to use Firefox Monitor.
Why many security pros lack confidence in their implementation of Zero Trust
Almost half of security professionals don't know where or how to use Zero Trust policies in a hybrid IT environment, says a survey commissioned by security provider Pulse Secure.
Untested app and no training for volunteers are fatal in Iowa caucus
HR experts and tech leaders say organizations that skip training during a tech transition almost always pay a high price.
4 key trends to hit the cybersecurity industry in 2020
Get ready for consolidation risk, microbreaches, and other cybersecurity hazards, warn experts from Mimecast, the Cyber Resilience Think Tank.
3D map shows how the coronavirus spread worldwide
A UN aviation agency uses GIS software to track transmission lines while 20 US airports set up screening centers.
Phishing tournament finds employees falling prey to malicious emails
The Gone Phishing Tournament tested how susceptible people are to opening fraudulent emails and entering their login information.
Hackers using coronavirus scare to spread Emotet malware in Japan
Cybercriminals are using global fears about the virus to spread the Emotet trojan.
Super Bowl 54: How 5G will help keep fans safe at the game
High-tech security features will help keep 49ers and Chiefs fans safe during Super Bowl weekend in Miami.
Ashley Madison breach victims have more to worry about
Five-year old data from the site's breach is at the center of a new cryptocurrency ransom campaign, and it may be the beginning of a new trend.
How to change iOS 13 settings for better security
Learn how to secure your iOS 13 devices and protect your privacy by tweaking the default settings.
How to avoid the mistakes made in the UN data breach
Falling prey to a hacker because it neglected to properly patch its systems, the United Nations also failed to publicly disclose the hack. Here's how your organization can avoid the same mistakes.
How organizations should handle data breaches
How an organization handles a breach can be just as critical as protecting against one, according to Security.org.
Top 10 tech policy trends to watch in 2020
Given the tech industry's poor track record of protecting users data and controlling its environmental impact, regulators around the globe are stepping into the void.
97 of the world’s 100 largest airports have massive cybersecurity risks
An investigation of airport cybersecurity found glaring gaps in security for web and mobile applications, misconfigured public clouds, Dark Web exposure and code repositories leaks.
How to enable facial recognition in the BitWarden mobile password manager
The latest version of the BitWarden Android client supports facial recognition. Find out how to enable it.
Snowflake is the Linux SSH GUI you didn’t know you needed
Is a Linux SSH GUI in your future? Jack Wallen believes once you try Snowflake, there's no going back.
Data Privacy: Top trends to watch in 2020
Data privacy is an increasing concern for companies and individuals. Learn more about what's on the landscape for 2020.
Cyberattacks against endpoints rising, reaching $9 million per attack in 2019
Attacks against endpoints have become more costly, up more than $2 million since 2018.
C-suite unprepared for NotPetya and other extinction-level cyberattacks
Many executives either don't know what their company's cyber defense is, lack budget, or spend too much time analyzing rather than taking action.
Security admins checklist: 10 tasks to perform every year
Here are 10 important tasks security administrators should perform to keep devices protected and secure.
Okta ranks the most popular and fastest-growing apps in the enterprise
Okta's annual study shows companies investing in apps and tools focused on security, data, and app development; favorites include GitHub and Zoom.
Risk managers: Here are the must-have skills for 2020
The risk management field is growing more challenging as threats evolve. How will these changing threats affect your organization in 2020?
What’s your organization’s cybersecurity strategy?
Take this quick, multiple choice survey and tell us about your company's cybersecurity strategies for the upcoming year.
Hackers targeting Arabic-speaking countries with malicious Microsoft Office documents
Cybercriminals created a homemade RAT that uses multiple cloud services and targets countries like Saudi Arabia, Iraq, Egypt, Libya, Algeria, and Morocco.
How to set up secure credential storage for Docker
Learn how to avoid saving your Docker login credentials in plain text by creating an encrypted credential storage.
How to protect previous Firefox tabs from being hijacked
Learn how to secure Firefox tabs from mischief with the Don't Touch My Tabs add-on.
5G promises faster speeds and greater security risks
TechRepublic's Karen Roby talks with Radware exec Mike O'Malley about the growing security risks that accompany 5G for providers, smart cities, and the enterprise.
Why many small and midsized businesses remain vulnerable to cyberattack
Budget limitations and a lack of knowledge or training are two major factors hurting many SMBs, according to a survey from Untangle.
How to protect your organization against targeted phishing attacks
Companies should realize that any user could be a target and use threat data to build a security awareness training program, says Proofpoint.
3 biggest threats cybersecurity professionals are facing in 2020
Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat.
Analysts question whether FBI election cybersecurity changes are robust enough
New guidelines show how the agency will coordinate with state officials in the event of a cyberattack on election infrastructure.
Email malware targets U.S. senator and military
The cybercriminals behind the powerful banking malware have turned their attention to government targets like Sen. Cory Booker.
Bug bounties won’t make you rich (but you should participate anyway)
Commentary: There's a lot of hype about bug bounties, but here's some truth.
iOS-based devices: Zero-touch management essentials
Managing multiple devices can be a full-time job. With a few tools in your arsenal, you can optimize mobile devices for zero-touch management.
Windows 7 remains an albatross at many large organizations
Among 60,000 large companies analyzed by security ratings company BitSight, almost 90% still have Windows 7 PCs in their environment.
How to use a physical security key to sign into supported websites
A security key is a good option to use for two-factor authentication when logging into certain websites.
If you don’t like your browser, why won’t you change to a different one?
Commentary: Users tend to stick with their preferred browser even when it works poorly for them.
How to access your 2FA Docker Hub account from the command line
With 2FA enabled on your Docker Hub account, you'll find you cannot access it with your user password from within the CLI. Jack Wallen shows you how to make this work.
This new startup aims to make developers love security
Commentary: As more workloads move to the cloud, developers need help with security. Find out how the startup Cyral is helping to improve data security in the cloud.
Why baby boomers are looking to IoT and analytics to stay safe
IoT security is becoming a top-of-mind priority in the personal care industry. Essence group believes it has the solution and had it on display at CES 2020.
Why blockchain-based cybersecurity may be the answer for vulnerable IoT networks
CES 2020: A "hacked" robot was on display to demonstrate how SigmaDots serverless architecture is poised to fend off IoT security threats.
How to protect your organization and employees from conversation hijacking
By inserting themselves into business emails among employees, cybercriminals can trick victims into wiring money or sharing payment information, says security firm Barracuda Networks.
These subject lines are the most clicked for phishing
The most successful email lures don't promise riches, but issue imminent cybersecurity warnings or urgent office messages, a report reveals.
How a researcher exploited the Windows 10 bug patched by Microsoft
Security researcher Saleem Rashid "rickrolled" himself to show that the bug could be exploited in the real world to spoof security certificates on machines without Microsoft's patch.
How to add a host to Observium
Now that you have the Observium network monitoring platform installed, it's time to add a host.
How to better protect your organization’s most valuable data
Many organizations underestimate the value of their data to skilled and organized cybercriminals, said security provider eSentire.
Why Google plans to cut off support for third-party cookies in Chrome
Google is aiming to phase out third-party cookies in Chrome in two years, but that will have to prove palatable to users, publishers, and advertisers.
How to disconnect devices and revoke app privileges from your Firefox cloud account
You'll be surprised at how many devices, apps, and services are associated with your Firefox cloud account. Find out how to remove them.
Microsoft rolls out patch for serious Windows bug highlighted by NSA
Designed to exploit a vulnerability in Windows 10 and Windows Server 2016 and 2019, the bug could allow an attacker to remotely access and control an infected computer.
Why corporate boards are unprepared to handle cybersecurity risks
A new report recommends that corporate boards answer four key questions on a regular basis to guide cybersecurity governance.
CES 2020 roundup: All the business tech news you need to know
CES was more exciting than ever this year. Key topics included 5G, AI, IoT, robotics, Wi-Fi 6, edge computing, automation, blockchain, quantum computing, privacy, AR, and VR.
How to protect your Windows 7 computers and data after Microsoft cuts off support
With no bug fixes or patches available for Windows 7 after Jan. 14, Veritas CIO John Abel offers tips to safeguard the PCs in your organization.
What to do if you’re still running Windows 7
Your best bet is to finish a migration to Windows 10 ASAP, but there are other options in the interim, says content delivery company Kollective.
December’s Most Wanted Malware: Greta Thunberg-themed spam used to spread Emotet
Check Point's December 2019 Index finds Emotet as lead malware for the third month in a row, spreading email spam, some which alleged support of the teen activist.
CES 2020: Why HBO wants us to think twice about data privacy
A Westworld-themed experience gave attendees a creepy glimpse into tech consequences of the future.
CES 2020: Biggest tech trends spotted for business pros
From analytics and AI to 5G and Wi-Fi 6, here's all the enterprise tech that took center stage at CES 2020.