Security News

Latest stories from HelpNetSecurity
  1. Achieve globally recognized ISO 27001 qualifications by learning from experienced practitioners. Get practical and interactive instruction with classroom and live and online training from Foundation level through to Lead Implementer or Lead Auditor qualifications.
  2. Training employees to spot phishing emails, messages and phone calls can’t be done just once or once a year if the organization wants to see click rates decrease. For one thing, employees come and go (and change roles) with regularity. Secondly, threats change over time. Thirdly, knowledge and practices that aren’t regularly reinforced will be lost. And, finally, awareness isn’t the same as knowledge. “Just knowing a threat exists isn’t the same as knowing how … More
  3. Cybercrime costs businesses close to $600 billion, or 0.8 percent of global GDP, which is up from a 2014 study that put global losses at about $445 billion, according to a report by McAfee, in partnership with the Center for Strategic and International Studies (CSIS). Adopting new technologies The report attributes the growth over three years to cybercriminals quickly adopting new technologies, the ease of engaging in cybercrime – including an expanding number of cybercrime … More
  4. Cisco offers cloud-based endpoint security solutions for MSSPs Cisco is offering MSSPs security, visibility, and control of customer endpoints. Their endpoint security portfolio includes: Cisco AMP for Endpoints, Cisco Umbrella, and Meraki Systems Manager to offer protection against advanced malware and threats. AMP for Endpoints prevents breaches and blocks malware at the point of entry, then continues to watch, analyze, and record file activity, regardless of the file’s disposition. Cisco Umbrella blocks requests to malicious … More
  5. Over one-third of all security incidents start with phishing emails or malicious attachments sent to company employees, according to F-Secure. Types of attacks The single most common source of breaches analyzed in the report was attackers exploiting vulnerabilities in an organization’s Internet facing services, which accounted for about 21 percent of security incidents investigated by F-Secure’s incident responders. Phishing and emails with malicious attachments together accounted for about 34 percent of breaches, which F-Secure Principal … More
  6. Trend Micro has plugged a bucketload of vulnerabilities in its Email Encryption Gateway, some of which can be combined to execute root commands from the perspective of a remote unauthenticated attacker. The Trend Micro Encryption for Email Gateway (TMEEG) is a Linux-based software solution/virtual appliance that provides the ability to perform the encryption and decryption of email at the corporate gateway, regardless of the email client and the platform from which it originated. “The encryption … More