The Windows 10 security guide: How to safeguard your business
Featured Stories
Articles about Security
More than 1 in 3 people have tried to guess someone else's password: 3 in 4 succeed
According to a new study, one in 10 people believe someone could guess their password by looking through their social media.
This cryptocurrency miner is exploiting the new Confluence remote code execution bug
It didn't take long for CVE-2021-26084 to be added to exploit kits.
Microsoft Autodiscover abused to collect web requests, credentials
Researchers were able to exploit a protocol design feature on a vast scale.
DDoS attacks are becoming more prolific and more powerful, warn cybersecurity researchers
A report warns about a rise in DDoS attacks as cyber criminals get more creative with ways to make campaigns more disruptive.
This phishing-as-a-service operation is responsible for many attacks against businesses, says Microsoft
A phishing operation hides in plain sight and turns credential theft into a consumer product.
RCE is back: VMware details file upload vulnerability in vCenter Server
Once again, if a malicious actor can hit port 443 on vCenter Server, it's goodnight nurse.
Democracy advocate finds internet freedom has declined globally for 11th consecutive year
A non-government organisation says internet freedom globally has deteriorated as more countries have pursued new rules for tech companies on content, data, or competition over the past year.
Chrome willing to take performance hit to prevent use-after-free bugs
Various attempts will be made in the browser to make memory handling safer.
Zoom's $14.7 billion deal for Five9 under US national security review
A government review into the Zoom-Five9 deal will result in the deal's application for approval being halted for the time being.
After ransomware attack, company finds 650+ breached credentials from NEW Cooperative CEO, employees
According to FYEO, "chicken1" was used over 10 times by employees at the company.
US Treasury Dept. sanctions Russian cryptocurrency exchange for work with ransomware groups
Russia-based cryptocurrency exchange Suex was sanctioned for its role in facilitating massive ransomware transactions.
Google unveils results of DevOps report, finding increase in public cloud use
More than half of all respondents said they used a public cloud, a 5% bump compared to 2019, and 21% additionally said they deploy multiple public clouds.
Users increasingly willing to abandon digital platforms that demand personal info, stringent passwords and time-consuming forms: study
Nearly 80% of respondents to a Ping Identity survey said they have abandoned or stopped creating an online account for a variety of reasons.
Nutanix announces new features for Cloud Platform
Nutanix is launching AOS version 6, Nutanix Era and other new tools to help customers manage data and build out software-defined data centers.
Multi-party breaches cause 26-times the financial damage of the worst single-party breach: Report
The researchers found that when a ripple event triggers a loss of income, it can lead to losses of $36 million per event.
iVerify (version 17)
Everyhting you need to know about iOS and iPadOS securoty, all in one place.
OnlyKey hardware security key
This is the ultimate security key for professionals.
SoloKeys Solo V2
Durable, fully reversible connectors, encapsulated in epoxy resin, and with updatable firmware.
iVerify: Added security for iPhone and iPad users
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download.
iStorage datAshur BT hardware encrypted flash drive
FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.
Netgear BR200 small-business router
The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be managed from anywhere you have an internet connection.
YubiKey 5C NFC: The world’s first security key to feature dual USB-C and NFC connections
The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ports or NFC.
Apricorn Aegis Secure Key 3NXC
The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have been asking for -- USB-C support.
YubiKey 5Ci Clear Limited Edition
Transparency in security.
Certo AntiSpy iPhone Spyware Detection
Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion.
Android Smart Lock -- in pictures
Would you like to spend less time unlocking your Android smartphone? Android has you covered.
Inside an encrypted external hard drive -- in pictures
Quite a few readers have expressed an interest in seeing what's inside a super-secure DataLocker DL3 encrypted hard drive. Well, let's get the screwdrivers out and take a look!
DataLocker DL3 in pictures
External hard drive featuing AES 256-bit XTS mode encryption and a built-in LCD keypad.
The worst IoT, smart home hacks of 2020 (so far)
Millions of us have adopted smart home and IoT devices, but these products continually prove themselves to be vulnerable endpoints. Here are some of the most noteworthy IoT cyberattack examples of this year.
DataLocker Sentry K300 encrypted micro SSD in pictures
Time to dump those cheap dollar-store flash drives, or the ones you picked up at a trade show and get a encrypted micro USB SSD that would impress James Bond.
What's worse: A terabit DDoS attack or triple extortion ransomware?
Tonya Hall asks Richard Hummel, manager at Netscout, about the latest cyberattack trends and why the number has skyrocketed.
No ads, no trackers: Former Google executives launch alternative search engine
Tonya Hall talks to Dr. Sridhar Ramaswamy, CEO and Co-founder at Neeva, about how a subscription-based search engine protects users' privacy and deliver better results.
Verizon plans to fight quantum attacks with these 'quantum-safe' VPNs
Daphné Leprince-Ringuet says quantum computers are a major threat to security protocols, but Verizon claims this 'quantum-safe' VPN is future-proof. Read more: https://zd.net/3hyWPOi
Digital ID systems present new opportunities – and new threats
ZDNet Security Update: Danny Palmer talks to the Alan Turing Institute's Prof. Carsten Maple about the increased use of digital identity systems such as vaccine passports -- and what's required to make them trustworthy and secure.
How not to get hacked: 3 dangerous security mistakes to avoid
Danny Palmer tells Beth Mauder about three things you should be doing to keep your online accounts secure from cyber criminals. Read more: https://zd.net/3njaVr4
cDc: Hacktivism and the origins of cybersecurity
Tonya Hall talks to Joseph Menn, author and investigative tech reporter at Reuters, about the influential Cult of the Dead Cow hacking group.
Stress in cybersecurity – why overworking information security staff is bad for everyone
ZDNet Security Update: Danny Palmer talks to John Donovan, CISO at Malwarebytes about the impact stress has on information security teams and how to help improve well-being of employees.
Why this updated ransomware-as-a-service scheme could be the next major threat to your network
Danny Palmer tells Beth Mauder about LockBit ransomware and how aggressive new techniques mean it's becoming a potent cyber threat. Read more: https://zd.net/3Btcs1n
Surfshark VPN: Everything you should know
ZDNet sits down with Surfshark's CMO, Regimantas Urbanas, to learn more about what Surfshark offers that other VPNs do not, general VPN usage tips, and how the company looks to attract new and experienced VPN users. Read more: https://zd.net/3ynvR1J
Securing a system from inception can help it survive cyberattacks
Tonya Hall asks Dr. Ron Ross, computer scientist and fellow at NIST, what does a security by design mindset imply for companies.
The ransomware threat is growing: What needs to happen to stop attacks getting worse?
ZDNet Security Update: Danny Palmer talks to Theresa Payton, CEO of Fortalice Solutions and former CIO at The White House, about the problem of ransomware and the disruption it could cause if we don't act now.
Ransomware: To pay or not to pay? That's the question
Tonya Hall interviews Adam Flatley, director of threat intelligence at Redacted Inc., about the options businesses have when facing a ransomware attack.
Ransomware: Moving from defense to offense
Tonya Hall talks to Adam Flatley, director of threat intelligence at Redacted Inc.,about what has been missing in anti-ransomware plans.
ExpressVPN: Everything you need to know
ZDNet sits down with ExpressVPN's chief architect, Peter Membrey, to learn about some of the new features available on Lightway, what ExpressVPN offers as a service, and why individuals need to be using a VPN when they're online. Read more: https://zd.net/3yUG0nT
Ransomware is a big cybersecurity problem: Why and what needs to be done to stop it?
ZDNet Security Update: Danny Palmer talks to John Hultquist, VP of analysis at Mandiant Threat Intelligence, about ransomware attacks and how to fight back against cyber criminals.
Top Stories
-
![This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft]()
Security
This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft
-
![Trust, but verify: An in-depth analysis of ExpressVPN's terrible, horrible, no good, very bad week]()
Security
Trust, but verify: An in-depth analysis of ExpressVPN's terrible, horrible, no good, very bad week
-
![T-Mobile hack: Everything you need to know]()
Security
-
![Google: This major privacy change is coming to billions of Android devices soon]()
Security
Google: This major privacy change is coming to billions of Android devices soon
-
![iOS 15 lets you spy on apps that might be spying on you]()
Security