The Windows 10 security guide: How to safeguard your business
Featured Stories
Articles about Security
NSW will not use iVote again for elections until 'extensive reconfiguration' is made
The NSWEC has sent iVote to the bench as it works to rectify the system's issues by next year's state general election.
OAIC wants stronger accountability measures in upcoming revised Privacy Act
Australia's Information Commissioner has called for a positive duty on organisations to handle personal information fairly and reasonably in light of the federal government considering amendments to the Privacy Act.
Crypto.com pauses withdrawals and resets 2FA following suspicious activity
12-hour pause after users complained their accounts were being drained.
Singapore cautions against marketing of cryptocurrency services to public
Monetary Authority of Singapore warns again about the high risks involved in cryptocurrency trading and instructs providers of such services not to publicly promote or advertise their offerings, as doing so may encourage consumers to trade on impulse.
Linux malware is on the rise. Here are three top threats right now
Internet of Things devices are driving up the number of Linux malware variants.
NYC school platform outage complicating COVID-19 tracing efforts
Illuminate Education said it is "working to restore service as soon as possible" after a security incident shut down the platform.
2G's security weaknesses are still a problem, even for modern phones
EFF urges Apple to follow Google and give smartphone users the option to dodge 2G.
DHL, Microsoft, WhatsApp top phishing list of most imitated brands
Google, LinkedIn and Amazon also ranked highly on Check Point Research's list.
For security alone, we could try paying open source projects properly
Instead of running around like headless chooks because a widely used piece of open source software is maintained by volunteers and has a massive hole in it, imagine paying someone to look after such software properly.
Microsoft says 'destructive malware' being used against Ukrainian organizations
Security teams at Microsoft said the malware first appeared on victim systems in Ukraine on January 13.
Moscow court charges 8 alleged REvil ransomware hackers
Russian law enforcement officials said they initially detained 14 people during a series of raids across the country this week.
White House confirms person behind Colonial Pipeline ransomware attack nabbed during Russian REvil raid
Russian officials arrested 14 alleged members of the REvil ransomware group on Friday.
Private Internet Access review: An inexpensive, flexible, and powerful VPN service
Overall, we were impressed with Private Internet Access -- as long as you're not trying to connect to India. It's well worth taking a look.
Ukraine says more than 70 government websites were defaced, 10 were subjected to 'unauthorized interference'
Ukraine denied that any data was stolen during the attack and said there are signs that hackers associated with "Russian secret services" were behind the incident.
Attack Surface Management: Where is the market going?
Adopters of ASM solutions praise the increased visibility, time savings, and risk prioritization it provides.
Yubikey Security Key C NFC
And there's a lot to like about the Yubikey Security Key C NFC, all for $29.
First look at the YubiKey Bio
YubiKey Bio builds biometric authentication into a security key
iVerify (version 17)
Everyhting you need to know about iOS and iPadOS securoty, all in one place.
OnlyKey hardware security key
This is the ultimate security key for professionals.
SoloKeys Solo V2
Durable, fully reversible connectors, encapsulated in epoxy resin, and with updatable firmware.
iVerify: Added security for iPhone and iPad users
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download.
iStorage datAshur BT hardware encrypted flash drive
FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.
Netgear BR200 small-business router
The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be managed from anywhere you have an internet connection.
YubiKey 5C NFC: The world’s first security key to feature dual USB-C and NFC connections
The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ports or NFC.
Apricorn Aegis Secure Key 3NXC
The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have been asking for -- USB-C support.
YubiKey 5Ci Clear Limited Edition
Transparency in security.
Certo AntiSpy iPhone Spyware Detection
Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion.
Android Smart Lock -- in pictures
Would you like to spend less time unlocking your Android smartphone? Android has you covered.
Inside an encrypted external hard drive -- in pictures
Quite a few readers have expressed an interest in seeing what's inside a super-secure DataLocker DL3 encrypted hard drive. Well, let's get the screwdrivers out and take a look!
DataLocker DL3 in pictures
External hard drive featuing AES 256-bit XTS mode encryption and a built-in LCD keypad.
Hackers are stealing millions from banks by exploiting old Java systems
Danny Palmer lays bare the tools and techniques of criminal hacking group Elephant Beetle – and what must be done to stop them. Read more: https://zd.net/3FlhdM2
The biggest cybersecurity exploits of 2021 are not done with you
ZDNet's Danny Palmer reviews some of the biggest incidents in cybersecurity of the last 12 months and the impact that they continue to have.
Why burnout leads to bad decisions and cybersecurity risks
Danny Palmer tells Beth Mauder how burnout leads to a greater risk from cyber attacks – especially if cybersecurity staff are the ones burned out. Read more: https://zd.net/3qjXqaq
The threat from hackers is getting worse – and ignorance isn't an excuse for boardrooms any more
ZDNet Security Update: Danny Palmer talks to MIT's Professor Stuart Madnick about the continued growth of cyber attacks, why there's still so many misunderstandings around cybersecurity – and what has to happen to fix the problem.
Log4j: It's bad and it's only going to get worse
Here's what you need to know about the biggest security story this year and what you need to do now to try to protect yourself in the chaos to come. Read more: https://zd.net/3ysupwN
How to solve the cybersecurity skills shortage
ZDNet Security Update: Danny Palmer talks to Veracode's Chris Wysopal about the high demand for cybersecurity staff and what needs to be done to fill the vacancies.
Cybercrime college: Dark web courses teach wannabe hackers how to build botnets
Danny Palmer tells Beth Mauder about the rise in cyber criminals offering online courses in cyber crime and what it means. Read more: https://zd.net/31eIuBH
BEC and romance scams: How to protect your business
ZDNet Security Update: Danny Palmer talks Cofense's Ronnie Tokazowski about the highly lucrative cyber criminal world of BEC scams and why attacks have become so hard to defend against.
Inside a cyber mercenary operation: Hacking victims around the world
Danny Palmer tells Beth Mauder about Void Balaur, a hacker-for-hire group which has been used to target politicians, journalists, human rights activists, doctors, and more. Read more: https://zd.net/3DlFb9F
Inside a ransomware gang: Beware these aggressive tactics
ZDNet Security Update: Danny Palmer talks to Mandiant's Kimberly Goody about the rise of a notorious ransomware group and how to protect against attacks.
This is ransomware's golden age: How to bring it to an end
Danny Palmer tells Beth Mauder about the findings of a new report which says we're in a 'golden era' for ransomware. Read more: https://zd.net/3EFFigt
Why the same old cyber attacks are still so successful and what needs to be done to stop them
ZDNet Security Update: Danny Palmer talks to Admiral Michael S. Rogers, Operating Partner at Team8 and former Director of the NSA and US Cyber Command, about cyber threats and the action needed to fight them.
This is what happens when you're hit by a ransomware attack
ZDNet Security Update: Danny Palmer talks to Ed Williams, Director of SpiderLabs EMEA at Trustwave, about how cyber criminals get into networks and what they actually do once inside.
Why hackers are targeting web servers with malware and how to protect yours
ZDNet Security Update: Danny Palmer talks to Zuzana Hromcová, malware researcher at ESET about the anatomy of powerful cyber attacks against web server software and how to protect against these threats.
Data breach reporting deadlines: Are they realistic?
Tonya Hall asks Matt Bradley, vice president at OnSolve, how artificial intelligence can help companies manage data breaches and other critical events.
Top Stories
-
![This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft]()
This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft
Security
-
![Second Log4j vulnerability discovered, patch already released]()
Second Log4j vulnerability discovered, patch already released
Security
-
![Log4j RCE activity began on December 1 as botnets start using vulnerability]()
Log4j RCE activity began on December 1 as botnets start using vulnerability
Security
-
![Rust takes a major step forward as Linux's second official language]()
Rust takes a major step forward as Linux's second official language
Enterprise Software
-
![Security warning: New zero-day in the Log4j Java library is already being exploited]()
Security warning: New zero-day in the Log4j Java library is already being exploited
Security