The Windows 10 security guide: How to safeguard your business
Featured Stories
Articles about Security
Inman Grant's reappointment as eSafety commissioner comes with new powers
With the Online Safety Act now in effect, the eSafety commissioner can order social media platforms to more expeditiously take down cyberbullying content.
She didn't trust her movers. A single Apple AirTag proved she was right
AirTags are being used for all sorts of evil purposes. They're also proving to be very useful for many people.
Crypto.com CEO responds to complaints of login issues after $31 million hack
Thousands of Crypto.com users complained that they were unable to get back into their accounts after the hack last week.
Enjoy a lifetime of skills training, ad-free documentaries and VPN protection for $199
Leverage your increased time at home into better entertainment, skills training for a better future, and the peace of mind a powerful VPN can bring.
Log4J: Microsoft discovers attackers targeting undisclosed SolarWinds vulnerability
Microsoft said it discovered previously undisclosed issues with the SolarWinds Serv-U software while looking for Log4J vulnerabilities.
CISA adds 13 exploited vulnerabilities to list, 9 with Feb. 1 remediation date
CISA urged federal civilian agencies to address 9 vulnerabilities within the next two weeks.
Log4J: Attackers continue targeting VMware Horizon servers
VMware has urged customers to apply the latest guidance as a way to resolve vulnerabilities CVE-2021-44228 and CVE-2021-4504.
FAQ: What's happening with 5G and airport safety?
There are legitimate concerns about the use of C-Band 5G near certain kinds of airplanes. Here's what we know so far.
After ransomware arrests, some dark web criminals are getting worried
Analysis of dark web chatter suggests that some ransomware affiliates worry law enforcement might come for them next.
Nasty Linux kernel bug found and fixed
A heap overflow bug was recently discovered in the Linux kernel. The patch is available now in most major Linux distributions.
FBI warning: This new ransomware makes demands of up to $500,000
FBI finds Diavol ransomware uses the same method to fingerprint victim machines as Trickbot and Trickbot-related Anchor DNS malware.
Chinese APT deploys MoonBounce implant in UEFI firmware
The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware.
Amazon fake crypto token investment scam steals Bitcoin from victims
Criminals are peddling the idea of a new Amazon cryptocurrency token to swindle victims.
Crypto.com confirms 483 users hit in attack that saw over $31m in coins withdrawn
Around $14 million in ether, just over $17 million in bitcoin, and $66,200 in other cryptocurrencies withdrawn during the incident.
Commercial surveillance the more immediate problem for citizens: Home Affairs chief
Mike Pezzullo says Australia needs a broad societal discussion about privacy, but government spying will always be more restricted. Meanwhile, our surveillance laws need bulldozing and a complete rebuild.
Yubikey Security Key C NFC
And there's a lot to like about the Yubikey Security Key C NFC, all for $29.
First look at the YubiKey Bio
YubiKey Bio builds biometric authentication into a security key
iVerify (version 17)
Everyhting you need to know about iOS and iPadOS securoty, all in one place.
OnlyKey hardware security key
This is the ultimate security key for professionals.
SoloKeys Solo V2
Durable, fully reversible connectors, encapsulated in epoxy resin, and with updatable firmware.
iVerify: Added security for iPhone and iPad users
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download.
iStorage datAshur BT hardware encrypted flash drive
FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.
Netgear BR200 small-business router
The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be managed from anywhere you have an internet connection.
YubiKey 5C NFC: The world’s first security key to feature dual USB-C and NFC connections
The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ports or NFC.
Apricorn Aegis Secure Key 3NXC
The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have been asking for -- USB-C support.
YubiKey 5Ci Clear Limited Edition
Transparency in security.
Certo AntiSpy iPhone Spyware Detection
Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion.
Android Smart Lock -- in pictures
Would you like to spend less time unlocking your Android smartphone? Android has you covered.
Inside an encrypted external hard drive -- in pictures
Quite a few readers have expressed an interest in seeing what's inside a super-secure DataLocker DL3 encrypted hard drive. Well, let's get the screwdrivers out and take a look!
DataLocker DL3 in pictures
External hard drive featuing AES 256-bit XTS mode encryption and a built-in LCD keypad.
Let's talk about how companies track your data across the internet
ZDNet Security Update: Danny Palmer talks to Oxford University's Dr. Carissa Véliz about the data economy, surveillance, online privacy -- and what you can do to fight back.
Hackers are stealing millions from banks by exploiting old Java systems
Danny Palmer lays bare the tools and techniques of criminal hacking group Elephant Beetle – and what must be done to stop them. Read more: https://zd.net/3FlhdM2
The biggest cybersecurity exploits of 2021 are not done with you
ZDNet's Danny Palmer reviews some of the biggest incidents in cybersecurity of the last 12 months and the impact that they continue to have.
Why burnout leads to bad decisions and cybersecurity risks
Danny Palmer tells Beth Mauder how burnout leads to a greater risk from cyber attacks – especially if cybersecurity staff are the ones burned out. Read more: https://zd.net/3qjXqaq
The threat from hackers is getting worse – and ignorance isn't an excuse for boardrooms any more
ZDNet Security Update: Danny Palmer talks to MIT's Professor Stuart Madnick about the continued growth of cyber attacks, why there's still so many misunderstandings around cybersecurity – and what has to happen to fix the problem.
Log4j: It's bad and it's only going to get worse
Here's what you need to know about the biggest security story this year and what you need to do now to try to protect yourself in the chaos to come. Read more: https://zd.net/3ysupwN
How to solve the cybersecurity skills shortage
ZDNet Security Update: Danny Palmer talks to Veracode's Chris Wysopal about the high demand for cybersecurity staff and what needs to be done to fill the vacancies.
Cybercrime college: Dark web courses teach wannabe hackers how to build botnets
Danny Palmer tells Beth Mauder about the rise in cyber criminals offering online courses in cyber crime and what it means. Read more: https://zd.net/31eIuBH
BEC and romance scams: How to protect your business
ZDNet Security Update: Danny Palmer talks Cofense's Ronnie Tokazowski about the highly lucrative cyber criminal world of BEC scams and why attacks have become so hard to defend against.
Inside a cyber mercenary operation: Hacking victims around the world
Danny Palmer tells Beth Mauder about Void Balaur, a hacker-for-hire group which has been used to target politicians, journalists, human rights activists, doctors, and more. Read more: https://zd.net/3DlFb9F
Inside a ransomware gang: Beware these aggressive tactics
ZDNet Security Update: Danny Palmer talks to Mandiant's Kimberly Goody about the rise of a notorious ransomware group and how to protect against attacks.
This is ransomware's golden age: How to bring it to an end
Danny Palmer tells Beth Mauder about the findings of a new report which says we're in a 'golden era' for ransomware. Read more: https://zd.net/3EFFigt
Why the same old cyber attacks are still so successful and what needs to be done to stop them
ZDNet Security Update: Danny Palmer talks to Admiral Michael S. Rogers, Operating Partner at Team8 and former Director of the NSA and US Cyber Command, about cyber threats and the action needed to fight them.
This is what happens when you're hit by a ransomware attack
ZDNet Security Update: Danny Palmer talks to Ed Williams, Director of SpiderLabs EMEA at Trustwave, about how cyber criminals get into networks and what they actually do once inside.
Why hackers are targeting web servers with malware and how to protect yours
ZDNet Security Update: Danny Palmer talks to Zuzana Hromcová, malware researcher at ESET about the anatomy of powerful cyber attacks against web server software and how to protect against these threats.
Top Stories
-
![This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft]()
This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft
Security
-
![Second Log4j vulnerability discovered, patch already released]()
Second Log4j vulnerability discovered, patch already released
Security
-
![Log4j RCE activity began on December 1 as botnets start using vulnerability]()
Log4j RCE activity began on December 1 as botnets start using vulnerability
Security
-
![Rust takes a major step forward as Linux's second official language]()
Rust takes a major step forward as Linux's second official language
Enterprise Software
-
![Security warning: New zero-day in the Log4j Java library is already being exploited]()
Security warning: New zero-day in the Log4j Java library is already being exploited
Security