Robert Lemos

Over the past three years, the IT security community has gradually come to the consensus that every company should assume that their systems have been breached. While the lack of faith in their technology, tools and people may, on some level, be practical, it should not be a reason to give up, security experts stress. […]

More companies are moving their sensitive data into the cloud, although nearly half do not know how their cloud provider protects their data and more than a third believe that their security posture has suffered from using the cloud, according to a report published April 29. The report, based on survey data gathered by the […]

An update to Microsoft Security Essentials, the software company’s free anti-malware software, crashed Windows XP computers last week, causing business disruptions to customers still relying on the outdated—and, in many cases, now-unsupported—operating system. The update caused a variety of Microsoft operating systems to restart and then fail to reboot, displaying an arcane “MsMpEng.exe application error” […]

The annual Verizon Data Breach Investigations Report (DBIR) typically highlights the overwhelming advantage that attackers continue to have in attacking corporate networks and data. Yet this year’s report has a few bright spots, as well. For the first time, more breaches were detected using internal controls than fraud-detection mechanisms, according to the report. Although the […]

In the past year, attackers have changed focus from attacking applications to overwhelming network bandwidth using brute-force reflection attacks, according to a report published April 17 by content-delivery provider Akamai. The two most popular types of reflection attacks, which bounce network traffic off intermediate servers on the Internet, have shot up in popularity, accounting for […]

Scammers are going back to the basics, increasingly using old-school telephone calls to defraud victims, with one group of grifters targeting up to half a million consumers, according to analysis published on April 17 by anti-fraud firm Pindrop Security. Following a warning by the Internal Revenue Service of stepped-up fraud targeting consumers, Pindrop analyzed its […]

The end of support for Microsoft’s 12-year-old operating system Windows XP has garnered a great deal of attention, but for the most part, the risk to the corporate and consumer users of the operating system remains unchanged. Yet that risk is not small. Released in 2001, Windows XP is Microsoft’s last operating system developed before […]

A widespread vulnerability in OpenSSL, the software library used to secure communications on the Web, has undermined the security on hundreds of thousands of Web servers and services and has left online companies scrambling to close the security hole. The vulnerability—officially dubbed the “TLS Heartbeat Read Overrun” issue and unofficially named “Heartbleed” by the firm […]

Attackers made off with more than 550 million identities in 2013, the largest loss to date, according to security firm Symantec’s Internet Security Threat Report released on April 8. The return of “mega breaches” that resulted in the loss of 10 million or more records was a major trend identified by the company in its […]

Ransomware has become an increasingly popular way for cyber-criminals to turn infected computer systems into cash, and this year underground programmers are already churning out copycats of the most successful ransomware program, CryptoLocker, according to security firms. On March 31, security firm Symantec discovered a data-napping program, dubbed CryptoDefense, which has already netted its makers […]