Hey Cortana, how security dumb are 'intelligent' digital assistants?

Hey Cortana, how security dumb are 'intelligent' digital assistants?

Microsoft Windows intelligent digital assistant, Cortana enabled the execution of arbitrary commands with elevated privileges on a locked machine - so turn off the Cortana interaction from the lock screen, unless absolutely necessary
By Davey Winder Jun 15 2018, 12:17PM
Six years on from the official launch, just how secure is IPv6?

Six years on from the official launch, just how secure is IPv6?

The world launch of IPv6 happened back in June 2012, and World IPv6 Day is on Friday 8 June. But just how secure is IPv6 some six years after that fanfare deployment?
By Davey Winder Jun 8 2018, 12:43PM
Explainer: How do you become an ethical hacker?

Explainer: How do you become an ethical hacker?

What certifications do you need, what jobs are available and how much is the salary?
By Adam Shepherd, Davey Winder Mar 19 2018, 10:28AM
Explainer: Social engineering - the biggest security risk to your business

Explainer: Social engineering - the biggest security risk to your business

It's not your network, but your own well-meaning employees that could be the gateway for hackers.
By Davey Winder Nov 28 2017, 12:05PM
Attack of the cyber-bees: self-learning hivenets to replace botnets in 2018

Attack of the cyber-bees: self-learning hivenets to replace botnets in 2018

Highly destructive, self-learning 'swarmbots' driven by hivenets will be the threat trend for next year said Fortinet global security strategist, Derek Manky, speaking at the vendors International Media Conference in Nice this week.
By Davey Winder Nov 20 2017, 10:27AM
Russian hackers silently threaten global financial organisations

Russian hackers silently threaten global financial organisations

A new bankrobber Trojan has been identified by researchers at Kaspersky Lab, quietly stealing money direct from the banks themselves rather than targeting customers.
By Davey Winder Nov 3 2017, 10:42AM
How to: Protect your business against a DDoS attack

How to: Protect your business against a DDoS attack

DDoS attacks are increasing - here's how to fight back.
By Jane McCallion, Davey Winder Oct 31 2017, 11:25AM
Connected devices can get pwned by attackers every two minutes

Connected devices can get pwned by attackers every two minutes

IoT device pwned by credential attackers once every 120 seconds in SANS research using real connected device rather than honeypot.
By Davey Winder Sep 1 2017, 11:21AM
Ransomware actors turn attention to holding websites hostage

Ransomware actors turn attention to holding websites hostage

Ransomware actors are looking for new targets. According to security vendor WordFence that target appears to be WordPress-powered websites.
By Davey Winder Aug 18 2017, 11:36AM
How secure is your localhost domain? Hint - it may not be what it says

How secure is your localhost domain? Hint - it may not be what it says

According to the t-shirt 'There's no place like 127.0.0.1' but just how secure is this particular home? And should recommendations become instructions to end ambiguity?
By Davey Winder Aug 11 2017, 11:43AM
Weaponised AI - is that a thing yet?

Weaponised AI - is that a thing yet?

According to research announced during the recent Black Hat conference in Vegas, some 62 per cent of infosec pros reckon weaponised AI will be in use by threat actors within 12 months.
By Davey Winder Aug 4 2017, 11:24AM
Cash, confusion or cyber-warfare: what really motivated NotPetya attack?

Cash, confusion or cyber-warfare: what really motivated NotPetya attack?

Monetising a global ransomware attack on the scale of NotPetya is all but impossible without getting caught. So if not cold cash, what was the motivation behind it?
By Davey Winder Jun 30 2017, 10:29AM
Is the wildly popular WordPress a conduit to compromise?

Is the wildly popular WordPress a conduit to compromise?

Is the world's most popular content management system riddled with holes, exploits and vulnerabilities? and what can be done to change that?
By Davey Winder Jun 5 2017, 10:33AM
WannaCry fallout: is hoarding exploits, delaying fixes ever justified?

WannaCry fallout: is hoarding exploits, delaying fixes ever justified?

With the lethality of WannaCry being blamed on the NSA's EternalBlue exploit, we asked the cyber-security industry about the wisdom of allowing intelligence agencies to stockpile zero days.
By Davey Winder May 22 2017, 10:29AM
Are 'bad bots' weaponising data centres to spread fake news?

Are 'bad bots' weaponising data centres to spread fake news?

As bad bots increasingly take up a greater share of internet traffic, are data centres providing the roads?
By Davey Winder Mar 17 2017, 10:25AM
Atomic fragments running amok: time to take IPv6 security seriously?

Atomic fragments running amok: time to take IPv6 security seriously?

The danger of atomic fragments in the 20-year-old IPv6 protocol have been known for a long time, so why are sys admins still failing to harden their networks against this vulnerability?
By Davey Winder Jan 24 2017, 11:47AM
10 ways to harden the security on your Android phone

10 ways to harden the security on your Android phone

Want to make sure your Android device is safe from attack? Davey Winder delivers ten ways to beef up your smartphone and tablet security.
By Davey Winder Jan 12 2017, 11:53AM
Android tops 2016 vulnerability list - security industry says "meh!"

Android tops 2016 vulnerability list - security industry says "meh!"

The Common Vulnerabilities and Exposures (CVE) statistics for 2016 are in and it doesn't make great reading for Google. Or does it? Davey Winder runs the numbers.
By Davey Winder Jan 9 2017, 9:08AM
YouTubers sell phishing kits in plain view

YouTubers sell phishing kits in plain view

YouTube appears to be the latest host of cybercrime advertising, as researchers unveil that they've found criminals advertising phishing kits on the video hosting site.
By Davey Winder Nov 28 2016, 10:08AM
Is Android as easy to secure as the latest AV-TEST results appear to suggest?

Is Android as easy to secure as the latest AV-TEST results appear to suggest?

An independent IT security research facility has reviewed Android, and despite constant charges of insecurity, found the mobile platform to be far from wanting.
By Davey Winder Aug 19 2016, 10:43AM

Most popular tech stories