An organisation’s primary and immediate line of defense against malware is typically the antivirus software installed in each of their users’ endpoint devices. It works in the background, checks data being received for known malware signatures, and warns users of possible threats. Antivirus software does contribute greatly to an organisation’s online security, but it is not enough to mitigate all malware threats when you consider how advanced these threats have become.

Social media is the new black and everybody wants to be part of it. Posting one’s activities, sharing one’s thoughts, and reacting to other people’s posts have simply become part of our daily lives.

But to those who know what they’re looking for, this social media content can lead to a goldmine of information. It is through this goldmine—terabytes upon terabytes of data, that cyber criminals flourish, using such data to attack individuals and even companies.

How exactly can cyber criminals use social media to compromise online security and attack business organisations? Let’s discuss their methods.

The internet of things (IoT) is undoubtedly growing rapidly. According to Gartner the typical CIO will be looking after triple the number of IoT devices in 2023, compared to the number of IoT devices under their security remit in 2018.

This influx is caused by a mix of repurposed consumer devices, IoT devices that support infrastructure and business-specific IoT devices. Dodging the explosion of IoT devices is impossible, and yes, IoT does deliver a lot of advantages – but the security implications can be serious.

VPN use is widespread and for good reason: it brings large security and privacy benefits to end-users as it shields internet usage from prying eyes. But what if the VPN provider you’re using is susceptible to foreign government interference?

What if your VPN provider’s host country provides little in the way of data protection legislation? Have you considered whether the owner of your VPN service takes data security seriously at all? VPN users don’t always ask these questions – but they certainly should.

The World Wide Web has always been a valuable source of information and a reliable means of communication to masses of users across the globe. With more than 5 billion Google searches made every day and a projected $3.5 trillion online retail sales for 2019, you’d think that the internet as we know it is already as vast as it can be.

Unknown to most people, however, is that the surface or visible web—the part of the internet which the average user can access through search engines—comprises only about 4% of the entire web. The rest is composed of the deep web, a small part of which is the oh-so-mysterious (for the curious) but essentially shady, dark web.

The year 2017 was a dismal year for IT security, particularly in the arena of ransomware.

Less than 12 months ago, the ransomware worm WannaCry wreaked havoc across the globe, placing large organisations – including NHS trusts in England and Scotland, at the forefront of one of the most prolific cyber attacks in history. Then followed NotPetya (initially believed to be the Petya malware of 2016) in June, which also spread quickly and, even without the aid of human intervention, managed to harm multinational companies.

Yet more ransomware attacks compromised the data of individuals and organisations, but they were not nearly as high profile as the aforementioned attacks, and this prompted many people to believe that ransomware is no longer the threat that it was twelve months ago. But is this really the case?

Web content filtering is typically supplied as part of broader cybersecurity measures, with most internet security appliances offering the option to enable filtering, and many default configurations enabling it from the outset. Yet as with many topics in information security IT personnel should never assume that content filtering features are active or optimised. In this article, we outline key reasons why content filtering is still so important, and briefly describe how to enable content filtering for your organisation.

When businesses embark on cyber security initiatives, one of the things that’s often overlooked is DNS security. Many people forget or simply aren’t aware that a compromised DNS infrastructure (or any critical component of that infrastructure) could potentially lead to considerable downtimes, malware outbreaks, data breaches, and several other forms of cyber incidents.

These things can happen because DNS or the Domain Name System plays a crucial role in almost any user-initiated activity that takes place on the Internet. DNS is in charge of resolving the easily-recognisable names like www.somesite.com or ftp.companyx.com that users enter into their web browsers, email clients, or file transfer clients into the IP addresses (e.g. 200.100.10.10) that computers use to communicate with one another.

The prevalence of firewalls and anti-virus software has closed many of the common attack vectors that cyber criminals use to gain unauthorised access to networks and to bypass online security. For this reason, attacks increasingly rely on fooling users into allowing access to systems: legitimate-looking emails that easily clear the common-sense hurdle can hide malware and well-planned hacking attacks.

Even with the necessary protections in place it is surprisingly easy to “spoof” an address, with a from field that looks correct in every way; except for the fact that the sender is not who it appears to be. Most users will think twice about opening an attachment sent by an unknown sender, but if the attachment appears to be from a colleague the usual caution is sometimes left by the wayside.

Of all the types of malware wreaking havoc these days, one clearly stands out - Ransomware. This troublesome malware appears to be gaining a lot of fans in the cybercrime community and has, in turn, caused considerable stretches of downtime on a large number of organisations.