Expert Comments on Talktalk Opt for Voice Recognition over Passwords

Talktalk have announced that they will be using voice recognition in place of passwords as a result of the data breach last year, here to comment on this news is Barry Scott, CTO EMEA, Centrify. Barry Scott, CTO EMEA, Centrify: “Passwords are no longer fit for purpose, and the risks are inherent as TalkTalk has experienced […]

OneFive Could Be Signing Away Their Privacy When They Install A New Application

Securing Applications Running on 500+ Million Devices

Kaspersky Lab has discovered that consumers are installing apps on their devices without being aware of the potential consequences. A shocking 63 per cent of consumers neglect to read the license agreement carefully before installing a new app on their phone.  Additionally, one-in-five (20 per cent) never read messages when installing apps; they simply go […]

Google Web Traffic Still not End-to-End Encrypted

Following Google’s recent announcement of its plan to expand encryption of user data by rolling it out to even more services, Ilia Kolochenko, CEO of High-Tech Bridge, has asked why such a large number of traffic requests that Google currently handles are not already secured with end-to-end encryption. Ilia comments: “A recent disclosure in Canada […]

Are You “Surprised” by New Ransomware Spread via Teamviewer?

teamviewer and ransomware

A number of users have reported the infection dubbed Surprise ransomware. The infection is easy to spot. It does not hide as its encryption payload has completed, It clearly informs its victims they need to pay. The malware is going to lock all files with a sophisticated encryption. To undo the malicious modification, a user […]

Two Vulnerabilities Disclosure Announcements from Rapid7

Organizations Overlook Known Security Vulnerabilities

Rapid7 has disclosed two vulnerabilities as outlined below. The first vulnerability is a cross-site scripting vulnerability the team discovered in ManageEngine OpUtils, an enterprise switch port and IP address management system. This vulnerability allows a malicious actor to conduct attacks which can be used to modify the systems configuration, compromise data, take control of the product or launch attacks against the […]