Journal Cover Computer Fraud & Security
  [SJR: 0.196]   [H-I: 13]   [358 followers]  Follow
    
   Full-text available via subscription Subscription journal
   ISSN (Print) 1361-3723
   Published by Elsevier Homepage  [3118 journals]
  • Editorial
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      Author(s): Steve Mansfield-Devine
      It might seem to some that having laws forcing organisations to disclose data breaches is a tad Draconian. But recent events have shown that they can't necessarily be trusted to do the right thing.

      PubDate: 2017-12-26T18:11:11Z
       
  • UK fraud hits new high
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      The ‘Annual Fraud Indicator 2017’, published by Crowe Clark Whitehill, Experian and the Centre for Counter Fraud Studies, shows that private sector fraud cost the UK economy £140bn while fraud in the public sector cost the country £40.3bn in 2017.

      PubDate: 2017-12-26T18:11:11Z
       
  • In brief
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12


      PubDate: 2017-12-26T18:11:11Z
       
  • From super-yachts to web isolation
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      Author(s): Jay Kelley
      Even the super-luxurious boats owned by the jet-setting rich and famous are being taken hostage. 1 A white-hat hacker at a recent super-yacht investor conference (who knew there even were such events') demonstrated, in less than 30 minutes, how he took control of a super-yacht's satellite communications system, meaning that the cyber-pirates had control over the ship's wifi, telephone system and even the navigation system. 2 He could read emails, gather banking information and even steer the boat totally off-course without the ship's crew being any the wiser. It seems that nothing is safe anymore. Researchers have shown that even super yachts, which would appear immune as a result of their isolation, are vulnerable to hacking. Jay Kelley of Menlo Security explains how attackers can exploit everything from connected homes and businesses through to cars, hotels and even boats. The solution to the problem, he argues, is web isolation, handling web activity in virtual, disposable containers to keep malware well away from your critical systems so that you can explore the Internet in safety.

      PubDate: 2017-12-26T18:11:11Z
       
  • Resisting the persistent threat of cyber-attacks
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      Author(s): Gavin Russell
      If there's one issue that businesses across all sectors should be concerned about in 2017, it's the threat of cyber-attacks. Cyber-security-related stories have rarely made it out of the news this year, and this has resulted in increased public awareness surrounding the topic. Stories about data breaches and other cyber-security issues have barely left the headlines this year and public awareness of the issue is growing. Gavin Russell of Wavex examines some of the most serious risks that face businesses – including malware, ransomware and DDoS attacks – and their potential impacts. Organisations of all kinds need to be proactive about keeping themselves safe using a combination of technology tools employed alongside appropriate business processes and data governance, he argues.

      PubDate: 2017-12-26T18:11:11Z
       
  • Strengthening the network security supply chain
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      Author(s): Steven Kenny
      You can't say that we weren't warned. Just a few days before the largest distributed denial of service (DDoS) attack the world had ever seen was launched in September last year, researchers from IoT Village published a list of 47 vulnerabilities in 23 Internet-connected devices that they'd been examining. Everything from smart thermostats, connected door locks and remote-controlled wheelchairs proved vulnerable to password sniffing, replay attacks and other design flaws that let the researchers take them over. 1 There have been plenty of warnings about vulnerabilities in devices such as CCTV cameras and digital recorders, most of which went ignored – until Mirai used them to launch attacks. High street stores, B2B resellers and integrators all carry responsibility for the ability of criminals to use tools such as Mirai. And vulnerabilities in products continue to emerge. Steven Kenny of Axis Communications argues that it's time to look at all stages of the production and selling of Internet-connected devices, with everyone involved shouldering some of the responsibility for making sure we stay safe.

      PubDate: 2017-12-26T18:11:11Z
       
  • Blasted from the past: why you can't ignore old vulnerabilities
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      Author(s): Marina Kidron
      How many cyber-security articles begin with ‘The threat landscape changes constantly’' While the concept is true, one aspect of the threat landscape likes to stay the same as long as it can – exploited vulnerabilities. According to data from the latest Fortinet Global Threat Landscape Report, 90% of enterprises are still recording exploits for vulnerabilities that are more than three years old, and 60% for vulnerabilities more than a decade old. 1

      PubDate: 2017-12-26T18:11:11Z
       
  • Coming of age: how organisations achieve security maturity
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12
      Author(s): Steve Mansfield-Devine
      When it comes to security, organisations have had a lot of growing up to do. Facing up to the volume and complexity of today's cyber-threats requires a level of maturity that is achievable only when you understand not just the world around you but yourself. As Kevin Down, chairman of the CNS Group, explains in this interview, organisations have a lot to gain from determining their degree of maturity when it comes to information security, with benefits for everyone from those working at the operational level right up to the board.

      PubDate: 2017-12-26T18:11:11Z
       
  • Events
    • Abstract: Publication date: December 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 12


      PubDate: 2017-12-26T18:11:11Z
       
  • Over half of fraud incidents in England and Wales are now cyber-related
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      The latest figures from the UK's Office of National Statistics (ONS) would seem to show a slight overall drop in cybercrime. However, fraud figures are up and it may be too soon to celebrate as the statistics remain ‘experimental’.

      PubDate: 2017-12-26T18:11:11Z
       
  • Editorial
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      Author(s): Steve Mansfield-Devine
      Attacks on European Union countries are to be treated as acts of war, according to a new diplomatic statement that is currently in draft form. This is not an original stance to take, but the move does reflect the growing concern about the impact of hacking on economies and political processes.

      PubDate: 2017-12-26T18:11:11Z
       
  • Critical infrastructure comes under attack
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint Technical Alert (TA17 – 293A) via US-CERT about advanced persistent threats targeting the country's energy companies and other critical infrastructure.

      PubDate: 2017-12-26T18:11:11Z
       
  • In brief
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11


      PubDate: 2017-12-26T18:11:11Z
       
  • The shape of things to come: the Equifax breach, the GDPR and open-source
           security
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      Author(s): Daniel Hedley, Matthew Jacobs
      Although the General Data Protection Regulation (GDPR) is being hailed as a sort of revolution, what it really represents is the law catching up with reality. The GDPR isn't alone, of course – in the information security space it is accompanied by the Network and Information Security Directive (NISD). Both the GDPR and NISD go into effect in May 2018. Although the General Data Protection Regulation (GDPR) is being hailed as a sort of revolution, what it really represents is the law catching up with reality. You will need be able to explain how you've addressed data privacy protection and justify your decisions if a data breach occurs after the regulations go into effect. Daniel Hedley of Irwin Mitchell LLP and Matthew Jacobs of Black Duck Software describe the consequences of not getting to grips with the GDPR and the processes and policies you need to get into place now.

      PubDate: 2017-12-26T18:11:11Z
       
  • Hobby hackers to billion-dollar industry: the evolution of ransomware
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      Author(s): CR Srinivasan
      In recent months, ransomware has become a mainstream topic across the world, thanks to a string of high-profile attacks. There is a sense that no one is immune to attacks from a persistent and organised community of cyber-criminals who use ransomware as their main modus operandi. Ransomware has become a mainstream topic across the world recently, thanks to a string of high-profile attacks. But this form of malware has been with us for a while. Srinivasan CR of Tata Communications examines the history of ransomware, tracing its evolution from crude beginnings in the 1980s to its global impact today. And although it is proving to be a pernicious threat, he explains how we are also developing effective countermeasures.

      PubDate: 2017-12-26T18:11:11Z
       
  • Raising awareness: people are your last line of defence
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      Author(s): Steve Mansfield-Devine
      Many organisations view their own people as a threat. Whether deliberately or accidentally, members of staff certainly have the potential to cause serious cyber-security incidents. On the other hand, people can often spot problems and deal with them, in a way that even the most advanced technology can't. When your firewalls, intrusion prevention systems and other defences fail, people are your last line of defence. But, as Amy Baker, VP of marketing at Wombat Security Technologies, explains in this interview, this works only if you give them the necessary training and support and provide leadership from senior executives who are also properly trained. Many organisations view their own people as a threat. On the other hand, people can often spot problems and deal with them in a way that even the most advanced technology can't. When your technological protections fail, people are your last line of defence. But, as Amy Baker of Wombat Security Technologies explains in this interview, this works only if you give them the necessary training and support and provide leadership from senior executives.

      PubDate: 2017-12-26T18:11:11Z
       
  • Torture-free cyberspace – a human right
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      Author(s): Samantha Newbery, Ali Dehghantanha
      Definitions of torture range from the emotive to the legal. The media sometimes uses the term in a loose or informal sense – for example, to refer to the pain felt when one's sports team loses a crucial game. 1 This dangerous practice detracts from the severity of torture as defined in law. When international human rights instruments describe the treatment of prisoners as torture, they are referring to severe suffering. News reports also use the term in a non-legal, informal sense to refer to the effects of cyber-bullying. 2 In some instances cyber-bullying can meet the severity-of-suffering aspect of the legal definition of torture, as we will examine.

      PubDate: 2017-12-26T18:11:11Z
       
  • Recognising the real danger of SIM fraud
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11
      Author(s): Andrew Blaich
      In today's digital society, we would struggle to get very far without our mobile devices. In fact, according to Emarketer, 2017 is the first year in which handheld devices have beaten the computer when it comes to online browsing. 1 The UK is a nation of on-the-go, always-on individuals. As our smartphones get smarter and more intuitive to our needs, cyber-criminals are shifting their attention away from desktops and PCs towards the potential of mobile devices.

      PubDate: 2017-12-26T18:11:11Z
       
  • Events
    • Abstract: Publication date: November 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 11


      PubDate: 2017-12-26T18:11:11Z
       
  • Data breaches: Deloitte suffers serious hit while more details emerge
           about Equifax and Yahoo
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10
      Deloitte, one of the world's largest accountancy and management consultancy firms, has been hit by a breach that may have disclosed highly sensitive information about its customers.

      PubDate: 2017-12-26T18:11:11Z
       
  • Editorial
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10
      Author(s): Steve Mansfield-Devine
      If you ever need proof that the fog of war extends into the cyber realm, just look at the row currently going on between the US Government and Kaspersky Lab. Something tells me we're not getting the whole story in this affair.

      PubDate: 2017-12-26T18:11:11Z
       
  • In brief
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10


      PubDate: 2017-12-26T18:11:11Z
       
  • The ABC of ransomware protection
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10
      Author(s): Steven Furnell, David Emm
      ‘Your files have been encrypted!’ These five words have the potential to instil alarm as the realisation dawns that your system has fallen victim to ransomware. How it happened and what happens next, rather depends upon the precautions that may or may not have been taken beforehand. And as we will explore in this article, taking some basic steps in advance could help save a lot of problems later. Ransomware has become a significant problem and is now one of the most keenly recognised threats in the security landscape. And it's likely to get worse. Steven Furnell of the University of Plymouth and David Emm of Kaspersky Lab UK examine the history of ransomware and why it's so effective. And they detail the steps individuals and organisations can take to defend themselves from this growing menace, including using anti-malware, back-ups and patching.

      PubDate: 2017-12-26T18:11:11Z
       
  • Exposing fraudulent digital images
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10
      Author(s): David Spreadborough
      As a predominantly visual species, we tend to believe what we see. Throughout human evolution, our primary sense of sight has allowed us to analyse primeval threats. We are genetically hardwired to process and trust what our eyes tell us. Edgar Dale's cone of learning states that the brain retains information visually, over any other sensory stimulus. 1 We tend to believe what we see. But in the digital age, images are easily manipulated, and this can cause problems for fraud investigators. David Spreadborough of Amped Software describes how images may be altered and the techniques we can use to spot pictures that have been modified. With the right tools and training, exposing doctored images in fraud investigations is now not only financially and technically viable, but urgently necessary.

      PubDate: 2017-12-26T18:11:11Z
       
  • Reinforcing your SME against cyberthreats
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10
      Author(s): Sneha Paul
      Despite its name, the small and medium-sized enterprise (SME) sector is colossal in terms of size and revenue. Defined as a business having less than 500 employees and either an annual turnover under £87m or a balance sheet under £75m, SMEs in the UK account for 47% of the private sector's total annual turnover, at £1.8 trillion. 1 Additionally, SMEs employ 15.7 million people, which is 63% of all private sector jobs. The small and medium-sized enterprise (SME) sector is colossal in terms of size and revenue. Given the critical role that SMEs play in the UK's economy, breaches can have a major impact. Keeping this in mind, Sneha Paul of ManageEngine presents six ways to reinforce your SME against cyberthreats. They include analysing logs, managing Active Directory, proactive surveillance, securing the cloud, password management and firewall analysis.

      PubDate: 2017-12-26T18:11:11Z
       
  • Ransomware: the most popular form of attack
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10
      Author(s): Steve Mansfield-Devine
      Ransomware has been hitting the headlines in a big way just lately. The WannaCry and NotPetya campaigns really grabbed the general public's attention. 1,2 And while some of this response may have been down to misperception and hype, there are good reasons why ransomware has shot to the top of the list of threats facing individuals and organisations. In this interview, Chris Goettl, manager of product management, security at Ivanti, explains why there is increased awareness around ransomware and how these attacks are being mounted.

      PubDate: 2017-12-26T18:11:11Z
       
  • Events
    • Abstract: Publication date: October 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 10


      PubDate: 2017-12-26T18:11:11Z
       
  • Nearly half of US citizens hit by massive Equifax breach
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9
      Equifax, one of the largest credit rating and monitoring firms in the world, has suffered a massive data breach that could affect nearly half of the US population as well as many in the UK and Canada. And the firm's response to the incident has already come in for severe criticism, prompting lawsuits and a potential congressional investigation.

      PubDate: 2017-12-26T18:11:11Z
       
  • Editorial
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9
      Author(s): Steve Mansfield-Devine
      Here we go again. It would seem that certain people in positions of authority believe that encryption is too dangerous a weapon to be left in the hands of just anyone. This is an old argument that goes back decades. Why are we still having it'

      PubDate: 2017-12-26T18:11:11Z
       
  • In brief
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9


      PubDate: 2017-12-26T18:11:11Z
       
  • Content security through transformation
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9
      Author(s): Simon Wiseman
      Organisations have to exchange content with others, but there is an inherent risk in doing so. Incoming content might be carrying malware, outgoing content might be leaking sensitive information and content being exchanged might form a command and control channel for an existing attack. Sharing data with other organisations is risky. The content might be carrying malware and outgoing content might be leaking sensitive information. Defences that check content to ensure that only safe content is exchanged can only handle known problems. Two technologies tackle this issue – content disarm and reconstruct (CDR) and content threat removal (CTR). Simon Wiseman of Deep Secure describes and compares the technologies so that potential users can understand the risks and benefits of deploying them.

      PubDate: 2017-12-26T18:11:11Z
       
  • Five steps to protect confidential data when employees leave
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9
      Author(s): Michael Fimin
      At one point in the movie Meet The Fockers, Robert de Niro's character, ex-CIA boss Jack Byrnes, tells his prospective son-in-law of his fears about extending the family: “If your family circle does indeed join my family circle they'll form a chain – I can't have a chink in my chain.” Underneath the obvious humour lies a serious point. Every time an employee leaves one employer to join another, the old employer faces the risk that an employee's switch of allegiances may open up new vulnerabilities. Ninety-nine employees out of a hundred move from one organisation to the next with no intention of betraying the trust of the organisations they are leaving. Every so often, however, former members of staff may try to take confidential information with them to their new employers or deliberately tamper with data on the system out of spite. Fortunately there are a number of things organisations can do to protect their data from such risks, as Michael Fimin of Netwrix explains.

      PubDate: 2017-12-26T18:11:11Z
       
  • The great threat intelligence debate
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9
      Author(s): Darren Anstee
      Cyberthreats continue to evolve, with ever-more complex attacks being used and with a wider spectrum of motivations behind them. Cyber-attacks can be launched for extortion, vandalism, ideological hacktivism, data theft and financial fraud with all kinds of attacks being regularly featured in the news. For example, ransomware has seen huge growth in the past year or so, highlighted most recently with the global WannaCry/NonPetya cyber-attacks. To protect themselves from an ever-increasing variety of threats, businesses need to leverage the capability and expertise available across the industry. This threat intelligence can be anything from statistical data on the kinds of threats being detected by a specific vendor's solutions through to specific indicators of compromise (IOCs). The gathering and sharing of threat intelligence is a key part of the security toolkit, but the nature of that intelligence will continue to evolve, explains Darren Anstee of Arbor Networks.

      PubDate: 2017-12-26T18:11:11Z
       
  • Meeting the needs of GDPR with encryption
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9
      Author(s): Steve Mansfield-Devine
      The EU's General Data Protection Regulation (GDPR) is upon us – or it soon will be. 1 The regulation comes into full force next year, by which time all organisations operating within the EU or who hold information about EU citizens will need to be compliant. However, as Bernard Parsons, co-founder and CEO of Becrypt, explains in this interview, that's easier said than done.

      PubDate: 2017-12-26T18:11:11Z
       
  • Events
    • Abstract: Publication date: September 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 9


      PubDate: 2017-12-26T18:11:11Z
       
  • The Insider Threat
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      For many years, organisations have focused on securing the perimeter. Firewalls, intrusion detection, anti-malware and many other technologies are designed to keep unwanted outsiders out. But they are of little use against the threat that originates from within your organisation.

      PubDate: 2017-09-02T14:44:43Z
       
  • Major BUPA breach caused by employee copying files
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Private health insurance firm Bupa Global has admitted to a data breach affecting around 108,000 policies that was allegedly the result of a rogue employee simply copying the data. The employee has not been named but has been fired by the firm, which says it is pursuing legal action.

      PubDate: 2017-09-02T14:44:43Z
       
  • Editorial
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): Steve Mansfield-Devine
      There's a little homily that security practitioners like to trot out on special occasions. An organisation, they say, has to defend everything, covering all potential avenues of attack, but an attacker only needs to find one vulnerability. And that vulnerability might be one of your employees.

      PubDate: 2017-09-02T14:44:43Z
       
  • Ransomware menace will grow says Google
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Ransomware attacks are proving to be very lucrative and we're likely to see many more of them, according to research carried out by Google with New York University and presented at the recent Black Hat conference.

      PubDate: 2017-09-02T14:44:43Z
       
  • In brief
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8


      PubDate: 2017-09-02T14:44:43Z
       
  • Using data virtualisation to detect an insider breach
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): George Smyth
      The latest figures from Lloyd's of London indicate that a worldwide cyber-attack could result in losses of $53bn, with potential consequences akin to that of a natural disaster 1 . Some eye-watering sums have been racked up by recent crimes – for example the WannaCry attack cost $8bn globally while NotPetya caused $850m in damages.

      PubDate: 2017-09-02T14:44:43Z
       
  • Can artificial intelligence help in the war on cybercrime'
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): Danny Maher
      It is hard to avoid the buzz in the industry around artificial intelligence (AI) and associated technologies such as machine learning, deep learning, automated network monitoring and user and entity behaviour analytics (UEBA). Exciting as is it to hear these buzzwords, AI is in fact not a new concept. Yet suddenly we are starting to see it being applied more broadly and more enthusiastically by companies as tools in the fight in an increasingly challenging cyberwar.

      PubDate: 2017-09-02T14:44:43Z
       
  • Personal cloud-based apps: the new insider risk
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): Omri Sigelman
      Personal messaging apps are taking over our business lives. Not only do they provide a convenient, real time way to stay in touch with friends and colleagues while in the office or on the move, they also replicate much of the functionality of first-generation corporate collaboration systems.

      PubDate: 2017-09-02T14:44:43Z
       
  • The evolution of the digital insider trader
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): Joseph Carson
      The insider threat has been a major risk to all governments and organisations around the world for many years. High-profile examples are numerous – Nick Leeson and the collapse of Barings bank; Jeffrey Skilling, the former Enron president; and the more recent intelligence leaks from Chelsea Manning, Edward Snowden and Reality Winner that disclosed sensitive information that was damaging to the security and reputation of the US.

      PubDate: 2017-09-02T14:44:43Z
       
  • Are employees part of the ransomware problem'
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): Michael Fimin
      Ransomware is most commonly spread by hackers. But we know from experience that employees also sometimes contribute – albeit unintentionally – to ransomware attacks.

      PubDate: 2017-09-02T14:44:43Z
       
  • Employees are lax on cyber fundamentals
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): André Mouradian
      Every organisation that purchases and distributes devices to its employees – and then grants those employees access to corporate data, systems and networks – puts trust in those users to care for their devices and handle them properly. Unfortunately, the results of a recent survey show that trust is being broken on a regular basis.

      PubDate: 2017-09-02T14:44:43Z
       
  • Defending against spear-phishing
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8
      Author(s): Jason Steer
      There is no doubt about it, spear-phishing is big business – it is even becoming a serious political and diplomatic weapon. Last year saw a 1,300% increase in business email compromise attacks and a 400% rise in ransomware. And 90% of successful data breaches could be traced back to a spear-phishing email (according to PhishMe research). This is how attackers can evade your defences and assume the privileges of an insider.

      PubDate: 2017-09-02T14:44:43Z
       
  • Events
    • Abstract: Publication date: August 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 8


      PubDate: 2017-09-02T14:44:43Z
       
  • Another massive ransomware outbreak – or was it'
    • Abstract: Publication date: July 2017
      Source:Computer Fraud & Security, Volume 2017, Issue 7
      There has been another major ransomware campaign with some similarities to the recent ‘WannaCry’ outbreak. However, the vast majority of victims of the new attack seem to reside inside Ukraine and there is debate over whether this was a genuine attempt to extort money or, in fact, a cyberwar attack.

      PubDate: 2017-07-23T23:57:48Z
       
 
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
Fax: +00 44 (0)131 4513327
 
Home (Search)
Subjects A-Z
Publishers A-Z
Customise
APIs
Your IP address: 54.90.237.148
 
About JournalTOCs
API
Help
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-2016