Tag Archive for: security

Security Reviews and Lab Tests

/in


PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help
support our testing.

Latest Security Top Picks

Latest Security Stories

A VPN almost certainly won’t make your internet connection faster, but some have far less impact on speeds than others. Our testing reveals your best options.



By
Max Eddy
 &
Chris Stobing

The Fastest VPNs

Developers are reportedly promoting these apps via Instagram ads with taglines like ‘undress any girl for free’ and ‘any clothing delete.’



By
Emily Price

Apple's App Store icon on a phone screen

If you’re short on cash, you can still use a VPN to improve your privacy online. Here’s everything you need to know about what you get (and don’t get) with the best free VPN services we’ve tested.



By
Chris Stobing

Art showing a man holding a keyboard with a shield saying VPN on it

‘Brokewell’ malware allows attackers to spy on, steal cookies from, or take control of Android mobile devices for financial gain.



By
Kate Irwin

Android phone screen showing Google apps including YouTube and Drive.

Worried about the potential TikTok ban in the United States next year? These are the top VPNs for getting around it.



By
Chris Stobing

A closeup of a phone's home screen showing icons for Home, TikTok, ABC and other apps on a blue backgroundone

Gaining access to a Gmail account requires a few steps, but for someone eager enough to read your emails or Drive files, it’s a relatively easy way to be a creep.



By
Emily Price

A television with a remote pointed at it

A ‘Cyber Schoolhouse Rock’ jingle is just one tactic the government is taking to coax private industry into adopting security practices intended to help thwart ransomware.



By
Rob Pegoraro

illustration of a ransomware-locked laptop

Rest easy knowing that your personal information is secured when browsing online thanks to one of these award-winning VPNs. Find the one that’s right for you (at a nice discount, too).



By
Jade Chung-Lee
 &
Karl Klockars

Best VPN Deals

President Biden signed a foreign aid bill that includes a ban on TikTok in the US unless it divests from its Chinese owners. Here’s why it’s happening and how it affects you.



By
Chloe Albanesius

tiktok logo on a phone in front of the us capitol

Award-winning cybersecurity that protects your most valuable personal information doesn’t have to…

Source…

A glaring Android TV security flaw might put your Gmail at risk

/in


What you need to know

  • A loophole in Android TV could allow unauthorized access to Gmail and other linked services if someone gains physical access to the device.
  • Through an Android TV box, individuals can potentially hack into the Google account of the last user, compromising Gmail and Google Drive.
  • Initially, Google implied the behavior was expected, but later acknowledged the security flaw and claimed to have fixed it on newer Google TV devices.

A security loophole in Android TV could allow anyone to snoop on your Gmail and other linked services if they get their hands on your device, according to 404 Media.

As per a video posted on YouTube by Cameron Gray earlier this year, if someone gets their hands on an Android TV box, they can pretty much hack into the Google account of whoever last logged in, including their Gmail and Google Drive (via Mishaal Rahman).

Source…

Microsoft Security Vulnerabilities Decreased by 5% in 2023

/in


The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report.

Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability trends and tips about how to reduce identity attacks.

Microsoft reported 1,228 vulnerabilities in 2023

The total number of Microsoft vulnerabilities has remained mostly steady for the past four years, with a slight (5%) dip in 2023 from 1,292 to 1,228 reported vulnerabilities.

Microsoft vulnerability trend.
Since a rise in 2020, the number of Microsoft vulnerabilities has remained between 1,200 and 1,300. Image: BeyondTrust

“Microsoft’s efforts to promptly patch known vulnerabilities may be offsetting the discovery of new ones by reducing the window of opportunity for attackers to exploit vulnerabilities,” David Morimanno, director of identity and access management technologies, Integral Partners, told BeyondTrust. “Also, as the MS codebase matures, new vulnerabilities might be getting introduced at a slower rate.”

The rate of critical Microsoft vulnerabilities (i.e., those with a score of 9.0 or higher on NIST’s Common Vulnerability Scoring System) has slowed. There were 84 Microsoft critical vulnerabilities in 2023, compared to 89 in 2022 and a five-year high of 196 in 2020.

How Microsoft vulnerabilities are classified

Microsoft has its own severity rating system distinct from NIST, which will produce slightly different numbers. For example, 33 Microsoft vulnerabilities from 2023 were classified as critical in NIST’s scoring system, but Microsoft itself classified 84 vulnerabilities in 2023 as critical. Microsoft’s classification system still reflects the overall trend of a slight decrease in vulnerabilities year-over-year, showing a decrease in severe vulnerabilities by 6%.

BeyondTrust noted that not all recorded Microsoft vulnerabilities pose significant risk; some are mostly theoretical or would have minimal impact even if they were exploited….

Source…

KnowBe4 Acquires Egress to Enhance Email Security With AI

/in


KnowBe4, a provider of security awareness training and simulated phishing platforms, has acquired Egress, which specializes in adaptive and integrated cloud email security. Financial terms were not disclosed.

This is technology M&A deal number 105 that ChannelE2E and MSSP Alert have covered so far in 2024. See more than 2,000 technology M&A deals for 2024, 2023, 2022, 2021, and 2020 listed here.

KnowBe4, which hosts a popular integrated security awareness training and simulated phishing platform, was founded in 2010, and is based in Clearwater, Florida. The company has 1,844 employees listed on LinkedIn. KnowBe4’s areas of expertise include internet security awareness training, network security, cybercrime prevention, and more.

Egress, founded in 2007, is based in London, England. The company has 329 employees listed on LinkedIn. Egress’ areas of expertise include anti-phishing, email data loss prevention, DLP, email encryption, email security, machine learning, secure file sharing, and secure collaboration.

About The Deal

The integration is expected to enhance KnowBe4’s email security measures by incorporating Egress’ Intelligent Email Security suite into its offerings, according to the company.

Both companies have recently announced developments related to their technology offerings. KnowBe4 introduced its AI-native platform, Artificial Intelligence Defense Agents (AIDA). Egress also launched its AI-powered Automated Abuse Mailbox earlier in the year.

KnowBe4 Acquires Egress: Executive Insights

Stu Sjouwerman, CEO, KnowBe4, commented:

“The future of security is personalized AI-driven controls and real-time coaching. By providing a single platform from KnowBe4 and Egress, our customers will benefit from differentiated aggregate threat detection to stay ahead of evolving cyber threats and foster a strong security culture.”

Tony Pepper, CEO, Egress, said:

“KnowBe4 and Egress have a shared vision of delivering tailored and relevant security to each employee. One of the biggest challenges organizations face is accurately identifying who the next source of compromise is – and why. By combining intelligence and analytics from integrated applications, companies can gain valuable insights…

Source…