Protect what’s yours: How to Safeguard your Data this Data Protection Day

In our increasingly data-driven world, personal data is shared every second – when shopping, at work, travelling, or simply browsing the internet. It is the responsibility of every organisation to make an active commitment to protect the data it holds. After all, it could have serious implications for its reputation if a data breach occurred and its customers’ personal data was stolen and misused. 
Data Protection Day seeks to raise awareness and promote best practices around keeping data safe and secure. In this article, eleven experts in the technology industry give advice on how to best protect your data and maintain trust from your customers.

Read more...

Security experts reveal their predictions for 2022

It is hard to believe that another year is about to pass, and while not quite as unpredictable as last year, 2021 held a lot of its own trials and tribulations – especially for the tech sector. Ransomware has hugely increased this year – in fact, the UK has been ranked number 10 on the list of countries worst affected by ransomware in a new report commissioned by Google – and we are in the eye of the storm of the ‘Great Resignation’, which is hitting the cybersecurity industry hard.
Despite this however, the year has also had its wins. This year the UN declared 2021 the International Year of Peace and Trust, Kamala Harris became the first female and black Vice-President of the United States, and more than 7.5 billion Covid vaccinations (so far) had been administered.
o as we celebrate the winds, wind down, and bring the year to a close, what can we expect from 2022? Cybersecurity Magazine spoke with eight technology experts to find out what they predict for the next 12 months. Here is what they had to say

Read more...

An Enhanced Sybil Guard to Detect Bots in Online Social Networks

Sybil accounts are swelling in popular social networking sites such as Twitter, Facebook etc. owing to cheap subscription and easy access to large masses. A malicious person creates multiple fake identities to outreach and outgrow his network. People blindly trust their online connections and fall into trap set up by these fake perpetrators. Sybil nodes exploit OSN’s ready-made connectivity to spread fake news, spamming, influencing polls, recommendations and advertisements, masquerading to get critical information, launching phishing attacks etc. Such accounts are surging in wide scale and so it has become very vital to effectively detect such nodes. In this research a new classifier (combination of Sybil Guard, Twitter engagement rate and Profile statistics analyser) is developed to combat such Sybil nodes. The proposed classifier overcomes the limitations of structure based, machine learning based and behaviour-based classifiers and is proven to be more accurate and robust than the base Sybil guard algorithm.

Read more...

International Computer Security Day 2021: A Day to Strengthen Our Cyber Defences

Something that most businesses are beginning to understand is that, in today’s hyper connected age, robust cybersecurity is no longer an option, it’s a necessity.  In the UK alone, 39% of all businesses have suffered a data breach within the past 12 months, and this figure increases substantially for medium (65%) and large enterprises (64%). So, this Computer Security Day, what should organisations be doing to better protect their most valuable assets from cyber threats?

Read more...

Black Friday 2021: Top tips to keep your business safe and maximise sales

Black Friday has gathered momentum in the UK over the past decade, becoming the peak Christmas shopping day. This year, customers are expected to spend £9.2 billion over the weekend – 15% more than last year.
However, while retailers are looking to ramp up their offerings and optimise sales, businesses and consumers alike must protect themselves against the cyber-criminals poised to take advantage of the spike in online-spending – from ‘too good to be true’ phishing emails, to online fraud.
This Black Friday weekend, we spoke to a range of industry experts, who offered their advice on getting ready for the busy period – and protecting against the increased threat.

Read more...

Identifying the Phishing Websites Using the Patterns of TLS Certificates

With the recent rise of HTTPS adoption on the Web, attackers have begun “HTTPSifying” phishing websites. HTTPSifying a phishing website has the advantage of making the website appear legitimate and evading conventional detection methods that leverage URLs or web contents in the network. Further, adopting HTTPS could also contribute to generating intrinsic footprints and provide defenders with a great opportunity to monitor and detect websites, including phishing sites, as they would need to obtain a public-key certificate issued for the preparation of the websites. The potential benefits of certificate-based detection include (1) the comprehensive monitoring of all HTTPSified websites by using certificates immediately after their issuance, even if the attacker utilizes dynamic DNS (DDNS) or hosting services; this could be overlooked with the conventional domain-registration-based approaches; and (2) to detect phishing websites before they are published on the Internet.

Read more...

Authentication Mechanisms in the 5G System

The 5G system introduces multiple new authentication mechanisms. The initial 5G specification in 3GPP Release 15 defines the initial security solution including primary and secondary authentication. Further enhancements and additional security features are added in Release 16; some of them introduce new types of authentication. As a result, the scope and meaning of ‘authentication’ has expanded. This is a new trend in the 5G system as it introduces new concepts that did not exist in the preceding generation systems. One such example is the slice authentication for which the authentication is performed at the network slice level. As a result, the authentication mechanisms become more complex. This paper clarifies the details of each of these different authentication mechanisms.

Read more...