It’s all too easy for a malicious app developer to determine a user’s Apple ID password – just by asking for it.
Developer Felix Krause warns users to be on their guard against password-stealing apps that dupe users into entering their sensitive passwords by using fake login dialogs disguised as legitimate requests from the underlying iOS operating system.
​
The problem lies in the fact that with just a few lines of code, a third-party app developer can pop up a password prompt that looks identical to a legitimate one created by iOS.

By Razvan Muresan on Aug 22, 2017 | 

​Some 90 percent of boards of directors in the US address cybersecurity as a serious risk management issue with severe reputation and financial consequences, while only 8 percent haven’t done it so far, according to a recent Bitdefender survey.

Some 60 percent of IT security decision makers in the US say their companies could ‘definitely’ be a target of cyberespionage campaigns using advanced persistent threats (APTs), according to a recent survey by security firm Bitdefender. These complex cyber tools are crafted for high-profile entities and operate by silently gathering sensitive data over long periods. Another 35 percent of respondents say their IT infrastructure could ‘possibly’ be targeted in high-level cyberespionage actions that exfiltrate intelligence systematically.
​

By Filip Truta on Aug 16, 2017 | 

​Organizations worldwide are on track to spend a cumulative $86.4 billion on information security products this year, a 7 percent increase over 2016, Gartner reports. The research firm anticipates that figure will climb to $93 billion in 2018.

The IT-focused advisory firm projects fast growth for the security testing market. Despite the relatively small base, the infrastructure-protecting segment continues to suffer data breaches, fueling demand for application security testing.

“Spending on emerging application security testing tools, particularly interactive application security testing (IAST), will contribute to the growth of this segment through 2021,” says Gartner.
​

By Razvan Muresan on Jul 17, 2017 |

​Some 75 percent of US CISOs state the worst consequences of an attacker gaining access to their companies’ most valuable asset would be the financial cost and reputational damage. However, few say the financial cost could lead to bankruptcy 35%.

In Sweden, 65 percent of those surveyed expect cyber criminals accessing prized assets could lead to the downfall of the company. Reputational costs are perceived most as a main threat in the UK, where almost 80 percent of respondents have mentioned it as the most dangerous risk to their business, almost triple the percentage of Italian IT execs.

Even if it sounds alarming, loss of life – mentioned by 39 percent of the Swedes - is a severe yet real consequence of an APT. Targeted attacks could also aim at critical national or transnational infrastructures (i.e. nuclear power plants, national energy grids, urban water supplies, transportation management systems, traffic controller systems, hospitals and other healthcare facilities). In a modern environment where automation has become a reality, targeted attacks can practically paralyze countries and, unfortunately, lead to human casualties.
​