Stories by Joan Goodchild

Concerns about the security of cloud applications are keeping a significant number of organisations from going further with deploying more of the technology, according to a new report.

In a world where we share more information online than ever before, it might seem impossible to disappear completely. But Frank Ahearn can help. A professional skip tracer for many years, he tracked down 'missing' persons for clients who were searching for them for legal or financial reasons. His arsenal included use of public records, credit reports, utility bills, criminal background checks, tax information and other revealing documents.

Malware creators are already using the news of Osama Bin Laden's death as a opportunity to try and dupe people into clicking on malicious links. According to cloud-security firm Zscaler, researchers were already seeing malicious sites emerge to capitalize on the news within hours of the announcement.

Last year, malware became increasingly more common on popular and trusted domains, according to research released this week by security firm Blue Coat Systems. Migration to popular hacked sites with trusted reputations and acceptable-use category ratings was the primary theme for hosting malware delivery infrastructure, researchers claim.

Rapid adoption of <a href="http://www.csoonline.com/article/347313/wireless-security-the-basics">mobile technology</a>, <a href="http://www.csoonline.com/article/529764/social-media-risks-the-basics">social media</a> and <a href="http://www.csoonline.com/article/596819/cloud-security-the-basics">cloud computing</a> in the workplace is creating a security problem for IT departments worldwide as they struggle to keep pace with demands, according to a survey released this week by security certification firm (ISC)2.

The biggest mobile infection threat isn't malware that specifically targets mobile devices, according to new research from security firm BitDefender. Malware that targets Facebook is a far bigger problem for mobile security, the firm claims.
Spam links on social networks are infecting mobile devices via bad links on Facebook because the worms and other malware are often platform-independent and are widely spread as malware that targets PCs.

The holiday scam season is upon us.
For Beth Jones, a senior threat researcher with Sophos, this time of year means an upswing in fraudulent activity online. Between malware authors looking to infect machines, and identity thieves hoping to con consumers out of credit card information, this is the prime month for behavior that qualifies for the naughty list.

Employee awareness of their companies' security policies is high - if you ask the employees. In a survey of 2,000 office workers, software security company Clearswift found almost three quarters, 74 percent, felt 'confident' that they understand their employers' internet security policies.
That is, policy designed to safeguard data and IT security, as well as maintain productivity. But the confidence is misplaced, Clearswift suggests in their summary of the findings, because a third of those surveyed have not received any training on IT security since joining their firm. And more than two thirds of those who have not had recent training joined their organisation more than five years ago - a 'technological lifetime,' notes Clearswift.

Most business report they have been negatively impacted by network disruptions in the last year, according to a new poll that attempts to gauge how organisations react to disruptions and the measures they are taking to improve their business continuity and disaster recovery plans.
The poll, conducted by technology products provider CDW LLC, surveyed 200 information technology decision makers at medium and large US businesses, each of which experienced significant network disruptions since July 2009. While 82 percent felt confident that their IT resources could sustain disruptions and support operations effectively, 97 percent admitted network disruptions had detrimental effects on their businesses in the last year.

Malware has become so common on the web that users are more likely to find malicious content while visiting popular sites than when they are on porn and gaming sites, according to research by security firm Websense
&quot;The path to malware often starts on recreational sites, and most of the top sites are perilously close to danger,&quot; said Websense officials in a release on the findings. &quot;We found that users of the top 1,000 sites are rarely more than two clicks away from malicious content.&quot;

There is a new breed of animal appearing in the infosec community, according to Dr. Jimmy Blake, chief security officer for Mimecast, a cloud-services company based in London, and host of the blog Cloud Computing and Bad Behavior.
The new breed is what he calls the &quot;attention monger&quot; (he actually used a more colorful word, but we toned it down for this article.) The attention monger is courting headlines with the media that add no real value to information security.

The umbrella of security responsibilities now includes brand protection at many companies and it seems like a constantly moving target. When the internet took off, organisations had to contend with scammers registering website domains using company names for fraudulent purposes. Now similar activity is happening on the hottest forum for brand abuse - social networks.
Terry Gudaitis, Director Cyber Intelligence for brand protection services firm Cyveillance, lays out some common fraud scenarios and gives advice on how to protect your organisation's good name.

Most organisations do not have a social networking policy, despite giving employees unfettered access to the popular websites, according to a survey conducted by Symantec earlier this month.
The survey was an attempt to gauge employee use of social media after a 2010 Symantec report on enterprise security found that enterprises view social media as a threat to security, said Kevin Haley, director of Symantec Security Response.

Security managers can keep blocking Facebook, refusing to support mobile devices and vetoing cloud-based services, but they aren't going away.

How many minutes, or hours, did you spend on Facebook today? Even if you spent just a few minutes on the popular social networking site during office hours, you're not alone. Data from Nucleus Research finds 77 percent of workers who have a Facebook account use it during work hours.
Sports events, online games, and entertainment sites, many of which cross the line between interesting and inappropriate, are all common distractions in today's office. It's not that these things are entirely new, but the Web 2.0 era--think social networks, URL shortners, video sites and more--presents wrinkles that require rethinking acceptable use policies.