Latest news with #networksecurity
The Guardian
5 days ago
- Business
- The Guardian
Virgin Media O2 mobile users' locations exposed for two years in security flaw
The locations of millions of Virgin Media O2 mobile customers were exposed for up to two years until a network security flaw was corrected, it has emerged. Before the fix was implemented on 18 May, anyone with a Virgin Media O2 sim card could use their phone to obtain sensitive information about the network's other customers using a 4G-enabled device, including their location to the nearest mobile mast. The flaw has now been patched and reported to the UK's communications and data protection regulators. Virgin Media O2 said there was no evidence that its network security systems had been externally breached. The locations of customers could be tracked most precisely in urban areas, where mobile masts cover areas as small as 100 square metres. Dan Williams, an IT specialist who discovered the defect, wrote that he was 'extremely disappointed' not to receive a response when he flagged the issue, which was resolved only after he blogged about it two months later, on 17 May. He said there had been no explanation for the delay. He wrote: 'I don't want to be the enemy, I simply want to feel comfortable using my phone.' Williams noticed Virgin Media O2's failure to configure its 4G calling software correctly when he was looking at messaging between his device and the network to work out call quality between himself and another O2 customer. 'I noticed that the responses from the network were extremely long, and upon inspection noticed that extra information from the recipient of the call was sent to the call initiator,' he told the Guardian. This included normally private information, such as the cell ID, which is the current cell tower a caller is connected to; information about sim card, which could be used for a cyber-attack; and the phone model, which can be used to work out how to access it. He believed that it was 'possible this was used in the wild and not reported against' though there was no way to quantify that. If it had been that would be 'quite a large problem', as 'there are situations where this data is extremely, extremely sensitive', for example domestic abuse survivors or government workers, he added. 'I came across it by accident. Someone purposefully trying to find these kinds of vulnerabilities would have probably come across it,' he said. 'There are white papers detailing this exact scenario and warning networks against doing this.' The FT, which first reported Williams's findings, said he had tested the problem with another O2 customer, successfully tracking them to Copenhagen, Denmark. Disabling the 4G calling feature on devices would have prevented them from being tracked, though this is not possible on some handsets, such as iPhones. The issue may have also affected some customers of Giffgaff and Tesco Mobile, which use Virgin Media O2's network. Sign up to Business Today Get set for the working day – we'll point you to all the business news and analysis you need every morning after newsletter promotion Alan Woodward, cybersecurity professor at Surrey University, said location data 'could be valuable for scams such as social engineering, or even blackmail' and for phishing attempts referencing a recent location, though they would need other information about the person for this to work. He said this was unlikely to happen for normal people who were not criminal targets, but nevertheless fixing the vulnerability should have been a 'matter of urgency'. A Virgin Media O2 spokesperson said: 'Our engineering teams had been working on and testing a fix for this configuration issue over a number of weeks, and we can confirm this fix was fully implemented on 18 May. 'Our customers do not need to take any action, and we have no evidence of this issue being exploited beyond the two illustrative examples given by a network engineer in his blog which we reported to the ICO [Information Commissioner's Office] and Ofcom. There has been no external compromise of our network security at any time.' An Ofcom spokesperson said it was 'aware that O2 has experienced a network security issue', and is in contact with the provider to establish the scale and cause of the problem. An ICO spokesperson said that after assessing the information provided by Telefonica and remedial steps taken, 'we will not be taking further action at this stage'.
CNET
22-05-2025
- CNET
My Tips on the 5 Settings You Should Change on Your Router Right Away
When you get a new router, it's tempting to just plug it in, get online as quickly as possible and move on. However, given your router is responsible for directing nearly 100% of all internet traffic in your home network, it's definitely worth taking a few minutes to update some security settings before you move on with your day. As CNET's router expert, I know a few easy tricks for creating a secure Wi-Fi network and when I bought my own router, these were the first settings I updated -- and you should, too. Whether you just invested in your own router or you're renting one from an ISP, here is what to update on your new Wi-Fi router to enjoy browsing and streaming safely. For context, I'm an Xfinity (Comcast) subscriber, but the tips here should translate no matter what internet provider you use. 1. Change the network name and password To change the username and password, you'll need to log into your provider's website or mobile app. Log in to your account and look for a section for Network or W-Fi settings. On Xfinity's website, I clicked WiFi Details to change the name of my Wi-Fi network and set a new password. Choose a password -- or better yet, a passphrase -- that you'll remember but isn't too easy to guess. Matt Elliott/CNET 2. Choose a security mode If you set a strong password for your router, then you've taken the first step of securing your network rather than leaving it open for anyone to access. With a password set on a modern router, you are most likely using WPA2 or WPA3 encryption. Locating local internet providers WPA, or Wi-Fi Protected Access, is a 256-bit encryption protocol that is more secure than the older, weaker WEP standard that uses 64- or 128-bit encryption. WPA2 improves upon WPA by using a stronger encryption algorithm. It uses the Advanced Encryption Standard (AES) algorithm that is more secure than WPA and its TKIP (Temporal Key Integrity Protocol) algorithm. WPA3 stepped up the security measures even further, strengthening password security, data encryption and smart home connections. Many routers offer a mixed mode of WPA2 and WPA3 so that older devices that pre-date WPA3 can connect to your network. WPA2 has been around for more than 10 years so it's unlikely that your router is still using WPA encryption. When choosing the security mode for your router, I would go with WPA3 and only switch to mixed mode if you have an ancient device that won't connect to your WPA2-protected network. 3. Check network mode and bands If you're using a newer Wi-Fi 7 router, it broadcasts in three frequencies: 2.4, 5, and 6 GHz. These are the frequencies with which your wireless network broadcasts radio waves to transmit information. All three frequency bands should be on by default, but check the advanced settings of your provider's website or app to check the status of both to make sure they are active. The 2.4GHz band is more crowded because it's the frequency many common electronics in your household use, from cordless phones and baby monitors to garage door openers and microwaves. You might run into network interference with 2.4GHz, but it allows older devices to connect to your network. The 5GHz band is less congested and faster but has shorter range than the 2.4GHz band. The 6GHz band is significantly faster than the other two, but it works best when your devic around 15 feet or closer to your router. With all three modes operating, your router will choose the best mode for each of your network devices. 4. Enable parental controls Look for a Parental Controls or Access Restrictions section to establish some boundaries for your kids' devices. With Xfinity, click the People tab to set up profiles for your kids. You can assign devices for each profile and then hit Pause for any or all devices of a profile to give them a break from Instagram, Snapchat, texting and everything else on the Internet. You can also enable parental controls for a profile to "reduce the risk of accessing objectionable websites and apps and enable protective search settings for Google, Bing and YouTube." You'll also find the option to set active hours for your kids' devices. Xfinity calls it Bedtime mode, which lets you set the hours the internet is and isn't available. There are different options for weeknights and weekends. Matt Elliott/CNET 5. Set up guest network Creating a guest Wi-Fi network saves you from potentially giving visitors access to shared computers and files on your network as well as the hassle of needing to tell them your complicated or embarrassing Wi-Fi password. In your account settings, look for Guest Network or Home Hotspot. Matt Elliott/CNET With Xfinity, I couldn't find this setting with the other Wi-Fi settings but instead had to move a level up to my general account settings. From the main account page, it was listed under Settings. With it enabled, Xfinity started broadcasting a separate network called "xfinitywifi" that guests can use without needing to track me down for a password.
Globe and Mail
13-05-2025
- Business
- Globe and Mail
Growing Prevalence of Cyber Threats Causing Tech Companies to Invest Heavily in AI-Powered Cybersecurity Solutions
PALM BEACH, Fla., May 13, 2025 (GLOBE NEWSWIRE) -- FN Media Group News Commentary - The Artificial Intelligence (Al) in cybersecurity market is rapidly expanding as organizations increasingly adopt Al-driven solutions to improve threat detection, prevention, and response to evolving cyber risks. The network security segment dominated the Al in cybersecurity market expansion in 2024 due to the critical need to safeguard organizational networks from evolving cyber threats. A report from an industry insider said that: 'The global AI in cybersecurity market assessment, based on type, includes network security, endpoint security, application security, and cloud security. The network security segment dominated the AI in cybersecurity market expansion in 2024 due to the critical need to safeguard organizational networks from evolving cyber threats. Securing networks against malware, phishing, and ransomware attacks has become a top priority as enterprises increasingly adopt digital transformation initiatives and cloud-based infrastructures. AI-powered network security solutions excel in real-time traffic analysis, abnormality detection, and proactive threat mitigation, ensuring robust protection of sensitive data and operational continuity. This essential role in securing core systems and communications highlights the network security segment's dominance. The global AI in cybersecurity market evaluation, based on application, includes identity & access management, risk & compliance management, data loss prevention, unified threat management, fraud detection/ anti-fraud, threat intelligence, others. The data loss prevention segment is expected to witness the fastest AI in cybersecurity market growth during the forecast period due to the rising emphasis on safeguarding sensitive and confidential information.' Active companies in cybersecurity news today include Cycurion Inc. (NASDAQ: CYCU), Cloudflare, Inc. (NYSE: NET), Palo Alto Networks ® (NASDAQ: PANW), Broadcom Inc. (NASDAQ: AVGO), CrowdStrike (NASDAQ: CRWD). The report continued: 'Organizations face heightened risks of accidental leaks or intentional data breaches with increasing volumes of data being generated and exchanged. AI-driven DLP solutions offer advanced capabilities to monitor, identify, and prevent unauthorized data transfers or exposure, ensuring compliance with strict data protection regulations such as Digital Personal Data Protection Act (DPDPA), California Consumer Privacy Act (CCPA), and others. This growing need for robust data security across industries positions the DLP segment for accelerated adoption during the forecast period. North America dominated the AI in cybersecurity market revenue in 2024 due to the region's advanced technological infrastructure and high adoption of innovative security solutions. The presence of major cybersecurity companies such as IBM and AWS and early adopters of AI-driven technologies across industries such as finance, healthcare, and government especially contributed to market dominance.' Cycurion Inc. (NASDAQ:CYCU) Secures $33 Million Contract Renewal to Enhance Cybersecurity for State- Level Public Higher Education Institutions - Cycurion ('Cycurion' or the 'Company'), a trusted leader in IT cybersecurity solutions and AI, announces that it has been awarded a significant contract renewal by a major state-level public higher education group. Under this renewed agreement, Cycurion will deliver comprehensive cybersecurity services to member universities and colleges within the group, ensuring they are equipped to defend their education-focused operations and digital assets against the ever-evolving landscape of cyber threats. The renewal, valued at $33 million over the five-year term, extends Cycurion's partnership through November 2030. Comprehensive Cybersecurity Services - As part of this renewed contract, Cycurion will provide an extensive suite of cybersecurity and governance, risk, and compliance (GRC) 24x7x365 managed support services, which include: • Enterprise Security Strategy: Developing a holistic approach to security that aligns with institutional goals and protects valuable digital assets • Risk & Vulnerability Assessment & Testing: Continuous evaluation and testing of security measures to identify vulnerabilities and enhance defenses • Disaster Recovery: Strategies and solutions to restore systems and data after disruptive events • Business Continuity Planning: Ensuring ongoing operations during and after a security incident • Forensics and Recovery Services: Comprehensive support for incident investigation and data recovery • Regulatory Compliance Analysis: Assisting institutions in meeting federal and state compliance requirements 'We are honored to continue serving this key state-level public higher education group customer,' said L. Kevin Kelly, CEO of Cycurion. 'The contract underscores the capabilities and value proposition of Cycurion's suite of managed information technology support services and our commitment to minimizing cybersecurity risk for our education vertical clients.' Opportunity for Broader Access - In addition to the member institutions of this State- Level Public Higher Education Group, any university or governmental entity across the United States can leverage this contract vehicle to access our cybersecurity services. The contract provides a streamlined pathway for educational and governmental organizations to enhance their cybersecurity posture without the need for an extensive procurement process. CONTINUED… Read this entire press release and more news for CYCU at: In other developments in the markets of note: Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, recently announced a wave of global technology companies, including Asana, Atlassian, Block, PayPal, Sentry, Stripe, and more, are working with Cloudflare to create powerful AI experiences through Anthropic's AI assistant, Claude. These software companies are enabling Claude and other AI assistants to securely interact with their services on behalf of users, through connections built on Cloudflare Workers. Now users can complete tasks and interact with their favorite business tools through natural conversations with Claude, rather than working directly in the application. AI is already transforming the way we work by helping to edit emails, generate code, and analyze data. However, it still often requires the user to switch between multiple applications, tabs, and tools to implement the actions it recommends. For truly autonomous, agentic AI experiences, AI tools should be able to act on the user's behalf. That can only happen if AI tools can directly interact with business software tools. MCP servers allow AI platforms to connect directly to the popular tools where data resides so the user can send an email, answer a question about a marketing campaign, or create invoices–all without leaving the AI assistant. But delivering reliable, low-latency, and secure access to external tools and data is a significant technical challenge, especially at global scale. Palo Alto Networks ® (NASDAQ: PANW), the global cybersecurity leader, and the National Hockey League (NHL ®) recently unveiled Cortex XSIAM ® 3.0, the next evolution of its industry-leading SecOps platform, bolstered with proactive exposure management and advanced email security, enabling customers to further consolidate on Cortex for significantly better, faster and more cost-effective security operations. Three years ago, Palo Alto Networks anticipated the future of security operations by introducing Cortex XSIAM, which consolidates and normalizes all cybersecurity data to fuel advanced, real-time analytics and automation, making disjointed point products obsolete. The best-selling platform surged past $1 billion cumulative bookings in FY25 Q2, making it our fastest offering to reach this milestone. Earlier this year, Palo Alto Networks doubled down on cloud security with the introduction of Cortex Cloud, converging its industry-leading CNAPP and CDR capabilities on the unified Cortex platform. Broadcom Inc. (NASDAQ: AVGO) recently announced Incident Prediction, an industry-first security capability that extends Adaptive Protection, a unique feature of Symantec Endpoint Security Complete (SES-C), by leveraging AI to identify and disrupt living-off-the land (LOTL) attacks and other cyberthreats. Trained on a catalog of over 500,000 real-world attack chains built by the world-class Symantec Threat Hunter Team, Incident Prediction puts the advantage back in defenders' hands by: predicting attackers' behaviors, preventing their next move in the attack chain even when they're using legitimate software, and then quickly returning the enterprise to its normal state. With Incident Prediction, SES-C delivers exceptional cyber resilience against motivated adversaries. CrowdStrike (NASDAQ: CRWD) recently released its 2025 State of SMB Cybersecurity Report, uncovering a widening gap between cybersecurity awareness and readiness among small and medium-sized businesses (SMBs). While 93% of SMBs consider themselves knowledgeable about cybersecurity risks and 83% report having a plan in place, just 36% are investing in new tools – and only 11% have adopted AI-powered defenses. Based on insights from SMB decision-makers across industries and company sizes, the research reveals that despite rising awareness, most SMBs still lack the budget, tools and in-house expertise to stop modern threats. With attacks becoming more advanced and frequent, SMBs need protection that's easy to use, affordable to deploy and built to scale with their business. About FN Media Group: At FN Media Group, via our top-rated online news portal at we are one of the very few select firms providing top tier one syndicated news distribution, targeted ticker tag press releases and stock market news coverage for today's emerging companies. #tickertagpressreleases #pressreleases Follow us on Facebook to receive the latest news updates: Follow us on Twitter for real time Market News: DISCLAIMER: FN Media Group LLC (FNM), which owns and operates and is a third party publisher and news dissemination service provider, which disseminates electronic information through multiple online media channels. FNM is NOT affiliated in any manner with any company mentioned herein. FNM and its affiliated companies are a news dissemination solutions provider and are NOT a registered broker/dealer/analyst/adviser, holds no investment licenses and may NOT sell, offer to sell or offer to buy any security. FNM's market updates, news alerts and corporate profiles are NOT a solicitation or recommendation to buy, sell or hold securities. The material in this release is intended to be strictly informational and is NEVER to be construed or interpreted as research material. All readers are strongly urged to perform research and due diligence on their own and consult a licensed financial professional before considering any level of investing in stocks. All material included herein is republished content and details which were previously disseminated by the companies mentioned in this release. FNM is not liable for any investment decisions by its readers or subscribers. Investors are cautioned that they may lose all or a portion of their investment when investing in stocks. For current services performed FNM was compensated fifty two hundred dollars for news coverage of the current press releases issued by Cycurion Inc. by a non-affiliated third party. FNM HOLDS NO SHARES OF ANY COMPANY NAMED IN THIS RELEASE. This release contains "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E the Securities Exchange Act of 1934, as amended and such forward-looking statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. "Forward-looking statements" describe future expectations, plans, results, or strategies and are generally preceded by words such as "may", "future", "plan" or "planned", "will" or "should", "expected," "anticipates", "draft", "eventually" or "projected". You are cautioned that such statements are subject to a multitude of risks and uncertainties that could cause future circumstances, events, or results to differ materially from those projected in the forward-looking statements, including the risks that actual results may differ materially from those projected in the forward-looking statements as a result of various factors, and other risks identified in a company's annual report on Form 10-K or 10-KSB and other filings made by such company with the Securities and Exchange Commission. You should consider these factors in evaluating the forward-looking statements included herein, and not place undue reliance on such statements. The forward-looking statements in this release are made as of the date hereof and FNM undertakes no obligation to update such statements. Contact Information:
CNET
12-05-2025
- CNET
Slow Wi-Fi in Your Apartment? You Can Fix It in 5 Simple Steps
Apartment buildings are notorious for crowded Wi-Fi signals. There are a mass of devices demanding airspace simultaneously, along with heavy beams and metal obstructions -- not to mention that if your Wi-Fi router isn't centrally located, the strength of your signal may be spilling into your neighbor's space. Working from home, trying to stream your favorite show, and gaming are all activities that, while essential to a lot of us, are difficult to maintain without a strong Wi-Fi signal. It can make you feel powerless. But there are a few steps to improve your signal and get a better Wi-Fi connection in your apartment. Oh, one more thing. All things being equal, your first move should be to explore whether you can use a different internet service provider that better fits your needs and budget. However, when it comes to living in an apartment building, you often don't have much choice regarding your ISP. Many apartment complexes have contracts with specific ISPs, so even if multiple providers are available in your area, you may be bound by your lease to stick with the one you have. That's enough preamble. Let's get into it. Secure your Wi-Fi signal Buttoning down your network security is an essential first step, no matter where you live, but it's especially crucial if you're renting an apartment and using the equipment that came with the place. Start by changing your router's network name and password -- and make sure you change that password every so often. If you're using a device provided by your internet provider, you should be able to use its app to easily change the information, or by typing your router's IP address into the URL bar. Locating local internet providers When it comes to your new password, make sure it's anything but simple. It's tempting to keep it uncomplicated so it's easier to remember, but you want to make it difficult for others to crack (and we suggest use a password manager to help remember it). Go channel surfing Your router most likely uses two bands -- 2.4GHz and 5GHz -- and within each of those bands are channels for sending and receiving your Wi-Fi signal. Your Wi-Fi issues may stem from your use of the same channel as many of your neighbors. Or, in other words, you're all clogging up the same lanes. The solution is to hop off that crowded channel and find one with a little less traffic. You can use your router's Wi-Fi utilities (either through an app or via the web) to scan for the least-used channel available and set your router to that channel. As you're doing this, it's a good idea to use an internet speed test to compare how your Wi-Fi performs on the different channels. Actually, it's a good idea to run a speed test before you change any settings. That way, you have a baseline idea of how your Wi-Fi was (barely) functioning and can later see how these new channels are performing in comparison. Ideally, you shouldn't have to do this channel check daily, but if it's effective for solving laggy Wi-Fi issues -- you can lean on it whenever you run into trouble. Move your router Sometimes the simplest solution is the best solution. Perhaps the reason for your slow Wi-Fi is the poor placement of your router. Is it tucked away to the side of the house? Is it being blocked by a large piece of furniture or appliance? Try giving your router some space. While you might be tempted to tuck it away to hide those ugly cables, you could be inadvertently impeding your router's ability to send a clear signal throughout the house -- and instead passing that signal to your neighbors. Location is crucial to a healthy Wi-Fi signal. Some places to avoid placing your router include the kitchen, which is full of large metal appliances, particularly your microwave, which interferes with the router's signal. Your microwave and your router run on similar frequencies, so your Wi-Fi connection will be disrupted if it's near the microwave. Move it away from other high-demand Wi-Fi devices, like your smart TV or PlayStation. Again, having all those devices near one another will interfere with the functions of your router. Finally, try moving the router closer to the center of the apartment. This should enable a more equitable sharing of the Wi-Fi wealth among everyone in the place, and in theory, your router should perform better as well. Get a Wi-Fi extender It's common in apartments for your router to be permanently installed in a set location with wires, making it impossible for you to move your router at all. But all is not lost in this scenario. You can turn to a Wi-Fi extender to extend your signal. This shouldn't be too big of an investment or commitment -- decent options can range from just under $30 to around $100 -- and it could pay huge dividends in bettering your Wi-Fi signal. Depending on the size of your place, you might only need one Wi-Fi extender. Be sure to place it in your apartment's "dead spot" and see if you can bring that area to connected life. One thing to note: Getting a Wi-Fi extender doesn't mean you skip the previous steps. For example, you should still take an internet speed test, secure your Wi-Fi with a password, and explore the best channel for faster speeds. If you and everyone in the building are on channel 11 or 144, you'll likely still have issues even if you use a Wi-Fi extender. Invest in a mesh system If you use the internet heavily in your apartment (like streaming or gaming), you've likely outgrown the router from your ISP. If all else fails, or you live in a larger apartment, you may need to explore a pricier -- but still affordable -- option. Investing in a good quality mesh router will strengthen your Wi-Fi signals -- and keep you from paying extra for a router from your ISP. A mesh router offers range-extending satellites that can help you stretch your signal past 100 feet. If you'd like to integrate your router into your smart home, look for ones that specifically work with your devices (Google, Alexa, HomeKit, etc.). If your apartment is a temporary living situation, consider buying a system with Wi-Fi 6E or Wi-Fi 7 and other forward-thinking capabilities. For example, you might want to prioritize the router's ability to handle multigigabit speeds. Or ensure you can add more satellites to your system if your home size or number of devices grows. What's the final word on slow apartment Wi-Fi? Perhaps I should have started with this, but I'll go ahead and end with it. If you're having trouble with the Wi-Fi router in your apartment and experiencing speeds well below what your ISP advertised, I have to ask: Did you try restarting it? I know. I'm not fond of hearing that question, either. It makes me feel like an idiot. But sometimes, it can be that simple. Just try rebooting your router. But if that doesn't work, you've now got a roadmap of other options to try as well. Apartment Wi-Fi FAQs Will my Wi-Fi speed always be bad because I live in an apartment? Not necessarily. Certainly, living in an apartment means you'll have challenges regarding your Wi-Fi connection. Namely, the proximity of other neighbors and the potential interference of all their devices and signals. But it doesn't mean you're destined to have bad Wi-Fi. It just means you might have to work a little to optimize your Wi-Fi experience. Is there a way to upgrade my apartment's Wi-Fi? Yes. Perhaps the quickest way to upgrade your Wi-Fi is to get a faster speed plan from your internet provider. However, that might not be financially feasible for many. So the next best option is to try to move your router to a more central location in your apartment. That should provide better Wi-Fi to more areas of your place. But if that's not successful, you could try purchasing a Wi-Fi extender to expand the reach of your Wi-Fi connection within the apartment.
