Last week marked the end of the 2016 Summer Olympics and this year we witnessed several impressive moments. The image of Usain Bolt, giant smile and legs a-blur, is hard to forget. But equally memorable are the times that team efforts outshone those of any individual. This concept of building a cohesive, top-performing team that is more than the sum of its parts is echoed in an emerging security trend: the new cybersecurity stack.
Like the Olympics, the security industry is a highly-visible playing field, with all the fanfare and expectations and often failed dreams. Security hopes are pinned on New Gen "superstars" that are highly hyped yet don’t deliver the promised gold. However, the failure isn’t necessarily the product, but the expectation that one solution can keep endpoints secure.
The rate of change required for business software has increased dramatically in recent years. In order to keep up many firms rely on APIs but these introduce their own problems, especially in regard to security.
Identity and device management company Okta is launching a new service that secures the connections between applications, services and APIs.
If someone told you passwords were a thing of the past, you might well laugh in disbelief.
Undoubtedly, passwords have been the cornerstone of digital security for a long time. As technology has improved, however, passwords have become increasingly easy to hack, forcing the IT community to search for new solutions. Most people regularly use weak passwords -- in fact we’re getting worse at this -- but with the constantly expanding list of websites and services, the demand for us to remember unique usernames and passwords for is growing all the time.
Russian internet giant Mail.ru has been hacked once again, and some 25 million accounts associated with forums run by the company have been compromised.
Among the data that was stolen are usernames, passwords (easily crackable, according to Secure CloudLink), email addresses, phone numbers, birthdays and IP addresses.
Iran, much like China, is not a country that has the best reputation when it comes to granting citizens unfettered access to the internet. Now, a new initiative is underway, which sees the roll out of its own 'domestic internet', dubbed the National Information Network.
The country is rolling out its own national internet in a bid to provide affordable internet access to people, but there are concerns that there will be severe limits placed on online activity. Iran already blocks access to the likes of Facebook and Twitter, and a government-controlled internet, it is feared, could lead to a further erosion of privacy and individual control.
Identifying and prioritizing cyber threats is a problem for large organizations and it's easy to become overwhelmed with information. This is why, increasingly, they're turning to solutions to automate the process.
Risk analysis specialist Bay Dynamics is launching a new version of its analytics platform, Risk Fabric, that helps companies measure, communicate and reduce cyber risk. It automatically delivers prioritized threat and vulnerability information, based on the value of assets at risk, to the business leaders who are responsible for those assets.
Opera Software is advising all users of the sync feature of its Opera browser to change their passwords following a security breach. Details are a little scant at the moment, but the company says that servers were breached earlier in the week and user data may have been compromised.
Opera Sync is used to synchronize user data between different computers but it is apparently used by under "0.5% of the total Opera user base". However, with a user base of 350 million this means that upwards of 1.7 million people could be affected.
Phishing attacks continue to get cleverer as the people behind them refine their social engineering techniques. The latest attack uncovered by Comodo Labs targets users of the popular GoDaddy web hosting service.
The scam sends out email from what appears to be firstname.lastname@example.org. Within the body of the phishing email, the user is notified that their email account storage has been maxed out and that incoming emails are being rejected.
Security researchers have unearthed three serious security flaws in iOS that made it possible to install spyware and other malware on iPhones. Software exploiting the vulnerabilities (described as "one of the most sophisticated pieces of cyberespionage software we've ever seen") can be installed with a single click, opening up victims' devices to full-scale surveillance.
The security holes have already been abused by NSO Group -- linked with selling hacking and surveillance software to governments -- but Apple has now issued a fix in the form of iOS 9.3.5. The update fixed two kernel vulnerabilities and one in WebKit, all discovered by Citizen Lab and Lookout.
Dropbox users around the world are being told to change their account passwords. Anyone who has been using the cloud storage service since before the middle of 2012 and has not changed their password may have had some of their account details 'obtained' in an incident in 2012.
Dropbox says that email addresses plus hashed and salted passwords were grabbed four years ago. The company stresses that there are no indications that accounts have been improperly accessed and the security measures are being taken on a preventative basis.
Not so many years ago corporate IT security involved installing a firewall and antivirus solution. But the threat landscape has now become much more complicated and is changing faster than ever.
Companies need to be aware of these changes and make sure their security arrangements can keep up. We spoke to Shai Gabay, the chief innovation officer of security operations and advanced threat detection specialist CYBERBIT, to find out more about the risks and solutions.
The updated policy also communicates the fact that end-to-end encryption has rolled out, but it is the privacy side of things that will be of greater interest to many people.
Cyber criminals are frequently turning to insiders to gain access to telecommunications networks and subscriber data, according to a new report from Kaspersky Lab.
According to the report, 28 percent of all cyber-attacks and 38 percent of targeted attacks now involve malicious activity by insiders.
New research from data protection company Bitglass into breaches in the financial services industry reveals that leaks nearly doubled between 2014 and 2015, and that lost and stolen devices are the most common cause.
While hacking remains a major fear, only one in five leaks were caused by it. Other breaches were the result of unintended disclosures (14 percent), malicious insiders (13 percent), and lost paper records (8.1 percent).
SaaS application adoption is growing fast and with it comes increasing expectations to be able to access any application from anywhere on any device.
Consequently organizations want login solutions that can help them reduce risks in their environment, deliver a better experience for their end-users, and adapt to the complexities of existing infrastructure and new applications.