A new study looking at industrial control systems (ICS) security in the energy industry reveals a majority of respondents are worried about potentially catastrophic effects from a successful cyber attack.
The study carried out for security and compliance specialist Tripwire by Dimensional Research included 151 IT and operational technology (OT) security professionals at energy and oil and gas companies.
Most businesses are seeking to automate the more tedious aspects of their operations and some new research from security analytics platform Cybereason reveals that hackers are no exception.
The company set up a honeypot system masquerading as a financial services company and introduced security flaws in several stages.
The German federal government is moving to an open source, self-hosted cloud platform from Nextcloud for file sync and sharing and collaboration, in order to protect the data of its citizens.
The Federal Information Technology Center (ITZBund), which takes care of IT services for the entire federal government, has been running a pilot of 5000 users with Nextcloud since October 2016 and after a successful tender this will now be rolled out everywhere.
More than 20 million Chrome users have been tricked into installing fake ad blockers that could see their machines recruited into a botnet, according to a new report.
A fake AdBlock Plus extension fooled many users last year. As many Chrome users discover ad blocking by browsing available extensions, so creating cloned fakes has become a popular tactic for cyber criminals according to AdGuard.
A new survey of channel partners by container platform specialist Diamanti reveals that resellers and service providers see the adoption of containers as a massive disruption and opportunity.
Enterprises are rapidly adapting their applications and systems for the cloud, and containers are viewed as a key enabling technology. According to Diamanti's survey, more than 75 percent of channel partners say containers represent a moderate or major money-making opportunity.
A new survey reveals that 60 percent of companies are not likely to meet the May 25 deadline for compliance with the new European GDPR legislation.
The study from Crowd Research Partners shows only seven percent of surveyed organizations say they are in full compliance with GDPR requirements today, and 33 percent state they are well on their way to the compliance deadline.
Hardware authentication specialist Yubico is announcing a new FIDO2 compatible security key which will be supported in Windows 10 devices and Microsoft Azure Active Directory (Azure AD).
This means that organizations will have the option to enable employees and customers to sign in to an Azure AD joined device with no password, simply by using the security key to get single sign-on to all Azure AD based applications and services.
Public cloud services are now in use in 97 percent of organizations, but one in four have experienced data theft and cloud-first strategies are on the decline.
These are among the findings of the latest annual cloud report from McAfee. Among other highlights are that 83 percent store sensitive data in the public cloud and 69 percent trust the public cloud to keep their sensitive data secure. However, one in five organizations has experienced an advanced attack against its public cloud infrastructure.
Cyber security company ESET is using this week's RSA Conference in San Francisco to launch its new range of enterprise security products.
These include a new ESET Enterprise Inspector, an Endpoint Detection and Response (EDR) solution, and ESET Dynamic Threat Defense, a tool that provides off-premise cloud sandboxing, which leverages machine learning and behavior-based detection to prevent zero-day attacks.
Breaches related to open source components have grown 50 percent since 2017, and an eye-opening 121 percent since 2014, according to a new survey from open source governance and DevSecOps automation specialist Sonatype.
But the survey finds that those companies with mature DevOps practices are 24 percent more likely to have deployed automated security practices throughout their development lifecycle.
The UK can be a world leader in the development of AI says a report released today from the House of Lords Select Committee on Artificial Intelligence.
The report sets out five principles for the use of AI which have some echoes of Asimov's laws of robotics. The principles are:
In a classic example of social engineering, well-known names from the BBC's Dragons' Den TV series and others are being used to advertise a cryptocurrency scam.
Websites claiming to offer cryptocurrency investments are using images and false recommendations from prominent individuals including Deborah Meaden and Peter Jones from Dragons' Den, and Martin Lewis, the founder of MoneySavingExpert.com, without their consent.
Targeted attacks launched via a compromised account were the most successful email attack vector in the past 12 months according to new research.
The study carried out for email security company Agari by Osterman Research reveals that 44 percent of organizations have been victims of a successful ATO-based attack.
Security platform Illumio and cloud security and compliance platform Qualys are announcing a new integration that will enable organizations to visualize vulnerabilities across data centers and clouds.
Threat data from the Qualys Cloud Platform is integrated with the Illumio Adaptive Security Platform’s application dependency mapping to show potential attack paths in real time. The integration delivers vulnerability maps, enabling organizations to see connections to vulnerabilities within and between applications.