Ian Barker

We can expect to see more than 1,900 new Common Vulnerabilities and Exposures (CVEs) per month in 2023, including 270 high-severity and 155 critical-severity vulnerabilities -- a 13 percent increase from published 2022 levels.

This is according to a report from cyber insurance provider Coalition, which finds that most CVEs are exploited within 90 days of public disclosure, with the majority exploited within the first 30 days.

Continue reading →

Due to the nature of modern software design and the sharing of open source images, security teams face a large number of container vulnerabilities according to a new report.

The study from Sysdig, based on real-world data sets covering billions of containers, thousands of cloud accounts, and hundreds of thousands of applications, finds 87 percent of container images have high or critical vulnerabilities.

Continue reading →

Last year Toyota suffered a data breach due to accidentally exposing a credential allowing access to customer data in a public GitHub repository.

This type of breach could be avoided if organizations turned their focus on credentials that are exposed within SaaS applications. We spoke to Corey O'Connor, director of product at SaaS security platform DoControl, about why he believes identity security needs to go beyond just protecting the keys.

Continue reading →

A new survey of 350 IT leaders in the US and UK shows 84 percent of respondents want a large portion of their storage to remain in the cloud, and two-thirds of them want as much storage in the cloud as possible.

On average, enterprises have put 57 percent of their storage in the cloud, whilst keeping 43 percent on premises.

Continue reading →

The software supply chain is increasingly being weaponized by attackers seeking to compromise businesses and steal information.

Application security specialist Checkmarx is looking to combat this with the launch of a new product which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.

Continue reading →

Economic pressures are forcing delays and price increases on connected device makers, with 38 percent experiencing delays in bringing devices to market, while almost half (48 percent) say they have been forced to increase prices.

New research from the Qt Group -- based on a survey of 250 embedded device manufacturers in the US, UK, France and Germany, conducted by Censuswide -- finds manufacturers are adopting various techniques in order to fuel efficiencies.

Continue reading →

According to new research, 62 percent of eCommerce organizations say that real-time data collection will be at the forefront of their priorities for 2023.

The study, carried out for Oxylabs by Censuswide, surveyed over 1,000 senior data decision-makers, split between UK and US eCommerce companies. It finds that as companies begin to rely more on efficient and low-cost data collection methods such as external data gathering, used by 40.54 percent of respondents, there is a clear shift towards gaining more actionable insights.

Continue reading →

Much of our current IT infrastructure relies on DNS to safely route traffic. Securing that infrastructure is in turn heavily reliant on cryptography, but there's a threat looming on the horizon.

Quantum computing will offer a level of processing power that could render current cryptographic techniques obsolete, and that's a problem for the entire internet and networking world. We spoke to Peter Lowe, principal security researcher at DNSFilter, to discuss the possible impact of quantum computing on security and what can be done to address the threat.

Continue reading →

These days no important topic is worthy of the name if it doesn't have a day devoted to it. Today (January 28) it's the turn of data privacy -- or data protection depending on who you talk to -- to take its turn in the spotlight.

As organizations gather ever more data, concerns around how it is stored and used have grown which has led to legislators taking an interest too.

Continue reading →

Threat hunting takes a proactive approach to identifying the security issues an organization might face. But since it tends to be based on intelligence about current threats it can overlook new ones.

Now though Trustwave has enhanced its Advanced Continual Threat Hunting platform, offering resulting in a three times increase in behavior-based threat findings that would have gone undetected by current Endpoint Detection and Response (EDR) tools.

Continue reading →

We're currently in the middle of a global chip shortage, while at the same time major hardware companies like Intel, NVIDIA and Arm are looking to dominate the hardware market for AI and ML applications.

This creates something of an issue where models have to be tuned and optimized according to specific hardware specifications and software frameworks, sacrificing the portability that the industry has come to take for granted..

Continue reading →

According to a new report, 77 percent of CIOs say their role has been elevated due to the state of the economy and they expect this visibility within the organization to continue.

The 22nd annual State of the CIO report from Foundry looks at how the CIO's role has changed over time, as well as an in-depth analysis of technology and business initiatives that CIOs plan to focus on in 2023.

Continue reading →

Since it was launched towards the end of last year ChatGPT has created quite a buzz, both for its legitimate uses and its potential to be abused.

Now though Island is announcing the integration of ChatGPT into its Island Enterprise Browser. It aims to provide deep contextual awareness, so you receive prompts that are informed by your behavior and relevant to what you're working on, as you work on it.

Continue reading →

The latest report from the GuidePoint Research and Intelligence Team (GRIT) shows an increase in ransomware activity from Q3 2022 to Q4 2022, as rebranded ransomware groups significantly increased the number of publicly claimed victims.

No quarter of last year saw less than 569 total victims -- with the biggest lull occurring in late June and early July, most likely attributed to the shift from Lockbit2 to Lockbit3, although challenges in the crypto currency market may have also had an impact.

Continue reading →

New research commissioned by Telstra shows 41 percent of UK technology leaders identify cybersecurity as an enabler of innovation within their organization.

The fallout from the COVID-19 pandemic has seen unprecedented levels of digital transformation. At the same time though an ever-evolving threat landscape means that security risks are on the rise, leaving organizations facing the difficult task of balancing rapid digitization with security.

Continue reading →