Technology continues to advance at an unprecedented rate. The development and use of Application Programming Interfaces (APIs) being a particularly notable example.

The latest Salt Labs State of API Security report found that overall API traffic increased 168 percent over 12 months, with API attack traffic increasing by 117 percent in the same time period. Perhaps understandably, many CISOs are struggling to keep up.

Continue reading →

Generative AI is very much flavor of the month at the moment thanks to tools like ChatGPT. Now business tool Google Workspace is getting in on the act with new features to help users create drafts, proofread, generate images and more.

Initially the new AI features will be in Docs and Gmail. The company is keen to stress that users will remain in control, AI will make suggestions that you're able to accept, edit, and change.

Continue reading →

Complex software today includes components that rely on digital authentication credentials commonly referred to as secrets, which include tools such as login credentials, API tokens, and encryption keys. While critical for the software to function, managing secrets across every component of code is a challenge that can result in secrets being left vulnerable.

Supply chain security company ReversingLabs is launching a new secrets detection feature within its Software Supply Chain Security (SSCS) platform.

Continue reading →

A new survey of 100 chief data officers (CDOs) and chief data analytics officers (CDAOs) at companies with $1B+ in revenue shows that 95 percent say their company leadership expects investments in AI and ML applications will result in a revenue increase.

The study for Domino Data Lab, carried out by Wakefield Research, shows 67 percent are adopting a more offensive data policy seeking to drive new business value with analytics, ML and AI applications.

Continue reading →

People are struggling to recall an ever-growing number of passwords, with 51 percent of respondents to a new study by Entrust saying they reset a password at least once a month because they can't remember it.

Even more alarming, 15 percent of users who responded reset passwords at least once a week. It's no surprise then that given the option between biometrics or a password, 74 percent of respondents will choose biometrics half the time or more and a third will always choose biometrics when available.

Continue reading →

Analysis of data on over 3,700 broadband packages from 219 countries around the world shows that if you want the cheapest deal you should consider moving to Sudan.

The study by Cable.co.uk shows Sudan offers the world's cheapest broadband, with an average cost of $2.30 per month. By contrast another African nation, Burundi, is the most expensive place in the world to get fixed-line broadband, with an average package price of $383.79 per month.

Continue reading →

The latest Identity Exposure Report from SpyCloud shows that last year its researchers recaptured 721.5 million exposed credentials from the criminal underground, and found over 22 million unique devices infected by malware.

Of the exposed credentials recovered by SpyCloud, roughly 50 percent came from botnets, tools commonly used to deploy highly accurate information-stealing malware. These infostealers enable cybercriminals to work at scale, stealing valid credentials, cookies, auto-fill data, and other valuable information to use in targeted attacks or sell on the darknet.

Continue reading →

Buying software used to be relatively simple. You either paid a one-off fee, or an ongoing license, or sometimes a combination of both.

With the advent of cloud and SaaS, however, things have become rather more complicated. Usage based pricing is more common, plus in a difficult economic climate there's a spotlight on software costs.

Continue reading →

Cybersecurity is usually viewed as something to be addressed via software. In recent years though we've seen a hardware element start to creep in -- Windows 11's requirement for TPM capability for example.

Can we expect to see more hardware-based security measures? And what benefits do these offer? We spoke to Ed Maste, senior director of technology at the FreeBSD Foundation (the non-profit organization supporting the open source FreeBSD operating system) to find out.

Continue reading →

With 70 percent of government workers reporting that they work virtually at least some of the time, a new survey shows some worrying trends.

The report from Ivanti finds five percent of government workers have fallen victim to a phishing attempt. However, 34 percent don't believe their actions impact their organization's ability to stay safe.

Continue reading →

The threat of business email compromise (BEC) is growing year on year and is projected to be twice as high as the threat of phishing in general.

According to a new report from cloud email security platform IRONSCALES, over 93 percent of organizations have experienced one or more of the BEC attack variants in the previous 12 months, with 62 percent facing three or more attack variants.

Continue reading →

Secrets are not just login credentials and personal data; they securely hold together the components of the modern software supply chain, from code to the cloud. And because of the leverage they provide they are much sought-after by hackers.

However, many breaches that occurred in 2022 show how inadequate the protection of secrets is. Research from automated detection specialist GitGuardian finds that one in 10 code authors exposed a secret in 2022.

Continue reading →

Much of our modern communication relies on satellites, but the data sent between them and ground stations is vulnerable to theft, leaving satellite communications even more accessible than typical internet communications.

Post-quantum cybersecurity company QuSecure has announced that it's achieved an end-to-end quantum-resilient cryptographic communications satellite link.

Continue reading →

Password service 1Password is launching a new service that will allow enterprise customers to unlock their 1Password accounts using third-party identity services.

Unlock with Single Sign-On (SSO) automatically provisions and deprovisions employees, with streamlined deployment through the bridge connection for the 1Password SCIM (System for Cross-domain Identity Management).

Continue reading →

The UK's new Data Protection and Digital Information Bill is set to reduce costs and burdens for British businesses and charities, and remove barriers to international trade.

We know from when it was first brought before parliament last summer that it will also cut the number of repetitive data collection and cookie pop-ups online.

Continue reading →