Introduced by the US military in the 1950s, Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts.

This technique has been translated to the cybersecurity world in recent years, but while the concept is strong, it's a complex strategy that has many drawbacks if not executed properly. We spoke with Avihay Cohen, CTO and co-founder of Seraphic Security, find out more about how this concept is applied to today's cybersecurity strategies, its pitfalls and how to implement it successfully.

Continue reading →

Although it has a reputation as a safe and secure operating system, Linux is not immune to malware. Indeed it's become an attractive target as increasing numbers of servers and other devices run Linux-based OSes.

Data analyzed by the Atlas VPN team, based on malware threat statistics from AV-ATLAS, shows new Linux malware threats hit record numbers in 2022, increasing by 50 percent to 1.9 million.

Continue reading →

A barrage of new threats along with increasingly complex IT environments and a shortage of skilled staff make securing the enterprise and ensuring compliance more of a challenge than ever.

In order to help businesses visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats across environments, ThreatModeler is launching a new cybersecurity asset marketplace.

Continue reading →

New research, from ICS/OT cybersecurity firm SynSaber, has analyzed over 900 CVEs reported in industrial control systems in the second half of 2022 and finds that 35 percent have no patch or remediation available.

Only 56 percent of the CVEs have been reported by the original equipment manufacturer (OEM), while 43 percent have been submitted by security vendors and independent researchers. A firmware update is required to fix 33 percent.

Continue reading →

The role of the CISO has always been a somewhat secondary one in terms of the overall big picture of running a business.

However, a new study from cybersecurity company Coalfire shows that the CISO role is maturing quickly, and gaining more of a voice in the boardroom.

Continue reading →

The advent of quantum computing offers a serious threat to the safety of encrypted information. But current post-quantum cybersecurity (PQC) solutions either can't reach edge devices like laptops and mobile phones or required software installation on these devices which is cumbersome and hard to manage.

Now though QuSecure is launching a new solution for protecting encrypted private data on any website or mobile application with quantum-resilient connections and sessions, all with no end-user installation required.

Continue reading →

As we enter 2023, factors such as an uncertain economy, inflation, the fear of a recession, hiring freezes and layoffs, and supply chain issues continue to take their toll on businesses -- impacting not only daily operations, but budgets for the new year.

When it comes to cybersecurity spending, in particular, Curtis Fechner, engineering fellow, threat management at Optiv, says many executives expect their budgets to be unchanged in 2023, which is a best case scenario as the risk of cuts amid an uncertain economy and business landscape looms large.

Continue reading →

As businesses adopt more complex hybrid IT environments and raise budgets to fend off cyberattacks, as well as keep up with production environments diversifying across various clouds, a new study finds that IT leaders increasingly feel they aren't sufficiently protected.

The latest Data protection Trends Report from data protection specialist Veeam Software shows that a top priority of organizations this year is improving reliability and success of backups, followed by ensuring that Infrastructure as a Service (IaaS) and Software as a Service (SaaS) protection is equal to the protection they rely on for datacenter-centric workloads.

Continue reading →

New research from Node4 into the IT priorities of mid-market businesses in the UK shows hybrid cloud adoption has increased by 11 percent since last year.

Inflationary pressures have led to a re-examination of cloud adoption models and a desire to access more predictable, stable costs -- as well as a wider choice of pricing models. Hybrid cloud is seen as a viable long-term, and potentially more flexible, option that combines the best aspects of public and private cloud.

Continue reading →

Last year saw zero day vulnerabilities being actively exploited in the wild across many of the major web browsers.

For businesses that allow their users to choose which browser they use this is a problem due to the frequency of vulnerabilities. We spoke to Ofer Ben-Noon, co-founder and CEO at Talon Cyber Security and former member of the Israeli intelligence community, to find out more about the current threat landscape and how firms can secure their browsers.

Continue reading →

Open banking first began to roll out in 2018, following the introduction of the PSD2 legislation in the UK, but five years on new research finds that most consumers still don't understand what it is, and the vast majority don't believe that it's safe.

The study from NTT DATA shows 58 percent of UK consumers still don't understand what open banking is, while just 16 percent believe that it's completely safe.

Continue reading →

When threat actors evaluate a company's attack surface, they're not thinking in terms of organizational silos. They're probing for the right combination of vulnerabilities, misconfigurations and identity privileges.

It follows that security organizations shouldn't be operating in silos either. Defenders risk playing into the hands of attackers as organizations struggle with reactive and siloed security programs. Having a sprawl of point tools generates heaps of fragmented data but offers few insights.

Continue reading →

A new set of zero trust email security solutions from Cloudflare are aimed at protecting employees from multichannel phishing attacks, preventing sensitive data from being exfiltrated via email, and helping businesses speed up and simplify deployments,

Compatible with any email provider, the protection is integrated into Cloudflare's platform, helping to secure all of an organization's applications and data.

Continue reading →

New research from cybersecurity company Naoris Protocol finds 48 percent of people surveyed think criminals who break into computer networks with malicious intent should be paid a percentage of the funds they steal and face no prosecution if they return the majority of their spoils.

The survey of over 500 people working in the cybersecurity and web arenas found just 38 percent saying they disagreed with not prosecuting malicious hackers, while 13 percent were unsure.

Continue reading →

According to a new report, 73 percent of business leaders think responsible technology use will become as important as business or financial considerations when making tech decisions.

The study from Thoughtworks is based on a survey of 550 senior executives from nine countries around the world. When asked about the tangible business benefits of adopting responsible technology, the top response was better customer acquisition/retention (47 percent).

Continue reading →