Digital natives aged between 18-39 are the most vulnerable age group for phishing scams, according to new data from security awareness training company SoSafe.

It finds that 18-39 year-olds have an average click rate of 29 percent on phishing emails, which drops to 19 percent among older age groups.

Continue reading →

A ransomware attack can be devastating for businesses. But while in the aftermath of an attack the focus will be on recovery, it's also important to look at how the attack happened and what information can be gleaned to help prevent future incidents.

We spoke to Joseph Carson, chief security scientist at privileged access management specialist Delinea, to talk through the analysis of a typical attack and what lessons can be learned.

Continue reading →

Google has announced today that it's bringing passkey support to both Chrome and Android. Passkeys offer a significantly safer replacement for passwords and other phishable authentication factors and mark another step towards a passwordless future.

If you're unfamiliar with passkeys, they're a joint initiative from Apple, Google, and Microsoft. Unlike a password the key is stored exclusively on your devices and never gets shared with anyone else.

Continue reading →

Information and work overload, insufficient downtime, lack of tool integration, and alert fatigue mean that 71 percent of security operations center professionals say they're likely to quit their job.

A new report from logging and security analytics company Devo Technology shows SOC leaders continue to face a tricky balancing act when it comes to retaining SOC analysts amid major talent shortages and turnover.

Continue reading →

Cyberattacks and other threats aren't limited to large organizations, indeed SMBs are often targeted as they are seen as having fewer resources to devote IT security defenses, particularly related to remote workers.

A new survey from software company Devolutions bears out this view, with only 18 percent of SMBs checking all the requisite IT security boxes and 13 percent not implementing any essential IT security measures at all.

Continue reading →

According to new research from Tessian, 18 percent of UK and US security leaders work over 25 hours extra a week, double the amount of overtime they reported in 2021.

On average, they work 16.5 hours over their contracted weekly hours, up from 11 hours in 2021. Also three-quarters of security leaders say they aren't able to always switch off from work, 16 percent of these say they can rarely or never switch off.

Continue reading →

Consumers want to see more transparency from businesses around how their data is handled, according to the Cisco 2022 Consumer Privacy Survey.

The survey also shows that while consumers are supportive of artificial intelligence -- 54 percent are willing to share their anonymized data to improve AI products -- they are concerned about how businesses use AI, with 65 percent having lost trust in organizations due to their AI use.

Continue reading →

A new study finds that £95 ($105) is lost to fraud every second in the UK. This is according to analysis by fraud prevention specialist Outseer of all the reported incidents of fraud to Action Fraud -- the UK's national reporting center for fraud and cybercrime -- between 1st July 2021 to 30th June 2022.

The data shows one case was reported to Action Fraud every 85 seconds and reported losses totalled over £3 billion ($3.31 billion) during the 12-month study period.

Continue reading →

The virtual world of the Metaverse is already attracting people to attend virtual events and play games. It also has the potential for businesses to make money -- research from McKinsey suggests it could be a $5 trillion industry by 2030.

However businesses are still wary of the additional challenges, particularly with regard to security. New research carried out by YouGov for app security company F5 shows six out of 10 respondents say the Metaverse has introduced security complexities that their organization may not be equipped to address.

Continue reading →

The popularity of Kubernetes has led to its rapid adoption, but as with any advanced technology, the benefits come alongside challenges.

Being able to take full advantage of the technology means understanding what it can offer and how it fits with other developments like artificial intelligence. We spoke to Tobi Knaup, CEO of independent Kubernetes platform D2iQ, to find out about the current state of Kubernetes and what it promises for the future.

Continue reading →

In what was a far-sighted move back in 2004, the President of the United States and Congress declared October to be Cybersecurity Awareness Month, dedicated to helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

This has now become a regular event on the calendar and the theme of this year's campaign is 'See Yourself in Cyber', aiming to underline the fact that cybersecurity is ultimately about people rather than technology.

Continue reading →

The short-term costs of a cyberattack are significant. Investigating and containing a breach, rebuilding IT systems and implementing new security controls, as well as the loss of productivity, can all cause severe financial strain.

However, the long-term costs of a breach are often even more damaging. Enterprises that do not handle an attack well can suffer a number of further consequences, including reputational damage, a loss of customer loyalty and a drop in share prices.

Continue reading →

Ransomware operators have turned their attention away from politically motivated attacks focusing on Russia back to their usual targets such as the United States, China, and Israel.

The latest T2 2022 threat report from ESET also shows the total number of RDP attack attempts has declined by a further 89 percent. The likely reasons for the decline are post-COVID return to offices, improved security, and the Russia-Ukraine war.

Continue reading →

For many organizations, Microsoft 365 has become their default service for email. But for attackers this makes it attractive as a point of compromise.

New research from cloud and email security specialist Avanan shows that the missed phishing rate for Microsoft Defender is 18.8 percent. A previous analysis in 2020 showed 10.8 percent of phishing emails reaching inboxes, so Defender's missed phishing rates have increased by 74 percent.

Continue reading →

A year ago we reported on the demise of Microsoft Silverlight and how OpenSilver offered an alternative for those still wanting to run Silverlight apps.

The OpenSilver developers haven't been idle in the meantime and today sees the launch of version 1.1. This allows 99.99 percent reuse of the Silverlight codebase and also guarantees an almost pixel perfect migration.

Continue reading →