According to a new report from Sysdig, the unified container and cloud security company, it costs $430,000 in cloud bills for an attacker to generate $8,100 in cryptocurrency revenue. This works out at a $53 cost to the victim for every $1 the cryptojacker makes.

The report takes an extensive look at TeamTNT, a notorious cloud-targeting threat actor that generates the majority of its criminal profits through cryptojacking. TeamTNT is best known for its crypto‐jacking worm activity, which began in 2019, exploiting vulnerable instances of popular key‐value store Redis.

Continue reading →

Businesses are starting to recognize the advantages of leveraging data-driven approaches to improve customer experience. These approaches are also hugely valuable when included in strategic roadmaps to increase engagement and return on investment.

Analytical data is ideal for businesses wanting to assess the needs of their target customers to deliver personalized experiences and attain more accurate forecasting and demand planning. Moreover, data from analytics promotes more effective inventory and supply chain management, compounding supply and fulfillment issues businesses are currently experiencing

Continue reading →

Digital transformation is still seen as a priority by many enterprises, but research for low-code application development platform, Toca, reveals the extent of the challenges faced by IT teams in delivering these projects.

Budget constraints, a lack of collaboration across the wider business, legacy systems, a shortage of developers and integration challenges are seen as the top five barriers to transformation initiatives.

Continue reading →

The latest development in the ongoing 'PayPal-gate' story is that the fintech giant has now reversed its decision and apologized for closing the Free Speech Union's account.

The FSU tweeted news of the decision yesterday evening following several days of people closing down their accounts and the stirring up of a political storm with questions asked in the UK parliament.

Continue reading →

US companies are the most affected by ransomware, with 46 percent of all ransomware attacks happening there, according to new research by cybersecurity company NordLocker.

But just who is being targeted? The research finds that out of 18 industries identified, construction accounts for 12 percent of all attacks. Next most likely to be hit are manufacturing (9.6 percent), transportation (8.2 percent), healthcare (7.8 percent), and tech/IT (7.6 percent).

Continue reading →

Cybercriminals have become more adept at bypassing defenses with new DDoS attack vectors and successful methodologies, according to the latest DDoS Threat Intelligence Report from NETSCOUT.

The report is based on intelligence on attacks occurring in over 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs). It finds there were over six million DDoS attacks in first half of 2022, with TCP-based flood attacks (SYN, ACK, RST) still the most used attack vector, accounting for around 46 percent.

Continue reading →

Nearly eight out of ten (79 percent) of UK and Irish IT decision makers and professionals say there are gaps between their data dependency, backup frequency, SLAs and ability to get back to productive business.

The results of the Data protection Trends Report from Veeam Software also show that 76 percent of respondents admit falling prey to at least one ransomware attack in the past year, with 65 percent now using cloud services as part of their data protection strategy to increase resiliency.

Continue reading →

As we reported last week, PayPal has cancelled the accounts of a number of campaigning organizations in the UK, citing its Acceptable Use Policy but without providing a specific reason.

On Friday The Times reported that the fintech giant was poised to back down in the case of parents' group UsForThem, which campaigned for schools to be kept open during the pandemic.

Continue reading →

Data has become increasingly important for modern businesses and they increasingly expect it to help them improve their delivery to customers and ultimately their bottom line.

We spoke to Dom Couldwell, head of field engineering, EMEA at DataStax to discuss how companies can use data and how they need to adapt their approach to do so effectively.

Continue reading →

Almost half of respondents to a new survey say their company depends on outdated, legacy backup and recovery infrastructure to manage and protect their data. 46 percent are relying on primary backup and recovery infrastructure that was designed in, or before, 2010.

The study commissioned by Cohesity from Censuswide also finds 62 percent expressed some level of concern over whether their IT and security teams would be able to mobilize efficiently to respond to an attack.

Continue reading →

We've already seen that cyberattacks have played a role in the war in Ukraine. But what about the prospect of more widespread cyber warfare. Could Ukraine be just a testing ground?

Education advice site Security Degree Hub has produced an infographic looking at the prospects of a cyber war and what it might look like.

Continue reading →

With the decline of the traditional enterprise network perimeter, more and more organizations are turning to a zero trust approach to securing their systems.

This not only reduces the attack surface, it ensures that if an attack does succeed it's much less likely to spread laterally within the network. We talked to Tim Silverline, VP of security at network automation specialist Gluware, to find out more about what implementing zero trust means.

Continue reading →

The desire for software supply chain integrity and transparency has left many organizations struggling to build in software security measures like signatures, provenance, and SBOMs to legacy systems and existing Linux distributions.

This has prompted Chainguard to produce Wolfi, a new Linux '(un)distribution' and build toolchain, that's been designed from the ground up to produce container images that meet the requirements of a secure software supply chain.

Continue reading →

Without training, 21 percent of the workforce don't not know who to go to when faced with a cybersecurity threat.

A new report from security awareness training platform KnowBe4 shows that annual security training reduces that percentage to 17 percent.

Continue reading →

In the past 48 hours or so PayPal’s UK arm has canceled the accounts of a number of campaigning organizations including the Free Speech Union, legal campaigners Law or Fiction, parents group UsForThem, and even the personal account of the FSU's founder journalist Toby Young.

The only reason the company has given for these actions is to cite its Acceptable Use Policy. And, as Young wrote in his column in The Spectator, PayPal also decided it would hang onto his money for up to 180 days while deciding whether to extract 'damages' before refunding it.

Continue reading →