A large majority of companies are only at an entry level in terms of their cloud security capabilities according to a new study.

The research, carried out for cloud infrastructure security company Ermetic by Osterman Research, surveyed 326 organizations in North America with 500 or more employees and who spend a minimum of $1 million or more each year on cloud infrastructure.

Continue reading →

Most business leaders (57 percent) believe an enterprise integration strategy is critical to their organization, while 61 percent of CIOs and more than half of system architects and developers said a standardized, enterprise integration strategy is a top priority.

However, only seven percent of respondents have succeeded in implementing an enterprise integration strategy, according to a new study from Digibee, while 93 percent of decision-makers admit they have no formal integration strategy in place.

Continue reading →

According to a new study 93 percent of enterprise IT leaders say the application modernization process is challenging due to staffing, tools, training and other issues.

The survey from Asperitas finds 30 percent of IT leaders say identifying the right tools and technologies is the most difficult part of the process, while 20 percent say it's finding staff with the right experience.

Continue reading →

According to a new report 94 percent of companies have experienced security problems in production APIs in the past year, with 20 percent saying the organization suffered a data breach as a result.

The latest State of API Security Report from Salt Security also finds that found that API attack traffic has more than doubled in the past 12 months with a 117 percent increase. In the same period overall API traffic grew 168 percent, highlighting the continued explosion of enterprise API usage.

Continue reading →

The latest OT/IoT security report from Nozomi Networks shows that wiper malware and IoT botnets dominate threats to industrial control systems.

Researchers have observed the robust usage of wiper malware, and seen the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.

Continue reading →

Researchers at Sonatype have identified multiple malicious Python packages that contain ransomware scripts.

The packages are named after a legitimate, widely known library called 'Requests', with names like 'requesys', 'requesrs' and 'requesr', in order to trick developers into installing the wrong version.

Continue reading →

A new study reveals that 87 percent of the ransomware found on the dark web can be delivered via malicious macros in order to infect targeted systems.

The research from Venafi, in partnership with criminal intelligence provider, Forensic Pathways, looked at 35 million dark web URLs and forums to uncover a thriving ransomware community with highly damaging macro-enabled strains readily available.

Continue reading →

New research from customer engagement platform Twilio shows older consumers are being left behind when businesses digitize their customer facing operations.

Although consumers over 65 hold significant digital shopping power, with 76 percent relying on online shopping in the UK, only 12 percent say they feel understood by brands they interact with digitally.

Continue reading →

Phishing is one of the most common forms of cyberattack, fooling people into thinking they're dealing with a trusted organization in order to get them to part with credentials.

But what are the hallmarks of a phishing attack? Atlas VPN has collected some phishy statistics to find out.

Continue reading →

Governments, utilities and other key industries are prime targets for attack including from nation state actors and cybercriminals seeking to extract a ransom.

But David Anteliz, technical director at Skybox, believes that given the increase in tensions across the world threat actors will evolve their tactics with the use of a 'three-headed dragon approach' that goes beyond the probing we have seen so far.

Continue reading →

Securing endpoints used to be a simple matter of installing a firewall and antivirus solution and then keeping them updated.

But as threats have become more sophisticated, networks more complex and working patterns have shifted away from the office, securing and managing endpoints has become a much greater problem for enterprises.

Continue reading →

The latest vulnerability intelligence report from Flashpoint finds that 52 percent of all vulnerabilities reported in the first half of 2022 that were scored 10.0 -- the most severe level -- on CVSS are likely scored incorrectly.

When scoring, CVSSv2 guidelines take a 'score for the worst' approach if details of some of the metrics used are unclear. But the report points out this has resulted in many vulnerabilities being scored a 10.0, even though they are actually less severe, simply due to vendors providing fewer details.

Continue reading →

Digitization and rising consumer expectations are having a major impact on the working conditions of technology teams leading to a rise in burnout and attrition.

A new study from PagerDuty shows 42 percent working more hours in 2021 than in 2020, and 54 percent of responders are being interrupted outside normal working hours.

Continue reading →

In the past cybercriminals have tended to shun Linux in favor of more widely used operating systems, but new data indicates that this trend is starting to shift.

Statistics from the Atlas VPN team show new Linux malware reached record numbers in the first half of 2022, with nearly 1.7 million samples being discovered. This puts it in second spot for the number of new samples even though it has only one percent of the OS market (not counting Android).

Continue reading →

Hyperscale cloud providers continue to dominate the market, with Azure and AWS in use as the major public cloud provider by 82 percent of businesses.

But new research from Civo shows that 34 percent of users feel locked into the services these major providers deliver, with 65 percent of these saying that data transfer costs are too expensive for them to move off their current cloud.

Continue reading →