We've looked before at the phenomenon of Initial Access Brokers, cybercriminals who breach systems and then sell access to the highest bidder.

It seems that during the pandemic IABs have been busy improving their business model. New research from threat intelligence company KELA shows that pricing is often determined by company size and the level of privilege on offer within the compromised network, with $5,400 as the average price for network access, and $1,000 as the median price.

Continue reading →

Who would be scared to contact their IT department? Quite a lot of people according to a new survey from Velocity Smart Technology, which interviewed 2,000 US office workers.

It finds 60 percent say they've had a negative experience with their IT department, either because they've felt patronized, intimated or frustrated at the length of the time they've to wait to resolve issues.

Continue reading →

The challenges of the last year and a half, along with major cyberattacks, like that on Colonial Pipeline, have had a major impact on security professionals, with 51 percent reporting experiencing extreme stress or burnout.

The latest Global Incident Response Threat Report released today by VMware finds 65 percent saying they've considered leaving their job because of stress.

Continue reading →

A new report shows that 70 percent of automation initiatives are being hindered by security concerns and data silos, as organizations increasingly look to automation to improve efficiency and productivity.

The IT and Business Alignment Barometer from MuleSoft does offer some hope though as it shows companies can overcome these challenges and enable faster innovation across their organizations if IT and business teams work closely together.

Continue reading →

Today, just in case you hadn't noticed, is System Administration Appreciation Day. Over the last year the work of sysadmins has been in the spotlight as businesses have struggled to ensure remote access.

A new report from Netwrix finds that 66 percent of system administrators have had to deal with an increased workload.

Continue reading →

Businesses are increasingly recognizing the value of data, but most acknowledge that they could do better in using it to drive business transformation.

A new report from DataStax, based on a survey of over 500 technology executives and practitioners, reveals that while 96 percent of respondents say they have some level of a data strategy, only 38 percent of enterprises give themselves top grades when it comes to using data to create value for customers.

Continue reading →

Ransomware attacks are growing in severity and volume, bringing increasing costs and financial, legal, and other challenges.

Businesses need to be sure they can recover from an attack and data management specialist Zerto aims to provide the means with its latest offering Zerto 9.

Continue reading →

Despite the rise of cloud-based collaboration services it's still common for people to exchange information and documents by email. Of course you still need a way of handling larger attachments.

The latest social engineering attack uncovered by Armorblox spoofs a file-sharing notice from the popular WeTransfer platform that's used by individuals and businesses alike.

Continue reading →

A new analysis of platforms including AWS, Google and Salesforce, involving 200,000 identities and hundreds of millions of cloud assets reveals that 43 percent of all cloud identities sit abandoned and unused.

The report from Varonis points out that this also means they are exposed and vulnerable, making an organization a target for account takeovers.

Continue reading →

In the past six months overall API traffic has increased 141 percent but in the same time period, API attack traffic has grown by a startling 348 percent.

A new report from Salt Security reveals significant challenges in addressing API security, with all Salt customers experiencing API attacks, security topping the list of API program concerns, and very few respondents feeling confident they can identify and stop API attacks.

Continue reading →

The cybersecurity skills crisis has impacted 57 percent of organizations, according to the fifth annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG).

The survey of almost 500 security professionals finds the top effects of the skills shortage include an increasing workload for the cybersecurity team (62 percent), unfilled open job vacancies (38 percent), and high burnout among staff (38 percent).

Continue reading →

According to a new study 31 percent of companies have moved workloads to the cloud within the last six months compared to only 18 percent six months ago.

Based on a survey of almost 1,000 IT decision makers, the report from cloud migration specialist Next Pathway shows 36 percent are migrating to the cloud to prevent customers from leaving for more personalized solutions offered by competitors that are using the cloud to enable a superior digital experience.

Continue reading →

According to a new study from the IBM Institute for Business Value, 71 percent of executives surveyed say mainframe-based applications are central to their business strategy.

Also, in three years, the percentage of organizations using mainframe assets in a hybrid cloud environment is expected to increase by more than two times.

Continue reading →

Cybercrime is getting more organized than ever, as threat actors increase collaboration and adapt methods to drive greater monetization, selling access to breached systems to organized criminal groups and ransomware gangs.

The latest HP Wolf Security Threat Insights Report, reveals a 65 percent rise in the use of hacking tools downloaded from underground forums and file sharing websites between the second half of 2020 and the first half of 2021.

Continue reading →

Threats to web, mobile and API-based apps are developing rapidly and the average time taken to fix them isn't improving, with critical vulnerabilities remaining open on average for 202 days.

NTT Application Security has released its latest AppSec Stats Flash report looking at the current state of application security and the wider threat landscape. It finds the utilities sector the worst, with with 66 percent of applications in the industry having at least one serious exploitable vulnerability throughout the year.

Continue reading →