Ian Barker

TLS certificates are a top security concern for businesses

security flaw

A new study by machine identity protection specialists Venafi of the opinions of 550 chief information officers (CIOs) from the US, UK, France, Germany and Australia finds that 75 percent name TLS certificates as their top concern.

TLS certificates act as machine identities, safeguarding the flow of sensitive data to trusted machines and, thanks to the acceleration of digital transformation, the number of machine identities is rising.

Continue reading

96 percent of developers believe security harms productivity

Developer at work

In a new survey of over 165 developers, AppSec and DevOps professionals, application security automation company ShiftLeft finds that 96 percent of developers believe the disconnect between developer and security workflows inhibits developer productivity.

When asked to prioritize, application security professionals rank creating developer-friendly security workflows as their top priority, even higher than protecting applications in production environments.

Continue reading

Calendar invites used to hide phishing links


The Cofense Phishing Defense Center (PDC) has unearthed a new phishing campaign in multiple enterprise email environments protected by Proofpoint and Microsoft that delivers .ics calendar invite attachments containing phishing links in the body.

The researchers assume that the attackers believe putting the URL inside a calendar invite would help the messages to avoid automated analysis.

Continue reading

1Password launches tool to guard against credential stuffing

Hacker typing username and password

Reuse of the same or similar passwords across accounts makes life easier for cybercriminals as they are able to try multiple servers using credentials exposed in breaches -- so called 'credential stuffing'.

Enterprise password manager 1Password is launching a new reporting tool for its users that allows them to swiftly identify compromised accounts and take action to protect the enterprise by alerting users to create new secure passwords.

Continue reading

Malware incidents decline 23 percent in 2019

declining graph

European managed security services company Orange Cyberdefense today reveals the findings of its inaugural Security Navigator, which shows a 23 percent decline in the number of recorded malware incidents in 2019.

The total number of security events have, however, increased. The company analysed 263,109 events from data obtained from its 10 CyberSOCs and 16 SOCs. Out of these events it identified 11.17 percent as verified security incidents. This represents a 34.4 percent increase over the previous year's rate of 8.31 percent.

Continue reading

Security professionals warn UK government over outdated cybercrime legislation

Union flag keyboard

The UK's Computer Misuse Act came into effect 30 years ago, but security professionals are warning that it is no longer fit for purpose and may even be hindering their efforts.

A coalition of businesses, trade bodies, lawyers and think tanks from across the cybersecurity industry have today taken the unprecedented step of uniting to write a letter to the prime minister urging him to reform the law.

Continue reading

What enterprises need to consider on the journey to digital transformation [Q&A]

digital transformation

Digital transformation is increasingly seen as a way for businesses to gain competitive advantage. It's often tied into the cloud and as-a-service solutions too.

But what do businesses need to take into account when starting on a transformation project? We spoke to Anthony Brooks-Williams, CEO of cloud data integration provider HVR Software to find out.

Continue reading

IBM launches open source tool to help COVID-19 data analysis

IBM logo

IBM's Center for Open-Source Data and AI Technologies (CODAIT) is releasing a new toolkit that helps developers and data scientists answer questions about the pandemic.

COVID notebooks is designed to help with tasks including obtaining authoritative data on the current status of the outbreak, cleaning up the most serious data-quality problems, collating the data into a format amenable to easy analysis with tools like Pandas and Scikit-Learn, and building an initial set of example reports and graphs.

Continue reading

Identifying the security risks and rewards of open source software deployments

Business security

Open source components are now at the core of many applications and a good deal of infrastructure. But what implications does this have for security?

The Information Security Forum has released a new paper, Deploying Open Source Software: Challenges and Rewards, to help security professionals recognize the benefits and perceived challenges of using open source and set up a program of protective measures to effectively manage it.

Continue reading

How IoT devices are putting enterprises at risk

Wireless internet of things

While businesses generally take care to protect desktop and mobile computing devices, the rise in IoT usage has meant that lots of potentially less secure equipment is sneaking onto networks.

Forescout Research Labs has been assessing the risk of over eight million devices across a number of industries via its Forescout Device Cloud, a repository of connected enterprise device data.

Continue reading

Data privacy and identity in the age of COVID-19

Data privacy

With governments around the world rolling out contact tracing in order to fight the COVID-19 pandemic, access management company Okta has commissioned a survey of 12,000 people across six counties to discover how consumers feel about data privacy and identity.

It finds that 84 percent of Americans are worried that data collection for COVID-19 containment will sacrifice too much of their privacy. A majority say they are uncomfortable with personally identifiable information (67 percent), bluetooth data (57 percent), medical data (53 percent), and location data (52 percent) being collected for COVID-19 purposes.

Continue reading

New application security analyzer helps prevent breaches across cloud services

Software testing

Most businesses now use web and cloud applications to deliver richer web experiences and better outcomes for customers. But the current generation of web security tools are poorly suited to address the frameworks, APIs and cloud microservices that are the underpinnings of these modern apps.

Now though application security firm Data Theorem is launching Web Secure, a full-stack application security analyzer that provides vulnerability analysis for modern web applications from the web-layer down to its embedded APIs and cloud resources.

Continue reading

Two thirds of malware is invisible without HTTPS inspection

unknown threat

A new report from WatchGuard Technologies shows that 67 percent of all malware in the first quarter of this year was delivered via HTTPS, so organizations without security solutions capable of inspecting encrypted traffic will miss two-thirds of incoming threats.

In addition, 72 percent of encrypted malware was classified as zero day (meaning no antivirus signature exists for it, and it will evade signature-based protections). The findings suggest that HTTPS inspection and advanced behavior-based threat detection and response solutions are now requirements for every security-conscious organization.

Continue reading

What's your data worth on the Dark Web?

Anonymous man with money

We all know that information stolen in data breaches is often put up for sale on Dark Web marketplaces. But how much is it actually worth?

The PrivacyAffairs website has been researching Dark Web forums and market places and has found that for less than $1500 criminals can obtain genuine information and forged documents allowing them to almost completely take over someone's identity.

Continue reading

How giving customers a better experience can build competitive advantage [Q&A]

happy customer

In a highly competitive world businesses can struggle to make themselves stand out from the competition. One of the ways they can gain a competitive edge is by providing a better customer experience.

But what does this mean in practice and how can organizations build better experiences? We spoke to Ross Freedman, co-founder and CEO of customer experience agency Rightpoint to find out.

Continue reading

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.