A security flaw in the F5 Networks’ BIG-IP load balancer, which is popular among governments, banks, and other large corporations, could be exploited to allow network access.
F-Secure senior security consultant Christoffer Jerkeby has discovered the issue in the Tcl programming language that BIG-IP's iRules (the feature that BIG-IP uses to direct incoming web traffic) are written in. Certain coding practices allow attackers to inject arbitrary Tcl commands, which could be executed in the security context of the target Tcl script.
Detections of ransomware aimed at businesses rose by a massive 363 percent between the second quarter of 2018 and the same period this year. Meanwhile consumer ransomware is down 34 percent.
The latest quarterly threat report from Malwarebytes also sees a 235 percent overall increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.
Once upon a time you bought a license for a piece of software and you could, essentially, run it forever. While much of the market has now shifted to subscription models, 65 percent of producers are still offering perpetual licenses, while 74 percent utilize subscription models for some or all of their products.
A new report from Flexera, which looks at changing licensing and deployment models, finds that when software producers are asked how they will change their monetization models over the next 18 months, both usage and subscription models will see the strongest increases.
AI and machine learning have demonstrated some impressive abilities in recent years, but the models behind the technology and the reasons why it came to the decision it did are often hard for the people interacting with it to understand.
In order to help people gain an insight into machine decision making, IBM Research is launching AI Explainability 360, a comprehensive open source toolkit of state-of-the-art algorithms that support the interpretability and explainability of machine learning models.
A new report from enterprise file sharing platform FileCloud looks at cloud and data security and finds that 50 percent of companies don’t plan on moving mission critical workloads to the public cloud.
The survey of 150 professionals from industries including health care, financial services and educational institutions finds that shifts in perceptions of data security are impacting movement to the cloud.
The cybercriminal's most effective weapon in a ransomware attack is the network itself, which enables the malicious encryption of shared files on network servers, especially files stored in infrastructure-as-a-service (IaaS) cloud providers.
This is according to a new report from threat detection specialist Vectra which finds that by encrypting files that are accessed by many business applications across the network, attackers achieve an economy of scale faster and far more damaging than encrypting files on individual devices.
Phishing threats tend to be fast moving, so the ability to block them quickly is essential for protection.
But a new survey finds that even large companies with multi-layer security controls and multiple threat feeds lack adequate safeguards to protect their employees from phishing attacks that employ links to malicious sites.
While people prefer to see jobs go to other humans rather than robots, it seems the opposite is true when it comes to their own jobs.
This is a finding of new research from Stefano Puntoni, professor of marketing at Rotterdam School of Management, Erasmus University, released today in a co-authored article in Nature Human Behaviour.
Analysis by Mimecast of 67 billion attack emails between April and June this year reveals that opportunistic attacks are dominated by Trojans, which make up 71 percent.
Targeted attacks are lower in volume but are specifically designed to get past commodity malware scanners by using newly detected or updated malware not detectable with file signatures.
New research from fraud prevention and multi-factor authentication specialist iovation reveals that 49 percent of all risky transactions now come from mobile devices, up from 30 percent in 2018, 33 percent in 2017 and 25 percent in 2016.
Looked at geographically, North America with 59 percent of all risky transactions coming from mobile devices, leads the way. In 2018, it was Asia at 53 percent. In 2017, it was North America with 55 percent, and in 2016, it was North America again with 36 percent.
Data breaches and misconfigurations come out top of the Cloud Security Alliance's latest Top Threats report which reveals an 'Egregious Eleven' list of cloud security threats.
This year's list no longer includes issues that fall to cloud service providers (CSPs), such as denial of service, shared technology vulnerabilities, CSP data loss and system vulnerabilities. This suggests these are either being well addressed or are no longer perceived as a significant business risk of cloud adoption.
Supply chain threats are a major problem for enterprises and they are forcing smaller businesses to take security more seriously in order to win contracts.
A study by cyber security awareness platform CybSafe shows nearly 37 percent of organizations have been required to achieve a recognized cyber security standard by their enterprise customers before successfully securing contracts. This represents a nine percent increase over 2017.
Customer experience has become a massive, sprawling industry that includes the many systems and touchpoints that lie between companies and their users. It's projected to be a $32B market by 2025.
One of the most interesting new sub-categories emerging within customer experience is ResearchOps. It's a new discipline -- with a growing community of practitioners -- focused on better infrastructure around customer research, and operationalizing the user research process so it can be done faster and have a bigger impact.
In the second quarter of 2019, the total number of DDoS attacks grew by 18 percent, compared to the same period in 2018 according to a new report from Kaspersky.
There is, however, a drop compared to the first quarter of this year, with attacks down 44 percent. Kaspersky attributes this to seasonal variation with DDoS attack usually declining in late spring and summer.
There are few aspects of our everyday lives that don’t now rely on computers at some level. But does this reliance on technology mean that the machines are getting smarter than we are?
Server and network monitoring specialist CloudRadar has put together an infographic examining our reliance on technology.