Ian Barker

Credential stuffing attacks rely on stolen account credentials from a previous breach and are usually perpetrated by bots in an attempt to gain access to other websites.

This is a major problem for businesses, with threat actors using as many as 65,000 IP addresses for a single attack. Now though identity platform Auth0 is launching a new Bot Detection feature that it claims can reduce the effectiveness of a credential stuffing attack by as much as 85 percent.

Continue reading →

Industrial control systems (ICS) are usually kept separate from internet facing and other business applications. But researchers at Claroty have discovered a way to exploit ICS project files as an attack vector.

The attack was demonstrated at the recent DEF CON conference. We asked Nadav Erez, Claroty's research team lead, to explain more about why these files are particularly attractive to attackers.

Continue reading →

Although reports of data breaches are down 52 percent in the first half of this year, the number of records exposed over the same period has soared to 27 billion.

The latest Data Breach Report from Risk Based Security shows 2,037 publicly reported breaches from January to June, a 52 percent decrease compared to the first six months of 2019 and 19 percent below the same time period for 2018.

Continue reading →

As systems move to the cloud, organizations are faced with the problem of safely managing access for third-parties and vendors.

Specialist in this field SecureLink is launching a new version of its SecureLink for Enterprises platform, introducing features to expand vendor privileged access management (VPAM) capabilities to the cloud and strengthen reporting.

Continue reading →

Keeping enterprise systems secure used to be a relatively simple matter of defending the network perimeter. But in recent times the increased sophistication of attacks, a shift to more remote working, and demands for more sophisticated identity management mean things are much more complex.

We spoke to Greg Keller, CTO of directory-as-a-service company JumpCloud  who believes that the answer is to move the security perimeter to the user, wherever they are located.

Continue reading →

Almost half, of the participants in a new survey say zero trust is critical to their organizational security model, with only two percent of business leaders believing zero trust non-essential for their enterprise security posture.

But the study from Illumio, based on responses from over 460 IT and security professionals, finds that real world adoption is lagging. Of the respondents who find zero trust to be extremely or very important to their security posture, only 19 percent have fully implemented or widely implemented their zero trust plan.

Continue reading →

The move to remote working, driven by the coronavirus pandemic, has highlighted a number of issues, not least the ability of all parts of an enterprise to collaborate.

Unless there's a means for departmental processes to work together, organizations will soon find themselves in a very siloed workplace. We spoke to Terry Simpson, technical evangelist at process automation company Nintex, to discuss how organizations can break down silos and increase collaboration across their teams even when working remotely.

Continue reading →

Penetration of a local network takes between 30 minutes to 10 days and in most cases, attack complexity is low, meaning that an attack is within the capabilities of a hacker with basic skills.

Moreover there is at least one easy penetration vector in 71 percent of companies according to the research from Positive Technologies which analyzed the security of corporate information systems and prepared an overview of the most common security flaws and attack methods.

Continue reading →

The highest performing developers put out releases 15 times more often and are 26 times times faster to detect and fix open source vulnerabilities than their low performing counterparts, according to a new study.

The report from Sonatype is based on analysis of over 1.5 trillion open source download requests, 24,000 open source projects, and 5,600 enterprise development teams.

Continue reading →

A new study released by Deutsche Telekom shows that young Europeans aged 16-26 show a high level of optimism for the potential of technology.

The company has partnered with five-time Grammy award winner Billie Eilish to highlight Gen Z's tech positivity, demonstrating the power and potential of youth in creating a better future.

Continue reading →

Email is still the favored attack vector for cybercriminals, with recent research from GreatHorn showing that a third of IT professionals are dealing with attacks every day.

In order to bolster defences the company is launching an update to its security platform offering visibility across the entire email security stack with intelligent phishing detection and response capability.

Continue reading →

With more and more companies embarking on digital transformation projects, the amount of developer talent available is hampering progress.

Enterprise low-code specialist Mendix has commissioned a study from Forrester into the real-world value of using low-code.

Continue reading →

As businesses have switched to remote work environments, it has exposed pre-existing security gaps in at-home networks and other vulnerabilities for cybercriminals to take advantage of.

Cybersecurity specialist SonicWall is launching a new solution combing high-performance firewalls, cloud-native management and on-premise threat analysis to deliver cost-effective security for complex business networks.

Continue reading →

A new survey of IT executives reveals that while 77 percent say they capably managed the shift to remote work during the COVID-19 outbreak, they're now bracing for continued disruption and rapidly shifting budgets to further weather the pandemic.

The study commissioned by remote access platform TeamViewer underlines the critical nature of IT, as 84 percent attribute their company's survival on providing a stable work environment during and after the pandemic.

Continue reading →

The use of security operations centers has become commonplace in larger organizations. But how can businesses unlock their full potential to protect their systems?

We spoke to Matt Walmsley, head of EMEA marketing at network detection and response specialist Vectra AI, to find out.

Continue reading →