Ian Barker

You'll doubtless be aware already of the major outages of Microsoft systems today causing problems for airports, rail operators, banks, retailers, broadcasters and more.

Among the disruption stores found themselves unable to accept payments and in the UK Sky News’s breakfast show was taken off air. Some airports were forced to use whiteboards to show flight departure information.

Continue reading →

It's essential for businesses to get security, privacy and governance right -- not only to prevent breaches, but also comply with increasing numbers of regulations.

DevOps Research and Assessment (DORA) best practices are the gold standard for spotting vulnerabilities across both cloud and mainframe environments and improving development efficiency.

Continue reading →

Although software supply chain breaches are increasing, a new study from JFrog finds that only 30 percent of respondents identified the need to address vulnerabilities in their software supply chain as a top security concern.

It also uncovers a disconnect between management and developers. 92 percent of executives claim their organizations possess tools to detect malicious open-source packages, while only 70 percent of developers think the same.

Continue reading →

Fraudulent transactions in the first half of 2024 were up over 73 percent year on year, and suspected fraudulent transactions increased by over 84 percent, according to the 2024 Mid-Year Identity Fraud Review, released today by AuthenticID.

The report also looks at the latest trends including a surge in AI-enabled fraud, as well as the increased use of deepfakes for identity fraud tactics like account takeover attacks and injection attacks.

Continue reading →

Including a number in your password doesn't make it much more secure, does it? If that number is a seven then it just might, according to ProxyScrape.

Strange though it may sound, seven is a rare number in terms of people's preference for it. People naturally gravitate towards using predictable patterns in their passwords. Numbers like 0, 1, and 2 are often overused due to their convenience on both keyboards and number pads. The number 7, however, is less predictable and less frequently used, making it a statistically rare choice.

Continue reading →

Email security tools such as Secure Email Gateways (SEGs) often encode URLs that are embedded in emails. This enables the security appliance to scan the URL before the recipient visits the website.

But when SEGs detect URLs in emails that have already been SEG encoded they don't scan the URL. A new report from Cofense reveals that threat actors are making use of this to avoid detection.

Continue reading →

An overwhelming 91 percent of respondents to a new survey say their security budget is increasing this year, demonstrating a growing recognition of the importance of cybersecurity within organizations.

However, the report from Seemplicity shows organizations report using an average of 38 different security product vendors, suggesting high levels of complexity and fragmentation within their attack surfaces.

Continue reading →

Since ChatGPT's launch in 2022, there's been an explosion of speculative use cases for generative AI in the workforce -- and concern from the cybersecurity community over an unproven, unvetted, and potentially powerful new tool.

How have those concerns played out in the real world? We sat down with Nick Hyatt, director of threat intelligence at Blackpoint Cyber, to hear about the reality of generative AI's risk to the modern workplace.

Continue reading →

A new survey reveals that 73 percent of life sciences companies are turning to artificial intelligence to address the cybersecurity skills gap.

The report from Code42 shows the life sciences sector is at the forefront of artificial intelligence use, with AI tools presenting new opportunities for cybersecurity teams to enable automated detection and response, as well as freeing up the resources to concentrate on strategic tasks.

Continue reading →

Data security company Druva is adding to its platform with a new threat hunting capability that empowers IT and security teams to search their global data footprint for indicators of compromise (IOCs).

The company is also announcing the expanded global availability of Managed Data Detection and Response (Managed DDR), a service that uses a combination of technology and human expertise to proactively monitor customer backups for faster detection of and response to threats.

Continue reading →

Cybercriminals are abusing legitimate URL protection services to hide malicious URLs in phishing emails, according to a new Threat Spotlight from Barracuda Networks.

Researchers have observed phishing attacks taking advantage of three different URL protection services to mask their phishing URLs. The services are provided by trusted, legitimate brands. To date, these attacks have targeted hundreds of companies.

Continue reading →

The Olympic Games begin next week in Paris and cybersecurity company WithSecure is warning that they face a greater risk of cyberattack than ever due to the current state of geopolitical uncertainty.

As the world's biggest sporting event, the Olympics draws potential attacks from both criminal and nation-state threat actors, with various objectives and capabilities.

Continue reading →

While enterprise computing was once tied to the desktop, theses days mobile connectivity is essential to the smooth running of any business.

This is partly as a result of changed working patterns -- accelerated by the COVID pandemic -- and partly down to rapidly evolving technology. We spoke to Allwyn Sequeira, CEO of mobile cloud service Highway 9 Networks, to learn more about the enterprise mobile space.

Continue reading →

Sharing of passwords is a problem. It's reckoned that 43 percent of US internet users share their passwords with others, probably using insecure methods such as messaging, writing them down, or shared documents.

The issue is even worse for businesses, with approximately 69 percent of employees admitting to sharing passwords with colleagues. Good news then is that open-source password manager Proton Pass is launching Secure Links, a new feature enabling users to share items easily and securely with anyone, including non-Proton Pass users.

Continue reading →

The rapid deployment of cloud resources has led to misconfigurations and security risks, leaving security teams scrambling to adapt and secure their businesses following migrations away from traditional on-premises environments.

Despite successfully enhancing prevention and detection in the cloud, organizations now face a significant challenge in assessing the true scope and impact of issues that do arise.

Continue reading →