Ian Barker

New research from DevOps automation specialist Sonatype has discovered that software development activity in the UK decreased by 28 percent since February.

However, the UK position contrasts with some other countries where development activity has continued to grow in the midst of the pandemic. Notably, this includes the United States with a six percent increase and Germany with a 12 percent increase since January 2020.

Continue reading →

For around two decades now, hackers have exploited the design of the memory management system used by Linux programs in order to take control of a target's computer.

Now though researchers at Check Point have introduced a new security mechanism for Linux users called 'safe-linking' which means attackers will need more than one vulnerability in order to take over the program.

Continue reading →

A new report finds that more than 88 percent of organizations use cloud infrastructure in one form or another, and 45 percent expect to move three quarters or more of their applications to the cloud over the next twelve months.

The study from O'Reilly surveyed 1,283 software engineers, technical leads, and decision-makers from around the globe and finds that 21 percent of organizations are hosting all their applications in a cloud context.

Continue reading →

We've already seen that Dark Web marketplaces are seeking to cash in on the COVID-19 pandemic, but new research from Positive Technologies also shows a lot of interest in accessing corporate networks.

In the first quarter of this year the number of postings advertising access to these networks increased by 69 percent compared to the previous quarter. This is likely to pose a significant risk to corporate infrastructure, especially now that many employees are working remotely.

Continue reading →

Email compromise via spoofed domains or compromised accounts is a major problem. But a new cloud platform from Abnormal Security tracks the reputations of an organization's vendors and customers, and improves detection accuracy of advanced social engineering attacks.

VendorBase is a global database that gives organizations the ability to see detailed views of all vendors, including profile information, the VendorBase risk assessment score, explanations on risk scores, a timeline view of relevant email communication and security activity for that vendor.

Continue reading →

Although home workers have spent more hours in front of their computers than before the pandemic, the extra hours haven't translated into increased productivity according to a new study.

The report from digital experience management company Aternity looks at the extent to which remote employee productivity is affected by application performance. It also examines which applications work better in the home compared to the office.

Continue reading →

Over 76 percent of CEOs are consistently losing sleep over the fear of becoming the next headline-grabbing security breach, yet less than half of them have a firm cybersecurity strategy in place.

A new study from cybersecurity company Forcepoint in partnership with WSJ Intelligence surveyed 200 senior executives from a range of industries to find the major cybersecurity stresses and areas of disconnect for business and security leaders.

Continue reading →

With cybercriminals ever keen to exploit the latest trends to their advantage, it should come as no surprise that the latest research from Trustwave SpiderLabs shows a raft of Dark Web activity based around COVID-19.

Scams range from adverts for supposed vaccines to malicious infection maps. But there's also evidence that Dark Web activities are being hit by the pandemic in much the same way as legitimate businesses.

Continue reading →

Public Key Infrastructure (PKI) is essential to handling the issuing of digital certificates and managing public-key encryption, but it can prove a burden for businesses.

To make the process easier, certificate authority GlobalSign is launching a new automated PKI platform called Atlas.

Continue reading →

New research from application security specialist Veracode finds seven in 10 applications have a security flaw in an open source library on initial scan, highlighting how use of open source can introduce flaws, increase risk, and add to security debt.

The study analyzed the component open source libraries across the Veracode platform database of 85,000 applications, accounting for 351,000 unique external libraries. Nearly all modern applications, including those sold commercially, are built using some open source components.

Continue reading →

In case you hadn't noticed, today is Global Accessibility Awareness Day, focusing on digital access and inclusion for people with disabilities and impairments.

To mark the event IBM is launching an Equal Access Toolkit to deliver role-based guidance to all members of an IT project team -- not just developers or designers -- to ensure that the whole team is working together towards an accessible solution.

Continue reading →

UK businesses are spending £1.59 million and 24 person-years annually on processing data subject access requests in compliance with Article 15 of GDPR, according to a new study commissioned by privacy specialist Guardum.

Data Subject Access Requests (DSARs) require data controllers to provide data subjects with a copy of their personal data within 30 days, or risk a fine of €20 million or four percent of turnover.

Continue reading →

More than half of companies questioned in a new survey are spending 40 percent or more of their IT security budgets on compliance.

The research from Coalfire, a provider of cybersecurity advisory and assessment services, in conjunction with consulting firm Omida, also reveals that nearly 60 percent of companies view compliance as a barrier to enter new markets and prepare news services to meet compliance requirements.

Continue reading →

Distributed cloud service company Volterra is launching a new service to encrypt and share public data without the need for passwords and public keys.

VoltShare is available as downloadable software (or an API and SDK) that operates locally on a PC or mobile device to easily encrypt sensitive data for sharing with target recipients through email or via existing collaboration platforms such as Slack, Teams and Dropbox.

Continue reading →

According to a new survey, 79 percent of organizations have experienced an identity-related breach in the last two years, while 94 percent report having had one at some point.

The study from the The Identity Defined Security Alliance (IDSA), based on a survey of over 500 IT security and identity decision makers conducted by Dimensional Research, finds that 66 percent say phishing is the most common cause of identity-related breaches, while 99 percent believe their breaches were preventable.

Continue reading →