Ian Barker

As digital transformation projects mean enterprises are sharing more and more information with customers and suppliers, added focus is placed on the security of that data.

To find out how companies can address this, while still reaping the benefits of AI, IoT and other fast growing technologies, we spoke to Fouad Khalil, VP of compliance at SecurityScorecard.

Continue reading →

With phisherfolk ever keen to cash in at the end of the tax year, a new study has analyzed the public DNS records for 200 domains likely to be impersonated for tax fraud and finds that 78 percent are not adequately protected.

The research from email security company Valimail looked at Fortune 100 businesses, US states' departments of revenue, federal tax agencies and well-known tax preparation services.

Continue reading →

Next Tuesday is World Backup Day and to mark the event AOMEI is offering a 12 month free subscription to its Backupper Professional product. The offer is available from now until April 2nd.

With more people working at home on their own machines due to the Coronavirus, security and protection of data is more important than ever.

Continue reading →

Malware attacks using USB flash drives dropped in offices or public locations like car parks are not uncommon. But researchers at Trustwave Spiderlabs have been investigating a new attack disguised as a gift card.

The attack came in the form of a letter that appears to be from retail chain Best Buy offering a $50 gift to loyal customers. With the letter comes a USB drive supposedly containing a list of items to spend the money on.

Continue reading →

Vulnerabilites in the 'Diameter' signalling protocol used to authenticate and authorize messages and information distribution in 4G networks leave them vulnerable to attack.

Researchers at Positive Technologies replicated the actions of threat actors and their attempts to infiltrate mobile networks were 100 percent successful. They also discovered that the biggest threat was denial of service attacks.

Continue reading →

New research reveals a concentrated drive to target workers now operating remotely as a result of the COVID-19 outbreak.

Phishing detection specialist RedMarlin used artificial intelligence tools and submissions to its CheckPhish.ai site to detect thousands of attacks by cybercriminals with the intent of penetrating networks and stealing corporate data.

Continue reading →

According to a new survey of 1,000 IT security professionals around the world, 74 percent are more concerned about a cyber attack on critical infrastructure than an enterprise data breach.

The study by Claroty reveals 62 percent of global respondents believe that industrial networks are properly safeguarded against cyber attacks and 60 percent believe their country’s critical infrastructure is adequately protected.

Continue reading →

Less than half of organizations can patch vulnerable systems swiftly enough to protect against critical threats and zero-day attacks, and 81 percent have suffered at least one data breach in the last two years.

A new report from cyber hygiene platform Automox cites the pace of digital transformation and modern workforce evolution, difficulty in patching systems belonging to mobile employees and remote offices, inefficient patch testing, lack of visibility into endpoints, and insufficient staffing in SecOps and IT operations as inhibitors to patching.

Continue reading →

Automation is having an impact on almost every industry, but it's not just in the world of legitimate commerce that its presence is being felt. A new report from Recorded Future shows criminal enterprises are turning to automation tools too.

Indeed the criminal underground has created an ecosystem of tools and resources allowing threat actors to both operationalize and monetize their campaigns increasingly quickly.

Continue reading →

With more people working from home due to the COVID-19 crisis, it's concerning to find that top VPNs are recording their users and potentially leaking their data according to new research.

Comparison site VPNpro analyzed 114 VPNs and found that, of those, 102 have websites with trackers on them and 26 of those websites have 10 or more trackers. Many of these trackers involve third parties with reputations for not respecting user privacy.

Continue reading →

Researchers at Check Point have identified an auto-clicker malware family operating inside the Google’s Play Store.

Disguised in over 56 applications and downloaded over 1,000,000 times globally, the malware -- dubbed 'Tekya' -- commits mobile ad fraud by imitating the actions of a user, clicking ads and banners from ad agencies like Google's AdMob, AppLovin', Facebook, and Unity.

Continue reading →

Law enforcement agencies have a growing reliance on digital intelligence with some 90 percent of cases now involving some form of digital device or cloud service.

A new report from digital intelligence solutions specialist Cellebrite collected date from over 2,000 law enforcement agency personnel, in over 110 countries to compile a report benchmarking the sector's day-to-day challenges.

Continue reading →

Building security into an application can often be an afterthought for developers, yet building those steps in at an early stage can save companies time and money.

We spoke with Matt Glenn, vice president of product management at Illumio, who shared his insights on why security professionals should be engaging with developers, and why segmentation is becoming a go-to tool for developers to easily implement security into their processes.

Continue reading →

Last week we reported that Zoho was making its Remotely suite free until July to help people and businesses cope with the current COVID-19 unpleasantness.

Since then many other companies have announced similar schemes to make their products available free to help businesses and individuals with isolation and home working.

Continue reading →

Cloud storage company Storj Labs is launching a new decentralized service aimed at storing data more efficiently and providing additional revenue-generating opportunities for storage node operators.

Called Tardigrade -- in case you were wondering a tardigrade is an eight-legged water dwelling micro animal (or if you've watched 'Star Trek: Discovery' a sort of massive space-travelling flea) -- it offers cloud object storage that's S3 compatible, high performing, easily implemented, exceptionally durable, and with high availability.

Continue reading →