Ian Barker

Analysis of data logged by the Barracuda Managed XDR Security Operations Center shows ransomware threats have increased by four times over the last year.

In 2024, Barracuda Managed XDR logged 11 trillion IT events -- 350,000 per second. Just over a million were flagged as a potential risk and of these, 16,812 were identified as high-severity threats that required immediate defensive action. That’s a small percentage but highlights the need for powerful engines, analysis tools and human expertise to detect them.

Continue reading →

New research finds that 47 percent of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network.

The study, carried out by the Ponemon Institute for Imprivata, also shows 64 percent of respondents believe these types of third-party data breaches will either increase or remain at alarmingly high levels over the next 12-24 months.

Continue reading →

User-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes are widely available on the dark web according to the latest 2024 Report on Global Identity Fraud from AU10TIX.

FaaS platforms provide all the tools, templates and automation that fraudsters need, including deepfake generators to create synthetic selfies and videos, botnets to automate mass-scale account creation and takeover, and phishing kits for email and web-based scams.

Continue reading →

Email remains a vital channel for business communications, but the availability of easy-to-use AI tools makes protecting the inbox a challenge as it's easier than ever for cybercriminals to launch sophisticated attacks.

A new report from Abnormal Security charts the rise of adversarial AI which has seen a 54 percent year-on-year rise in business email compromise attacks.

Continue reading →

Accurate voice transcription is important for enterprises, whether it's to ensure appropriate responses or create accurate records.

However some situations make this challenging to achieve -- where there are multiple speakers or noisy backgrounds, for example. With the launch today of Nova-3, its most advanced speech-to-text (STT) model to date, Deepgram is looking to offer greater accuracy along with self-service customization to tailor results for industry-specific needs. 

Continue reading →

A new study commissioned by Immersive Labs shows 96 percent of cyber leaders believe effectively communicating cyber-readiness to senior leadership and boards will be crucial in 2025, driven by regulatory compliance requirements and an increase in attacks.

The survey conducted by Sapio Research reveals that 49 percent of those surveyed report having experienced a cyberattack in the past year.

Continue reading →

A new report reveals that 74 percent of IT security directors in regulated industries in the US and UK find detection-based security technologies outdated and inadequate.

The study from Everfox shows more than three-quarters of those polled believe security teams in regulated industries must shift their mindset from detecting threats to preventing them. 62 percent agree that AI and emerging malicious actor trends are increasing attack sophistication.

Continue reading →

There are many factors to consider when deploying AI into an organization, not least of which is maintaining transparency and trust in the process.

We spoke to Iccha Sethi, VP of engineering at Vanta, to learn more about why transparency is so important and how governments and enterprises are responding to this challenge.

Continue reading →

Identity security company 1Password is announcing that it will become Oracle Red Bull Racing's exclusive cybersecurity partner in a multi-year deal.

The Formula 1 team will implement 1Password Extended Access Management to strengthen its security posture and safeguard critical information across devices, applications, and locations. The 1Password branding will also be shown on the steering wheel screen of both Max Verstappen and Liam Lawson’s RB21 cars.

Continue reading →

A total of 94 ransomware groups listed victims in 2024 (a 38 percent increase on 2023) with 49 new groups observed, according to a new report, reflecting further complexity in the ransomware landscape.

The study from Searchlight Cyber also finds an 11 percent increase in the number of total victims posted on ransomware leak sites in 2024 (5,728) compared to 2023 (5,081).

Continue reading →

Hackers are taking the methods and strategies tested on larger companies and applying them to organizations of every size.

Advanced evasion techniques -- once exclusive to advanced persistent threats -- have become the new normal, according to the latest threat report from Huntress. Techniques include endpoint detection and response (EDR) tampering, bring your own vulnerable driver (BYOVD) privilege escalations, and User Account Control (UAC) bypasses.

Continue reading →

Developers historically have not been all that security savvy, but as software supply chain security becomes a larger and larger problem every day, enterprises are going to need to secure packages before they are put into production environments.

We spoke to Phylum CEO, Aaron Bray, to learn more about 'secure by design' and how it can make sure developers are being taught security as part of their development and training process and are also being provided with the necessary resources to code securely from the beginning.

Continue reading →

The latest Enterprise Cloud Index (ECI) survey from Nutanix shows that that while 80 percent of organizations have already implemented a GenAI strategy, implementation targets vary significantly.

Organizations are eager to leverage GenAI for productivity, automation, and innovation, but they also face critical hurdles in the form of data security, compliance, and IT infrastructure modernization. 95 percent of respondents agree that GenAI is changing their organization’s priorities

Continue reading →

As cloud environments become complex, security teams face increasing challenges in detecting, prioritizing, and addressing risks.

While cloud security posture management (CSPM) tools were created to provide visibility into cloud configurations and cloud workload protection platforms (CWPP) to manage threats to cloud workloads, they created gaps in providing holistic context that enables efficient risk management and didn't extend across the full software development life cycle (SDLC).

Continue reading →

The latest Phishing Trends Report from Hoxhunt -- based on a global sample size of 2.5 million email users, 50 million phishing simulations, and millions of real phishing attacks -- shows a 49 percent increase in phishing since 2021, driven partly by the rise of blackhat AI.

Among the findings are that between 0.7 percent and 4.7 percent of reported phishing attempts are written by AI. This may seem low but to put it into context numbers of AI phishing attempts were negligible six months earlier. Highly targeted, AI-enabled spear phishing attacks with multiple links in the kill chain are on the rise.

Continue reading →