Scheduled vulnerability scanning can leave blind spots between scans leaving organizations vulnerable.

In response to this problem, Microsoft has partnered with a number of enterprise customers to create a new Threat and Vulnerability Management solution as a built-in feature of Microsoft Defender Advanced Threat Protection.

Continue reading →

If you've ever tried to switch mobile phone providers in the UK you'll know that if you want to keep your existing number after the transfer it involves getting a PAC (porting authorization code) from your old provider.

Obtaining this has in the past involved phoning them up and having them plead with you not to leave while offering you all kinds of special deals to persuade you to stay. Well not any more.

Continue reading →

Artificial intelligence is appearing in more and more of our everyday technology. But it raises a number of questions about how it will react in challenging situations.

Security education comparison site Cyber Security Degrees has produced an infographic looking at the ethics of AI and how we feel about its impact on our lives.

Continue reading →

We are increasingly using our PCs for communication, whether it's making Skype calls or just chatting to other online gamers.

But while laptops and some monitors have built in microphones they are not always ideally located or the best quality.

Continue reading →

Google has a pretty good record when it comes to protecting its users against online threats. Part of this is its Safe Browsing technology which scans billions of URLs each day to discover dangerous websites.

But research by mobile threat defense specialist Wandera has discovered a disparity between the protections available within Google’s desktop browser compared to its mobile browser.

Continue reading →

Cybersecurity is often as much about people as it is about technology. But despite increasing their spending, organizations are still struggling to close the cybersecurity skills gap.

Training and certification company Offensive Security is launching a new program for enterprises designed to simplify the cybersecurity training process and allow organizations to invest more in cybersecurity skills development.

Continue reading →

When IT managers adopted the cloud they believed it would simplify operations, increase agility, reduce costs, and provide greater insight into their data. Yet 91 percent say it hasn't delivered all the expected benefits and 88 percent that it isn't meeting management expectations.

A new study of 900 senior decision makers, for data management company Cohesity carried out by Vanson Bourne, finds that of those who feel the promise of public cloud hasn't been realized, 91 percent believe it's because their data is fragmented in and across public clouds and could become nearly impossible to manage long term.

Continue reading →

Researchers at Check Point working with CyberInt have uncovered a chain of vulnerabilities in the Origin gaming client developed by Electronic Arts (EA). If exploited, the vulnerabilities could have led to player account takeover and identity theft.

Researchers have responsibly disclosed the vulnerabilities to EA, in accordance with coordinated vulnerability disclosure practices, to fix the vulnerabilities and roll out an update before threat actors could exploit the flaw.

Continue reading →

In the wake of privacy scandals like that involving Cambridge Analytica consumers are changing their online behavior and sharing less information.

This is among the findings of new research from privacy app FigLeaf which shows 82 percent of online users in the US and 75 percent in the UK are choosing to change the way they behave online. Of these respondents, 74 percent say they are sharing less information.

Continue reading →

On average, businesses run 27 percent of their workloads and applications in public clouds and expect this figure to nearly double to 48 percent within the next one to two years, according to a new study.

The report from IT marketplace Spiceworks shows 69 percent of businesses believe the flexibility of cloud environments will allow them to more easily adopt emerging technologies such as edge computing, serverless computing, and container technologies.

Continue reading →

As more and more apps and data move to the cloud, identifying and ranking threats becomes an increasingly difficult task.

Machine data analytics platform Sumo Logic is launching a new Global Intelligence Service for Amazon GuardDuty that delivers almost real-time actionable insights to allow customers to benchmark themselves against other adopters of Amazon Web Services cloud infrastructure, strengthen cloud security posture, improve threat detection, and enhance regulatory compliance.

Continue reading →

Identity specialist Ping identity is announcing an update to its PingOne for Customers IDaaS solution that means developers can now deliver passwordless and advanced multi-factor authentication from custom mobile applications.

Enhancements include a mobile SDK that allows development teams to send push notifications to custom mobile applications for MFA, APIs for logins via social media accounts, and support for single sign-on via Security Assertion Markup Language (SAML).

Continue reading →

Endpoint protection company Carbon Black is adding a number of features to its platform, including Linux support and Amazon Web Services and container protection.

The cloud-native platform gives security and IT teams remote access to cloud workloads and containers running in their environment, making it easier to resolve configuration drift, address vulnerabilities in real time, confidently respond to incidents and demonstrate compliance with business policies and industry regulations.

Continue reading →

Impersonating a company's CEO or other senior executive has become a favorite technique for cybercriminals seeking to extract payments from businesses.

Historically this has been aimed at accounts payable departments, but the latest email threat report from FireEye shows attackers using two new variants to target payroll and supply chains.

Continue reading →

The average UK enterprise has downloaded over 21,000 software components with a known vulnerability in the past year alone, according to new data from Sonatype the DevSecOps automation specialist.

Sonatype's fifth annual State of the Software Supply Chain Report has studied over 12,000 enterprise development companies globally and shows that of the average 248,000 open source components downloaded by British business in 2018, 8.8 percent have a known security flaw.

Continue reading →