Ian Barker

New research shows increasing confidence among developers at large organizations with regards to knowledge gained from security training, but they are still spending a considerable amount of time on security-related tasks.

The study from Checkmarx looks at the current practices of development teams in large enterprises as they work toward more mature states of development, security and operations (DevSecOps).

Continue reading →

Nuances in digital messaging in the workplace are driving miscommunication according to a new study by Adaptavist.

The survey of 1,000 UK knowledge workers finds 'misinterpreting tone or phrasing' comes out as the biggest communication challenge facing workers, cited by almost half (46 percent) of respondents. This is closely followed by different response time expectations (46 percent) and lack of context (31 percent).

Continue reading →

Popular cloud collaboration and file sharing platforms like Adobe, DocuSign, Dropbox, Canva, and Zoho are being misused in phishing attacks due to their widespread adoption by businesses and individuals.

Research by Cofense finds 8.8 percent of all credential phishing campaigns in 2024 used these websites. Among campaigns exploiting these online document sites 79 percent of all cases containing the domains were credential phishing attacks.

Continue reading →

A new report from Claroty finds that 89 percent of healthcare organizations have medical devices vulnerable to ransomware-linked exploits and insecure internet connectivity.

Based on analysis of more than 2.25 million Internet of Medical Things (IoMT) devices and 647,000-plus OT devices across 351 healthcare organizations, the report finds 99 percent have at least one known exploited vulnerability (KEV) in their networks, while 78 percent of hospitals have OT devices with KEVs, including building management systems, power supplies, and temperature controls.

Continue reading →

With deepfakes getting more sophisticated and harder to detect both organizations and individuals are at risk of falling victim to fraud and phishing attempts.

We spoke to SURF Security CTO, Ziv Yankovitz, to learn more about the increasing threat of deepfakes and best practices that can be used to for combat attacks.

Continue reading →

A new report from Grafana Labs looks at the maturity and evolution of the observability landscape, from the complex challenges teams are facing to the tools and tactics they're implementing to overcome them.

The study, based on 1,255 responses, shows 75 percent of respondents are now using open source licensing for observability into software performance, with 70 percent reporting that their organizations use both Prometheus and OpenTelemetry in some capacity. Half of all organizations have increased their investments in both technologies for the second year in a row.

Continue reading →

The latest threat intelligence report from Ontinue finds a 132 percent surge in ransomware attacks, although ransom payments have declined by 35 percent, suggesting a shift in attacker strategies to double down on ransomware efforts.

Among other key trends, the report highlights the rapid rise of Adversary-in-the-Middle (AiTM) attacks, which have become a dominant method for stealing authentication tokens and bypassing multi-factor authentication (MFA).

Continue reading →

Research from VikingCloud finds that a successful cyberattack would force nearly one in five small- and medium-sized businesses to close down.

For nearly a third of SMBs, a cyberattack with relatively small financial impact -- less than $10,000 -- would cause them to shut down, according to the report.

Continue reading →

A new study finds 83 percent of executives now rank supply chain resilience as being as critical as cybersecurity, and many are turning to technology to strengthen their operations.

The research from Cleo shows that to bolster resilience, 47 percent are considering artificial intelligence (AI), recognizing its potential to automate processes, predict disruptions, and enhance decision-making.

Continue reading →

When getting a new smartphone most people focus on features and pricing, while security tends to be overlooked. But as we access the internet more using mobile devices, protecting users' personal information, transactions, and digital identities is vital.

We talked to Tom Tovar, CEO of Appdome, to discuss why mobile security should be at the forefront of consumer and media conversations and why it's currently being neglected.

Continue reading →

A new report from Zscaler reveals a 3,000 percent year-on-year growth in enterprise use of AI/ML tools, highlighting the rapid adoption of AI technologies across industries to unlock new levels of productivity, efficiency, and innovation.

This surge in adoption also brings heightened security concerns though. According to the study enterprises blocked 59.9 percent of all AI/ML transactions, indicating awareness around the potential risks associated with AI/ML tools, including data leakage, unauthorized access, and compliance violations.

Continue reading →

Ransomware attacks are increasingly targeting organizations across industries, with the potential to cause devastating financial, operational, and reputational damage.

We spoke to James Eason, practice lead for cyber risk and compliance at Integrity360, to get his insights into how executive boards can effectively prepare for such incidents.

Continue reading →

Rooting (on Android) and jailbreaking (on iOS) were once widespread for enabling deeper customization and removing OS limitations on mobile devices. It's a practice that's become less common in recent years but still represents a serious security threat, not just to the user, but to enterprises who enable employees to access sensitive corporate apps and data from their devices.

Research from Zimperium's zLabs shows rooted Android devices experience 3.5 times more malware attacks, and system compromises have surged by 250 times compared to non-rooted devices.

Continue reading →

With enterprises relying increasingly on data stored on the cloud existing ransomware solutions designed for in-house storage often fall short. That can mean longer recover times which in turn can prove devastating for the business.

Cloud backup platform Eon is launching a new cloud-native package designed specifically to provide protection and recovery from ransomware attacks. Engineered for immediate recovery, Eon's platform is able to restore clean data in minutes, offering greater efficiency than other current market offerings.

Continue reading →

As organizations race to deliver apps at an unprecedented pace, the rise of freely available AI tools with sophisticated capabilities has made it easier than ever for threat actors to effortlessly reverse-engineer, analyze, and exploit applications at an alarming scale.

A new report from Digital.ai shows that 83 percent of applications are under constant attack, a nearly 20 percent increase from last year, with attack rates surging across all industries.

Continue reading →