Penetration testing company Positive Technologies has released some alarming figures surrounding the vulnerability of corporate networks to insider attacks.

During testing performed as an internal attacker, the company's researchers were able to obtain full control of infrastructure on all the corporate networks they attempted to compromise. Only seven percent of systems were assessed as having 'moderate' difficulty of accessing critical resources.

Continue reading →

We all know that Google collects data and uses it to sell adverts. But just how well does Google know you?

VPN service comparison site TheBestVPN has created a full guide to how the corporation tracks you and what it does with the information.

Continue reading →

According to a new study, 68 percent of IT professionals believe their organizations are failing to carry out all procedures in line with data protection laws.

The report from digital security specialist Gemalto also shows 65 percent of companies are unable to analyze all the data they collect and only just over half (54 percent) know where all of their sensitive data is stored.

Continue reading →

While businesses spend a lot of time and effort putting up technical defenses to protect their systems, often the weakest spot is the users.

Employees can do harm to the business by visiting infected websites, responding to phishing emails, using business email through public Wi-Fi and more. Spam filtering service EveryCloud has put together an infographic looking at why it’s therefore important for companies to offer cybersecurity training.

Continue reading →

Information technology and operational technology are gradually moving closer together thanks to wider connectivity of OT with external networks, and the growing number of industrial IoT devices.

While this boosts the efficiency of industrial processes, it also presents new risks and vulnerabilities according to a new report from Kaspersky Lab.

Continue reading →

Cybercriminals use a variety of tactics to cloak their activity and that includes using trusted tools, like PowerShell, to retrieve and execute malicious code from remote sources.

A new report from eSentire reveals that 91 percent of endpoint incidents detected in Q1 2018 involved known, legitimate binaries.

Continue reading →

A new report from log management platform Scalyr reveals that as organizations shift from more traditional architectures to microservices, they release software more frequently, but spend more time troubleshooting issues.

The State of DevOps Observability Report, based on a survey of 155 software development practitioners, finds that organizations are shifting away from traditional, monolithic architectures, with three-quarters of survey respondents delivering at least some of their applications and more than one-third delivering most of their applications as microservices.

Continue reading →

Certificate authority Comodo CA is expanding out of its traditional area to launch a new platform designed to secure Internet of Things devices.

Hackers increasingly target IoT devices that have no security embedded and exposed vulnerabilities. The new Comodo CA IoT unified portal directly addresses this problem by enabling trusted, third-party, mutual authentication of devices to networks.

Continue reading →

Cybercriminals are using mobile devices to avoid detection and execute a number of nefarious acts, according to a new report.

The study from bot mitigation specialist Distil Networks finds 5.8 percent -- around one in 17 -- of all mobile devices across six major cellular networks are used in such automated attacks and represent eight percent of all bad bot traffic.

Continue reading →

A new Harris Poll commissioned by insider threat detection company Dtex Systems looks at employee attitudes towards the monitoring of their digital activities.

Carried out in the wake of data collection, monitoring and privacy scandals at Facebook and elsewhere, it shows that 45 percent of Americans believe it is at least sometimes acceptable for employers to monitor employees' digital activities to protect against security threats and data breaches.

Continue reading →

As workforces are increasingly spread over multiple locations, in the field or working from home, keeping them up to date and engaged with company news can be a tough task.

Increasingly managers are turning to podcasts to help keep sales teams competitive and build corporate community and business alignment among employees, partners and customers. Enterprise communications company uStudio is launching a podcasting solution purpose-built for private enterprise communications.

Continue reading →

We all sign up to online accounts for various things but over time it can become hard to remember which address you used for each site, what password you used or indeed whether you’ve previously signed up to a site at all.

Password management specialist Dashlane is launching a new feature for mobile users of its password manager called Inbox Security Scan, to give people an insight into the current state of their online accounts.

Continue reading →

A new report from McAfee Labs has seen coin mining malware grow by 629 percent in the first quarter 2018 as criminals seek to cash in on cryptocurrency trends.

On average the company has seen five new threat samples every second, including growth in cryptojacking and other cryptocurrency mining malware, and notable campaigns demonstrating a deliberate drive to technically improve on the most sophisticated, established attacks of 2017.

Continue reading →

Awareness of cybersecurity at board level is growing as last year's WannaCry attack has highlighted the need to guard against attacks.

The research, conducted by Vanson Bourne, as part of an international survey of 500 businesses in the UK, France, Germany and the USA, was commissioned by endpoint protection specialist SentinelOne.

Continue reading →

It can be difficult for security teams to identify the weak spots in their organization's controls that put the security of the business at risk.

Managed security services provider Proficio is addressing this by launching a new version of its ProView Plus consumer portal that includes ThreatInsight risk scoring.

Continue reading →