Ian Barker

Enterprise secrets could be inadvertently leaking via GitHub repositories, according to new research from Aqua Security.

By scanning the most popular 100 organizations on Github, which collectively includes more than 50,000 publicly accessible repositories, Aqua researchers found active secrets from open source organizations and enterprises such as Cisco and Mozilla providing access to sensitive data and software. The exposed secrets could lead to significant financial losses, reputational damage, and legal consequences.

Continue reading →

A new report shows that while 14 percent of organizations experienced an API attack in the last 12 months, only 38 percent say they have an API security solution in place.

The research from Traceable AI, based on a security of cybersecurity delegates at the RSA conference, finds that although 43 percent of organizations say they do not struggle with API sprawl, 33 percent are unsure if they are managing it effectively, and 24 percent acknowledge they are struggling.

Continue reading →

A new report reveals that organizations are suffering multiple ransomware infections, 18 percent have suffered a ransomware infection 10 or more times in a 24-month period, a further 18 percent were infected five to nine times, and 30 percent were infected between two and four times.

The study from anti-ransomware platform Halcyon also shows that data exfiltration occurs in nearly every major ransomware attack today, and nearly 60 percent of respondents say that sensitive or regulated data was exfiltrated from their organization, with 55 percent reporting the attackers issued an additional ransom demand to protect the exfiltrated data.

Continue reading →

A new study reveals growing anxiety among consumers that weaknesses in their banks' fraud-protection measures could leave them exposed to scammers, this would result in the vast majority (75 percent) switching providers.

For the report from Jumio sampled the views of more than 8,000 adult consumers, split evenly across the UK, US, Singapore, and Mexico, with research carried out by Censuswide.

Continue reading →

There's an abundance of apps and SaaS solutions readily available these days to make the lives of employees easier and perform many work-related tasks. And the list keeps growing, with the likes of ChatGPT and Gemini paving the way for more AI-driven virtual assistants.

This is all well and good, unless your organization doesn't sanction the use of the software in question, turning something seemingly innocuous into shadow SaaS -- and a security risk. We spoke to John Stringer, head of product at data loss prevention specialist Next DLP, to learn more.

Continue reading →

A new report finds that 76 percent of fraud and risk professionals believe their business has been targeted by AI-driven fraud, with over half reporting this type of fraud happening daily or weekly.

The study, from anti-fraud platform Sift, finds the emergence and increased adoption of AI tools, including publicly available chatbots, enables cybercriminals to conduct scalable fraud attacks against both individuals and businesses.

Continue reading →

Smaller businesses are often more at risk of cyberattack simply because they lack the resources of their larger counterparts.

WatchGuard Technologies is looking to change that with the launch of an open XDR solution that delivers levels of visibility into east/west and north/south network traffic previously only available to large enterprises with the resources to manage their own security operations center.

Continue reading →

Although many people fear that artificial intelligence could put their jobs at risk, a new study from Jitterbit shows that many see AI as offering new skills and personal growth opportunities.

Based on a survey by Censuswide of 1,022 full-time office workers in the UK and US, the study looks at how workers really feel about AI and the findings reveal a positive views of working with AI technology in professional settings.

Continue reading →

According to a new report, UK companies are prioritizing AI, with larger expected budget increases than in the US and Germany, and 90 percent considering AI a critical topic.

The report, from analytics database company Exasol, finds UK organizations expect to prioritize AI implementation through larger data and analytics budget increases over the next two to three years in the retail (+48 percent) and healthcare sectors (+100 percent).

Continue reading →

The cybersecurity landscape is a constantly changing one, with new threats emerging and old ones evolving. This makes it difficult for organizations to ensure their defenses are up to the task of properly protecting them.

We spoke to Balazs Greksza, threat response lead at Ontinue which recently published its first threat intelligence report, to find out about the latest threats and how organizations can address them.

Continue reading →

New research from Daisy Corporate Services in the UK shows that 69 percent of organizations have seen an uptick in network security threats over the last 18 months.

The survey, of 250 UK IT decision-makers, highlights that growing network complexity is making it more difficult and costly for organizations to secure and manage their networks.

Continue reading →

The IT industry has been experiencing major turnover and burnout issues for years, and skilled workers are a rare commodity nowadays.

We spoke with Ariel Gesto, CEO and founder of InvGate, to find out how IT workers can automate tasks or make some tasks much easier to solve with gen AI.

Continue reading →

Enterprises could be exposing themselves to by increasingly relying on single sign-on (SSO) according to a new report from Doyensec, in collaboration with Teleport.

Although sold by identity providers (IdPs) for their convenience and security, SSO solutions can amplify the impact of breaches. The research shows these impacts can be significantly mitigated once additional layers of security are placed between the IdP and the linked applications and services.

Continue reading →

A new report from security testing platform Synack shows a rise in critical-severity vulnerabilities in 2023 compared to 2022.

On a positive note though, despite mounting pressures on security teams, organizations have reduced their mean time to remediation for critical-severity vulnerabilities by 24 days and high-severity vulnerabilities by 18 days, down to 56 and 74 days, respectively.

Continue reading →

New research from Ivalua finds that 31 percent of UK businesses have been the victim of invoice fraud in the past 12 months.

Of these, just 39 percent managed to stop the fraudulent transactions before the money was paid out.

Continue reading →