Ian Barker

The CVE (Common Vulnerabilities and Exposures) database is widely used across many cybersecurity tools, allowing the tracking of vulnerabilities.

The CVE program has been in existence for 25 years but today MITRE -- the non-profit organization which looks after the database -- has announced that its contract with the US Department of Homeland Security to operate the CVE Program hasn't been renewed.

Continue reading →

Agentic AI has been in the news quite a bit of late, but how should enterprises expect it to impact their organizations?

We spoke to Mike Finley, CTO of AnswerRocket, to discuss Agentic AI's benefits, use cases and more.

Continue reading →

The latest annual Microsoft Vulnerabilities Report from BeyondTrust, reveals a record-breaking number of reported vulnerabilities last year.

Total vulnerabilities reached an all-time high of 1,360 in 2024, an 11 percent increase from the previous record of 1,292 in 2022. Elevation of Privilege (EoP) vulnerabilities comprised 40 percent of all those reported.

Continue reading →

Despite being present on virtually every employee's browser, extensions and plug-ins are rarely monitored by security teams or controlled by IT and a new report shows that could be leaving enterprises at risk.

The study from LayerX Security combines statistics from real-life usage data from enterprise users, with data available from public extension stores to reveal how organizations and employees interact with extensions, the associated risks and security blind spots.

Continue reading →

New research shows that only 29 percent of all organizations say their compliance programs consistently meet internal and external standards.

The report from Swimlane reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are leaving organizations vulnerable to audit failures, regulatory penalties and security gaps.

Continue reading →

Automated bot traffic surpassed human-generated traffic for the first time in a decade last year, making up 51 percent of all web traffic. This shift is largely attributed to the rise of AI and Large Language Models (LLMs), which have simplified the creation and scaling of bots for malicious purposes.

The latest Imperva Bad Bot Report from Thales shows cybercriminals are increasingly leveraging these technologies to create and deploy malicious bots which now account for 37 percent of all internet traffic -- a significant increase from 32 percent in 2023.

Continue reading →

The idea of security graphs was floated last year by Microsoft to make it easier to identify risks across networks.

Today Illumio is one of the first to make commercial use of this idea with the launch of Illumio Insights, the industry's first cloud detection and response (CDR) solution powered entirely by an AI security graph.

Continue reading →

The latest State of Pentesting report from Cobalt reveals that organizations are fixing less than half of all exploitable vulnerabilities, with just 21 percent of GenAI app flaws being resolved.

It also highlights a degree of over-confidence with 81 percent of security leaders saying they are 'confident' in their firm's security posture, despite 31 percent of the serious findings discovered having not been resolved.

Continue reading →

Today is World Quantum Day -- which probably means that it simultaneously both is and isn't. Seriously though, we're used to hearing dire warnings about how quantum computing threatens encryption and private communication, but of course it can also be part of the solution.

A new alliance between Partisia, a leader in multiparty computation (MPC), Squareroot8, a provider of quantum-safe communication solutions and NuSpace, a company specializing in IoT connectivity services and Satellite-As-A-Service wants to place a Quantum Random Number Generator (QRNG) on a satellite in space.

Continue reading →

Software engineering organizations often grapple with challenges that hinder their output -- including productivity blind spots, duplicate work, deadlines that don't stand a chance, burnout, and other hidden costs that eat up time and energy.

And while metrics can signal a problem, they don't always uncover the root cause or -- more importantly -- how to fix it. To explore this, we spoke to Joe Levy, CEO of Uplevel, an engineering optimization system helping developers independently measure the ROI of AI adoption.

Continue reading →

Initial access brokers (IABs) are the invisible engine of modern cybercrime. They don't execute ransomware attacks, but they do enable them.

Research from Check Point External Risk Management (formerly Cyberint) shows that IABs are increasingly targeting smaller businesses, with 60.5 percent of listings targeting SMBs (companies with $5M - $50M revenue), representing a new 'sweet spot' for attackers.

Continue reading →

Organizations are increasingly faced with complex DDoS attacks that disrupt operations, increase latency, and compromise network security.

Security solutions company Gcore is launching 'Super Transit', which is not a big van but a cutting-edge DDoS protection and acceleration feature, designed to safeguard enterprise infrastructure while delivering lightning-fast connectivity.

Continue reading →

As AI and machine learning technologies rapidly evolve, IT professionals must continuously adapt their skills to stay competitive in the workforce. This requires not only technical expertise but also a commitment to lifelong learning, including earning relevant certifications and developing crucial soft skills like communication and adaptability.

Companies can support this growth by fostering a culture of continuous learning, offering reskilling and upskilling opportunities, and providing tailored training paths for their employees. By prioritizing ongoing development, businesses can ensure their workforce remains at the forefront of emerging technologies, preparing them for the challenges of the AI-driven future.

Continue reading →

A new report from WatchGuard Technologies shows a 94 percent increase in network-based malware detections in the last quarter of 2024.

There’s also been an increase in overall malware detections including a six percent increase in Gateway AntiVirus (GAV) detections and a 74 percent increase in Advanced Persistent Threat (APT) Blocker detections, the most significant rises came from proactive machine learning detection offered by IntelligentAV (IAV) at 315 percent.

Continue reading →

Ransomware attacks reached a historic high in the first quarter of this year, with 2,063 victims reported, a 102 percent increase compared to the previous year.

The report from GuidePoint Security also records a record high number of active threat groups, with 70 identified in Q1, reflecting a 55.5 percent year-on-year rise.

Continue reading →