Ian Barker

A new survey of over 300 cybersecurity professionals from SlashNext looks at cybercriminal behavior and activity on the Dark Web particularly as it relates to leveraging Generative AI tools and chatbots and finds a startling 1,265 percent increase in malicious phishing emails since the launch of ChatGPT in November 2022.

It also shows a 967 percent increase in credential phishing in particular and that 68 percent of all phishing emails are text-based Business Email Compromise (BEC) attacks.

Continue reading →

Over the last two years, the average organization's cybersecurity program was prepared to preventively defend against, or block, just 57 percent of the cyberattacks it encountered. This means 43 percent of attacks launched are successful and need to be remediated after the fact.

This is among the findings of a new report from Tenable, based on a survey of over 800 IT and cybersecurity leaders carried out by Forrester Consulting.

Continue reading →

The shift to remote and hybrid working has led to many problems for IT teams, not least that it offers an expanded attack surface. Add in the threat from cybercriminals looking to capitalize on advanced AI capabilities to create malware and you have some major challenges.

We spoke to Doug Kersten, CISO of enterprise collaboration specialist Appfire, to discuss the key security challenges product and DevOps teams face today and how to overcome them.

Continue reading →

Nearly 87 percent of Android and 60 percent of iOS apps request access to device functions unrelated to their performance, according to new research by NordVPN.

Researchers analyzed the most popular mobile apps globally in 18 categories. They found that up to 14 percent of apps collect more unnecessary than necessary data for the apps' performance and only eight percent collect no unnecessary data. On average, every fifth requested permission was not actually needed for the app’s functionality.

Continue reading →

This week Malwarebytes has launched a new identity theft protection solution aimed at individuals, helping them secure their digital identities and defend against identity and online threats.

Called -- imagine how many meetings it must have taken! -- Identity Theft Protection, it includes real-time identity monitoring and alerts, robust credit protection and reporting and live agent-supported identity recovery and resolution services, all backed by up to a $2 million identity theft insurance policy.

Continue reading →

One of the effects of the pandemic and the shift to remote and hybrid working has been that organizations have become increasingly reliant on messaging tools like Teams and Slack.

But new research from CybSafe shows that 47 percent of workers have received no training in the use of these platforms and could be putting themselves and their employers at risk.

Continue reading →

Ethical hacking company HackerOne has announced that its ethical hacker community has surpassed $300 million in total all-time rewards on the HackerOne platform.

The company's 2023 Hacker-Powered Security Report also shows 30 hackers have earned more than a million dollars on the platform, with one hacker surpassing four million dollars in total earnings.

Continue reading →

Research released this week from Hitachi Vantara shows 55 percent of enterprises are struggling to derive meaningful insights from their data.

The survey of over 200 IT leaders across North America and Europe, carried out by Forrester Consulting, reveals ongoing challenges related to security, inflexible systems, isolated data, a skilled labor shortage, and the need for infrastructure agility.

Continue reading →

OpenText Cybersecurity has released its sixth annual look at the threat landscape to reveal the most notorious malware trends.

This year four new ransomware gangs, believed to be a new generation of previous big players, top the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign.

Continue reading →

With so many different platforms and technologies available, navigating the world of cloud computing can be tricky.

In a bid to make things simpler Acorn Labs is announcing public beta availability of its cloud developer platform Acorn, a service that makes it simple for anyone to run software in their own cloud sandbox and easily share their creations.

Continue reading →

We all know that you shouldn't share your passwords with anyone else. But the world is a complex place and there are occasions when it's necessary to send someone a login -- sharing access to a business social media account for example -- or other sensitive information.

Email, SMS, Post-it notes, etc are not secure ways to do this, so Proton is launching a new Secure Password Sharing feature for its Proton Pass password manager.

Continue reading →

Securing the software supply chain presents many challenges. To make the process easier OX Security recently launched OX-GPT, a ChatGPT integration aimed specifically at improving software supply chain security.

We spoke to Neatsun Ziv, co-founder and CEO of OX Security, to discuss how AI can present developers with customized fix recommendations and cut and paste code fixes, allowing for quick remediation of critical security issues across the software supply chain.

Continue reading →

New research from Salt Labs highlights API security vulnerabilities uncovered in the social sign-in and Open Authentication (OAuth) implementations of multiple online companies.

Sites affected include Grammarly, Vidio, and Bukalapak. The flaw has now been fixed but could have allowed for credential leakage and enabled full account takeover. Salt Labs also reports that 1,000s of other websites using social sign-in mechanisms are likely to be vulnerable to the same type of attack, putting billions of individuals around the globe at risk.

Continue reading →

A new study of over 800 IT professionals across the US, UK and Germany finds that 72 percent of mid-size companies report a lack of cloud management skills as being a barrier to their growth.

The study from Parallels finds 64 percent of respondents have already implemented a hybrid approach, and 38 percent of all respondents plan to further embrace a hybrid cloud approach in the next year.

Continue reading →

A new survey of 300 senior cybersecurity stakeholders finds that 98 percent are concerned about the cybersecurity risks posed by ChatGPT, Google Bard, WormGPT, and similar tools.

The report from Abnormal Security shows the main worry is the increased sophistication of email attacks that generative AI will make possible -- particularly, the fact that generative AI will help attackers craft highly specific and personalized email attacks based on publicly available information.

Continue reading →