Ian Barker

New research from Salt Labs highlights API security vulnerabilities uncovered in the social sign-in and Open Authentication (OAuth) implementations of multiple online companies.

Sites affected include Grammarly, Vidio, and Bukalapak. The flaw has now been fixed but could have allowed for credential leakage and enabled full account takeover. Salt Labs also reports that 1,000s of other websites using social sign-in mechanisms are likely to be vulnerable to the same type of attack, putting billions of individuals around the globe at risk.

Continue reading →

A new study of over 800 IT professionals across the US, UK and Germany finds that 72 percent of mid-size companies report a lack of cloud management skills as being a barrier to their growth.

The study from Parallels finds 64 percent of respondents have already implemented a hybrid approach, and 38 percent of all respondents plan to further embrace a hybrid cloud approach in the next year.

Continue reading →

A new survey of 300 senior cybersecurity stakeholders finds that 98 percent are concerned about the cybersecurity risks posed by ChatGPT, Google Bard, WormGPT, and similar tools.

The report from Abnormal Security shows the main worry is the increased sophistication of email attacks that generative AI will make possible -- particularly, the fact that generative AI will help attackers craft highly specific and personalized email attacks based on publicly available information.

Continue reading →

We've all heard about how AI is being used to improve cyberattacks, by creating better phishing emails for example, but does AI really have the same potential for being sneaky as humans?

New research from IBM X-Force has set out to answer the question, ‘Do the current Generative AI models have the same deceptive abilities as the human mind?’

Continue reading →

A new anti-fraud tool from Jumio uses predictive analytics and AI to look at billions of data points across the company's cross-industry network to identify patterns based on behavioral similarities and other indicators.

Jumio's analysis shows that 25 percent of fraud is interconnected, either being perpetrated by fraud rings or by individuals using the same information or credentials to open new accounts on banking sites, eCommerce platforms, sharing economy sites, etc.

Continue reading →

While much literature has been written on best practices for systems architecture, the desired outcomes have been as elusive as they have been sought after. The de-facto standard for enterprise systems that exists in reality is often closer to A Big Ball of Mud.

Very rarely is an organization’s technology (the infrastructure, the software or the set of systems powering the organization) planned as the state in which we see it today. All early systems need to scale, and most companies in the growth phase don't have the bandwidth to deal with this graciously.

Continue reading →

The European Union first proposed introducing a regulatory framework for AI back in 2021, the wheels of politics inevitably grind slowly, however, and it's still working on legislation to bolster regulations on the development and use of artificial intelligence.

The proposed Artificial Intelligence Act has sparked a good deal of debate in the industry with many worried that it could harm business competitiveness.

Continue reading →

A new study of go-to-market (GTM) leaders finds they expect investments in AI to pay off, with 85 percent of respondents believing the fusion of AI and GTM strategy will lead to revenue growth for their organization.

The report from Seismic shows that among this group leaders predict an average of 23 percent growth will be directly attributed to AI utilization over the next five years.

Continue reading →

As QR codes have become popular, they're used for all kinds of things from mobile payments to access control and even document sharing. The problem is that they can also hide risks so it's no surprise that they're becoming a popular vehicle for phishing.

New analysis from Hoxhunt finds the use of QR codes in 22 percent of attacks on its 'global human risk network' in the first weeks of October 2023.

Continue reading →

A new report from GuidePoint Security's Research and Intelligence Team (GRIT) shows a total of 3,385 publicly posted ransomware victims in the first three quarters of this year, claimed by 57 different threat groups, representing an 83 percent year-on-year increase.

Attacks directed against US-based organizations decreased, but there has been a marked increase in attacks impacting other nations. Other countries consistently affected, like the UK, saw an approximate 41 percent increase in attacks in Q3.

Continue reading →

X -- the platform formerly known as Twitter -- is testing out a new 'Not A Bot' program that will allow users to pay a small annual fee to verify that they are in fact a real person.

Initially available only in New Zealand and the Philippines, it will require new and unverified users to verify their phone number and pay a nominal $1 per year in order to be able to post and interact with other posts.

Continue reading →

The power that quantum computing makes available offers benefits in many areas, but it also means cracking encryption becomes much easier, which poses an enormous threat to data and user security.

At its annual Trust Summit conference, DigiCert has released the results of a global study exploring how organizations are addressing the post-quantum computing threat and preparing for a safe post-quantum computing future.

Continue reading →

A new survey of 900 full-time security decision-makers and practitioners around the world finds that 55 percent of respondents say they're likely to switch jobs in the next year.

The Voice of the SOC report, from secure workflow specialist Tines, shows that 63 percent of the security decision-makers and practitioners surveyed are experiencing burnout amid relentless cyberattacks, internal pressures, and limited resources.

Continue reading →

A new study reveals that 42 percent of consumers aged 18-24 have inquired about the personal data organizations have about them, seven times more than consumers aged 75 or older (six percent).

The Cisco 2023 Consumer Privacy Survey also shows people are concerned about their privacy in regard to AI. 60 percent of consumers say they've lost trust in organizations due to their AI use.

Continue reading →

Bad bots are designed perform various malicious activities. These range from basic scrapers that try to get some data off an application -- and are easily blocked -- to more advanced persistent bots that try to evade detection.

Barracuda researchers have been tracking bots for several years and have identified some interesting recent trends not least that, like King Louie in The Jungle Book, they 'wanna be like you'.

Continue reading →