Ian Barker

The second quarter of this year has seen a 63 percent increase in publicly disclosed ransomware attack volumes, with a total of 276 incidents compared to Q2 2024, according to the latest report from BlackFog.

This represents the highest number of attacks for this timeframe since the company began tracking ransomware volumes in 2020. All three months in the quarter set a new high compared with the same time period in previous years. June saw 113 percent increase with a total of 96 attacks. There was a 51 percent increase in April with a total of 89 attacks, and a 40 percent increase in May with 91 attacks.

Continue reading →

A new survey of 4,000 knowledge workers across the UK, US, Germany, and Canada reveals that higher earners have disproportionate access to the latest AI tools and training, allowing them to reap AI's promised rewards.

In contrast, the study from The Adaptavist Group reveals that lower earners and women are being shut out from AI opportunities, which impacts their skill development, job satisfaction, and time savings, both personally and professionally.

Continue reading →

In the last few years artificial intelligence has found its way into more and more areas of our world and its progress shows no signs of slowing down.

Of course most things these days need a day to mark their achievements and today is AI Appreciation Day. So, what has AI done for us and what can we expect from it in future? Some industry experts gave us their views.

Continue reading →

Tricking applications into altering their processes or surrendering information is a highly efficient way for attackers to carry out theft or fraud while minimizing the risk of detection.

We asked Mohammad Ismail, VP of EMEA at Cequence Security, to explain how this business logic abuse is carried out and why it’s becoming a growing problem.

Continue reading →

New analysis from CyCognito of over two million internet-exposed assets, across on-prem, cloud, APIs, and web apps, identifies exploitable assets across several key industries, using techniques that simulate real-world attacker behavior.

Techniques used include black-box pentesting using 90,000+ exploit modules, credential stuffing simulations, data exposure detection, etc. The study also used Dynamic Application Security Testing (DAST) to identify runtime web application vulnerabilities, as well as active vulnerability scanning of internet-facing services to detect CVEs, misconfigurations, and exposed assets.

Continue reading →

New research from Specops has analyzed 10 million random passwords from the billion+ breached password list used by Specops Password Auditor and finds that a startling 98.5 percent are weak.

The research defines a ‘strong’ password as having at least 15 characters in length and at least two different character classes. A long password of 15 identical-class characters (for example all lowercase) is easier to crack than one that mixes in digits or symbols.

Continue reading →

Ahead of the summer’s round of cybersecurity conferences Google is announcing a range of new initiatives aimed at bolstering cyber defenses with the use of AI.

Last year the company launched Big Sleep, an AI agent developed by Google DeepMind and Google Project Zero, that actively searches and finds unknown security vulnerabilities in software.

Continue reading →

Encryption adoption has soared to 94 percent, but inconsistent application continues to put sensitive data at risk, finds a new survey.

The study from secure storage maker Apricorn shows that 59 percent of IT security decision makers say encryption has increased, allowing them to better protect their data, including on lost/stolen devices.

Continue reading →

According to a new report 39 percent of security professionals say they struggle to prioritize risk remediation and patch deployment, with 35 percent saying they struggle to maintain compliance when it comes to patching vulnerabilities.

The study from Ivanti also finds 87 percent of security pros feel they do do not have access to the critical data needed to make informed security decisions. In addition 46 percent believe IT teams lack urgency when addressing cybersecurity problems.

Continue reading →

New research from OutSystems shows an increasing trend in agentic AI prioritization among software executives with 93 percent of organizations already developing -- or planning to develop -- their own custom AI agents.

IT leaders are under pressure to deliver measurable business value while managing constrained resources and aligning technology investments with long-term strategic goals. Introducing agentic AI helps address these demands by tackling challenges like fragmented tools, and limited ability to leverage data siloed across the organization.

Continue reading →

It’s known as an ohnosecond -- that moment just after you realize that you’ve made a mistake. Something that happens frequently with emails when you press send too soon, do reply all when you didn’t meant to, or just send a message to the wrong person.

A new study from ZeroBounce has analyzed search data from Google Keyword Planner to determine which email mistakes UK residents commonly make and need help fixing.

Continue reading →

Earlier this year the UK government released its State of digital government review, looking at how the public sector must urgently transform the way it approaches digital technology.

But with escalating cybersecurity threats, fragmented data strategies, and a widening digital skills gap, the sector may be setting itself up to fail. We spoke to Adam Casey, director of cyber security and CISO at tmc3, a Qodea company, to discuss the challenges the report raises and how they can be addressed.

Continue reading →

While banks and financial institutions generally have strong defenses, third-party vendors often lack the same levels of security, something that can offer providing attackers indirect access to the institutions they serve.

A new report from Black Kite examines the shifting landscape of cyber threats in the financial sector, highlighting the critical importance of understanding and mitigating the hidden dangers within the vendor ecosystem.

Continue reading →

A new report shows that security leaders have false confidence in their capabilities and employees when it comes to mobile security. While 96 percent are confident their employees can spot a phishing attempt, 58 percent have reported incidents where employees fell victim to executive impersonation scams via text message.

The study from Lookout, of more than 700 security leaders globally, underscores a critical need for organizations to rethink their cybersecurity strategies, particularly around the human-risk factors for social-engineering attacks.

Continue reading →

There’s increasing concern about the use of deepfakes and artificial intelligence to spread misinformation and contribute to fraudulent activity.

Today at the AI for Good Global Summit in Geneva, the AI and Multimedia Authenticity Standards Collaboration (AMAS), a global, multistakeholder initiative led by the World Standards Cooperation has today launched two flagship papers offering recommendations to guide the governance of AI globally and combat mis-and-disinformation.

Continue reading →