We're all familiar with link shortening services, those handy tools that allow you to shrink URLs down to a manageable size to make them easier to share.

Of course in the past these have been used for nefarious purposes too, hiding the true nature of a link to get people to click on phishing or malware messages. Now though researchers at Infoblox have uncovered something even more sinister, the operation of a shady link shortening service made especially for cybercrime.

Continue reading →

The UK cybersecurity workforce gap has reached a record high, with 73,439 professionals needed to adequately safeguard digital assets, representing a 29.3 percent increase over 2022.

Research by security professionals organization ISC2 shows the UK cybersecurity workforce has reached 367,300 people, an 8.3 percent increase from 2022, representing more than 28,000 new jobs.

Continue reading →

A new report from HP Wolf Security reveals cybercriminal marketplaces offering low-level attackers the tools needed to bypass detection and infect users in the form of so-called 'meal kits'.

These are pre-packaged malware kits which give low-level attackers all the ingredients to evade detection tools, making it easier for them to breach organizations and steal sensitive data.

Continue reading →

A new survey of over 300 cybersecurity professionals from SlashNext looks at cybercriminal behavior and activity on the Dark Web particularly as it relates to leveraging Generative AI tools and chatbots and finds a startling 1,265 percent increase in malicious phishing emails since the launch of ChatGPT in November 2022.

It also shows a 967 percent increase in credential phishing in particular and that 68 percent of all phishing emails are text-based Business Email Compromise (BEC) attacks.

Continue reading →

Over the last two years, the average organization's cybersecurity program was prepared to preventively defend against, or block, just 57 percent of the cyberattacks it encountered. This means 43 percent of attacks launched are successful and need to be remediated after the fact.

This is among the findings of a new report from Tenable, based on a survey of over 800 IT and cybersecurity leaders carried out by Forrester Consulting.

Continue reading →

The shift to remote and hybrid working has led to many problems for IT teams, not least that it offers an expanded attack surface. Add in the threat from cybercriminals looking to capitalize on advanced AI capabilities to create malware and you have some major challenges.

We spoke to Doug Kersten, CISO of enterprise collaboration specialist Appfire, to discuss the key security challenges product and DevOps teams face today and how to overcome them.

Continue reading →

Nearly 87 percent of Android and 60 percent of iOS apps request access to device functions unrelated to their performance, according to new research by NordVPN.

Researchers analyzed the most popular mobile apps globally in 18 categories. They found that up to 14 percent of apps collect more unnecessary than necessary data for the apps' performance and only eight percent collect no unnecessary data. On average, every fifth requested permission was not actually needed for the app’s functionality.

Continue reading →

This week Malwarebytes has launched a new identity theft protection solution aimed at individuals, helping them secure their digital identities and defend against identity and online threats.

Called -- imagine how many meetings it must have taken! -- Identity Theft Protection, it includes real-time identity monitoring and alerts, robust credit protection and reporting and live agent-supported identity recovery and resolution services, all backed by up to a $2 million identity theft insurance policy.

Continue reading →

One of the effects of the pandemic and the shift to remote and hybrid working has been that organizations have become increasingly reliant on messaging tools like Teams and Slack.

But new research from CybSafe shows that 47 percent of workers have received no training in the use of these platforms and could be putting themselves and their employers at risk.

Continue reading →

Ethical hacking company HackerOne has announced that its ethical hacker community has surpassed $300 million in total all-time rewards on the HackerOne platform.

The company's 2023 Hacker-Powered Security Report also shows 30 hackers have earned more than a million dollars on the platform, with one hacker surpassing four million dollars in total earnings.

Continue reading →

Research released this week from Hitachi Vantara shows 55 percent of enterprises are struggling to derive meaningful insights from their data.

The survey of over 200 IT leaders across North America and Europe, carried out by Forrester Consulting, reveals ongoing challenges related to security, inflexible systems, isolated data, a skilled labor shortage, and the need for infrastructure agility.

Continue reading →

OpenText Cybersecurity has released its sixth annual look at the threat landscape to reveal the most notorious malware trends.

This year four new ransomware gangs, believed to be a new generation of previous big players, top the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign.

Continue reading →

With so many different platforms and technologies available, navigating the world of cloud computing can be tricky.

In a bid to make things simpler Acorn Labs is announcing public beta availability of its cloud developer platform Acorn, a service that makes it simple for anyone to run software in their own cloud sandbox and easily share their creations.

Continue reading →

We all know that you shouldn't share your passwords with anyone else. But the world is a complex place and there are occasions when it's necessary to send someone a login -- sharing access to a business social media account for example -- or other sensitive information.

Email, SMS, Post-it notes, etc are not secure ways to do this, so Proton is launching a new Secure Password Sharing feature for its Proton Pass password manager.

Continue reading →

Securing the software supply chain presents many challenges. To make the process easier OX Security recently launched OX-GPT, a ChatGPT integration aimed specifically at improving software supply chain security.

We spoke to Neatsun Ziv, co-founder and CEO of OX Security, to discuss how AI can present developers with customized fix recommendations and cut and paste code fixes, allowing for quick remediation of critical security issues across the software supply chain.

Continue reading →