BetaNews Staff

Thanks to the proliferation of smartphones, QR code usage globally has surged by 57 percent, and by 2025, it is forecast to increase by another 22 percent. And up to eight new QR codes are generated per minute globally.

It is no surprise then why QR codes are everywhere -- on billboards, shopping malls, event brochures, restaurant menus, charity websites, parking spaces, you name it! Of course, the genius of QR codes is their ease of use and convenience. For users, one scan and the job is done, be that registering for an event or purchasing an item.  

Continue reading →

As we approach 2025, the notion of warfare is increasingly shifting from the physical to the digital domain. Cyberwarfare, once considered a supplementary tool for traditional military operations, has now emerged as a primary weapon for nations seeking to assert dominance or inflict damage on their adversaries without the need for physical conflict. Simply put, it is easier, requires fewer resources, and can often cause maximum damage without sustained efforts. The rise of AI-driven cyber weapons, zero-day vulnerabilities, and state-sponsored cyberattacks is creating an unprecedented era of digital warfare.

Nation-states and rogue factions are rapidly integrating cyberattacks into their military arsenals, with cyber operations becoming a first-strike option in geopolitical conflicts. By targeting critical infrastructure -- such as energy grids, communication networks, transportation systems, and supply chains -- these attacks can cripple an entire national infrastructure and create mass chaos without a single physical shot being fired. This shift toward cyber warfare reduces the immediate risk of physical casualties, and in turn allows state actors to engage in asymmetric warfare, where a smaller, technologically advanced nation can punch well above its weight.

Continue reading →

Gartner predicts that public cloud end-user spending will surpass $675 billion by the end of 2024. In 2025, as AI systems proliferate and organizations increasingly store sensitive data in public cloud infrastructure, many stakeholders will begin demanding more robust cloud security measures.

Additionally, cybercriminals are becoming more inventive than ever. They now rely on AI and machine learning (ML) to improve and iterate on their methods, just as we all do. Interestingly, despite advances in cloud security, research suggests that common vulnerabilities like unenforced multi-factor authentication (MFA) and long-lived credentials continue to expose many companies to risk. Patching these known vulnerabilities will be crucial next year.

Continue reading →

Cybersecurity is often frustratingly seen as a boardroom burden -- a compulsory cost to keep threats at bay. This “necessary evil” mindset is holding businesses back and leading to a critical opportunity to leverage security as a driver of success being missed.

It’s time we looked at cybersecurity investments differently. Rather than the board reluctantly seeing the investments solely as a necessity for threat prevention, organizations should see cybersecurity also as a powerful enabler of productivity and growth. As digital transformation accelerates across manufacturing, healthcare, and other critical infrastructure sectors where cyber-physical systems (CPS) underpin operations, security needs to keep up with the pace of innovation, supporting -- and even driving -- new efficiencies, customer trust, and competitive advantages which all come with improving cyber and operational resilience.

Continue reading →

Although the cyber threat landscape rarely stands still, some age-old attack vectors will continue to be revisited by cyber criminals. For example, the cyber security risks of removable media -- which have persisted for years -- are presenting fresh challenges for security teams. 

This is because, thanks to its convenience and cost, removable media remains a cornerstone of the operations of critical national infrastructure (CNI) sectors. Devices such as USB drives are used by CNI operators and their third-party service partners to handle sensitive data, perform physical data transfer, and carry out vital operational tasks such as firmware updates in air-gapped networks. 

Continue reading →

As a small business owner reading endless news stories about cyberattacks against well-known enterprise names, it can be easy to think it won’t happen to you. In reality, hackers don’t discriminate: businesses of all sizes can, and do, find themselves on the receiving end of data breaches, and the financial and reputational consequences that often accompany them.

According to the Cyber Security Breaches Survey 2024, half of all UK businesses, including many small and medium-sized businesses (SMBs), reported experiencing a cyberattack within the last year. Despite these high attack rates, only 22 percent of businesses have a formal incident response plan in place, leaving many SMBs vulnerable to serious financial, operational, and reputational damage. This cyber complacency can have serious repercussions if not urgently addressed.

Continue reading →

AI’s steady impact on the academic and research community is measurable through citation metrics, essentially showing how many times a study has directly influenced subsequent research. A recent analysis of AI-related citations showed beyond doubt the impact of AI. It also revealed another noteworthy statistic: Google’s DeepMind made up just under half of all AI-related citations from 2020-2024. 

The company’s dominance is undoubtedly a testament to the importance of its work -- but it also serves as a starting point from which to probe further into the research landscape in Europe and how it’s been impacted by AI. Concentrated influences in academia and research can have long-lasting effects on funding distributions, channels of collaboration, and ultimately the potential for innovation. Add to this the powerful and relatively new tool of AI, and suddenly the future trajectory of scientific research on the continent looks a lot less clear. 

Continue reading →

Phishing is on the rise. Egress' latest Phishing Threat Trends Report shows a 28 percent surge in attacks in the second quarter of 2024 alone. But what’s behind the increase? There are a few factors in play. Like any other form of threat, phishing is becoming more sophisticated with hackers now having access to a variety of new AI-powered tools to generate email messages, payloads, and even deepfakes.

Further, these technologies and the cyberattacks they can create are now easier to access than ever. Especially as more hackers tap into the professional services on offer from a mature and diverse Crime as a Service (CaaS) ecosystem of providers selling everything from the mechanisms to create attacks to pre-packaged phishing toolkits that promise to evade native defenses and secure email gateways (SEGs).

Continue reading →

Parceling up software applications into ‘containers’ is commonplace these days, having grown rapidly over the last decade. Aiming to simplify the development, testing, and delivery process, to encourage agility, it’s a way of working that continues to have wide appeal.

For the uninitiated, a container is akin to putting everything needed to run an application into a portable box. The box holds all the elements ready-made for different systems and hardware, including software, configurations, and files. As a result, applications run consistently regardless of whether they are on virtual machines, cloud platforms, or on-premise servers. 

Continue reading →

Data Recovery is the key to achieving an effective cyber resilience strategy in the event of a cyber-attack to resume business operational resiliency. It empowers businesses to quickly recover their critical data, minimize downtime, and prevent against potential threats. Data recovery planning is crucial for business continuity, allowing organizations to seamlessly recover data and minimize the impact of an incident.

Organizations typically prioritize prevention and protection as key components of their cybersecurity approach. While essential, these measures alone are no longer enough in an evolving threat landscape. Relying solely on prevention leaves gaps, as IT teams face growing challenges in securing diverse systems. To build a comprehensive cyber resilience strategy, it is vital for businesses to recognize the importance of integrating data recovery solutions alongside preventive efforts. The rise of cybercrime, such as ransomware or malware, can devastate a company's digital infrastructure and leave the organization's data vulnerable. According to Verizon’s 2024, Data Breach Investigations Report, ransomware remains a top threat for 92 percent of all industries. This is where data recovery solutions and reactive risk controls can help when prevention fails.

Continue reading →

The last few years have seen digital transformation dramatically increase the sprawl and complexity of enterprise IT environments. Today, the average employee will likely access a dozen applications before lunchtime, both in the cloud and on-prem. This increased complexity has simultaneously created greater interdependences between applications, while also making visibility much trickier for IT teams. 

The upshot of this is a world where there are more applications in use, which are less able to be monitored, and causing greater frustration when they experience issues. This is not a recipe for success.

Continue reading →

When it comes to adopting new technologies, the legal sector has traditionally been more cautious than other industries. However, AI’s potential to transform legal workflows and unlock new levels of productivity is difficult to ignore. In fact, the industry is moving at speed: a recent study shows almost three quarters (73 percent) of legal practitioners plan to utilize AI in their legal work within the next year.

On a practical level, AI is evolving so quickly that across many practices, employees have varying levels of knowledge and understanding of how AI works, what tasks they should be using it for and the legal implications of using it. At the same time, if firms introduce AI solutions that require deep technical knowledge to use, skills gaps could become increasingly problematic.

Continue reading →

As financial institutions prepare for the EU's Digital Operational Resilience Act (DORA) enforcement in January 2025, IT teams face a complex challenge: ensuring their Salesforce implementations meet new technical requirements while maintaining operational efficiency.

The regulation's focus on ICT risk management demands a comprehensive technical approach beyond basic security measures. For organizations utilizing Salesforce as a critical business platform, this represents a fundamental shift in how system architecture and security must be approached.

Continue reading →

Despite its promise, the Zero Trust approach to cybersecurity is often more notional than actual in its deployment. Many companies today are far from getting the most of what a truly Zero Trust system can offer. Gartner estimates that only 10 percent of large organizations will have a mature and comprehensive Zero Trust system by 2026. What’s more, continual reliance on human operators means that by default Zero Trust systems can only be as dependable as the people using them. This awkward fact should be kept in view before we put too much faith in systems that are described as ‘Zero Trust’. However, Zero Trust can be made to live up to its name with the addition of new tools that remove the vulnerabilities of the standard approach to using this system.

Zero Trust works by enforcing a blanket rule that all access requests must be authenticated. Unfortunately, the promise of ‘never trust, always verify’ falls apart when human beings enter the picture. Human beings configure the security tools, make judgments where an exception may be needed, and assemble the underlying IT infrastructure. All of that adds up to a lot of trust in human operators and a major caveat for Zero Trust. 

Continue reading →

In November 2024, Russia began blocking Cloudflare’s implementation of Encrypted Client Hello (ECH), a privacy-focused extension of the TLS protocol.“This technology is a means of circumventing restrictions on access to information banned in Russia. Its use violates Russian law and is restricted by the Technical Measure to Combat Threats (TSPU),” the statement by the Russian Internet regulator read.

Russia, known for its tight control over internet access, views ECH as a tool for bypassing geo-restrictions, though that was never its intended purpose. This move follows a broader pattern of censorship and surveillance. Over the past few years, Russia has been cracking down on VPNs, making it harder for users to circumvent government-imposed restrictions.

Continue reading →