BetaNews Staff

Phishing has become a matter of grave concern for banks and financial institutions, as attacks on the industry have increased in recent years. Finance is the most impersonated industry in phishing campaigns. Some 35 percent of fake websites and emails claim to be from financial institutions, according to the American Bankers Association.

This should come as no surprise, considering the industry's role in the global economy. Given that financial organizations facilitate the flow of money it makes sense that their networks, employees, and customers are prime targets for digital fraud and theft. In response, central banks and regulators have been directing financial institutions to improve their security.

Continue reading →

Despite the hype during the past year, the demise of third-party cookies has not arrived. It is, however, on the horizon and unquestionably inevitable. Therefore, marketers are showing concern over what will replace those cookies or what can replace them.

It’s okay to feel uneasy about these massive changes. But it’s more productive to act on proven marketing instruments that reliably fill their void. By dissecting marketing attribution and knowing what’s working with existing customers, marketers can forgo broad approaches to reaching segments of prospective customers and, instead, refocus energies and resources to put powerful first-party data to use.

Continue reading →

Data breaches, cyberattacks and security concerns are growing exponentially in the digital climate, as new development practices, extra languages, and structural frameworks appear -- compounded by geopolitical tensions giving rise to state sponsored attacks. In 2022 to date, 39 percent of UK businesses have already experienced the disruption and costly consequences of cyberattacks. Some of the largest enterprises, such as Microsoft, T-Mobile, and Vodafone, have experienced attacks by highly organized groups, such as Lapsus$.

With the scale, type of attacks and target industries constantly evolving, the healthcare sector has joined financial services and the public sector in becoming a lucrative target. Healthcare data breaches reached an all-time high in 2021, impacting 45 million people -- personal health information (PHI) became worth more than credit card information on the dark web. Attack approaches are constantly evolving, with hackers searching for any weak links in growing infrastructure.

Continue reading →

Supply chain attacks have been on the threat radar of many organizations and their security teams for several years. However, since the infamous SolarWinds attack in 2020 -- which led to widespread and damaging compromises of data, networks and systems -- the supply chain attack vector has taken on a new level of focus. Indeed, supply chain attacks, which have become an effective way for hackers to gain access to IT networks at scale, and as such, are among the most worrying cybersecurity risks currently facing organizations today.

Supply chain risks come in many forms -- from complex to relatively simplistic. The UK government’s Cyber Security Breaches Survey, which explores organizations’ policies, processes, and approaches to cybersecurity and is used to inform government cybersecurity policy, looked at this in its latest report. The 2022 survey reveals that just 13 percent of businesses review the risks posed by their immediate suppliers, with that number dropping to 7 percent for their wider supply chain. Possibly even more concerning, many organizations commonly perceive 'big tech' companies to be "invulnerable to cyber attacks".

Continue reading →

Even before 2020, connectivity played an important role in university life. In recent years, however, connectivity shifted from a mere convenience to a lifeline for students and universities. As these institutions built and expanded online remote access for their students, many from scratch, their IT departments were forced to shift their focus from on-campus networking to supporting a distributed global network to meet the new normal of education.

Although in-person teaching has now seen a welcome return, the wealth of online learning resources available, both on internal and external networks, are an invaluable asset to both teachers and students. Meanwhile, online retail, banking, health services, gaming, media, and more are mainstays of student life.

Continue reading →

If you’ve been in the cybersecurity field for a while, you’ve probably noticed that there’s less emphasis on formal disaster recovery and business continuity plans than there used to be. CISOs still create plans, but it’s not the centerpiece of cybersecurity operations in the same sense.  As security technology evolved, people started focusing more on technology solutions that they hoped could prevent problems altogether.

There’s some magical thinking involved in that, and ironically, one of the biggest struggles CISOs face now is how their organizations think about cybersecurity problems, i.e., that there shouldn’t be problems. That’s not the world we live in. Having difficulties is not the issue. Rather, thinking there are magic solutions that can eliminate every weakness is the problem. We need to rethink cybersecurity to accommodate this reality and create a holistic response for when problems inevitably arise.

Continue reading →

If you’ve been in cybersecurity, IT, or operations for a minute, you’ve surely heard the term "zero trust." If you’ve been paying attention, the first time it came into use was in 2009. Although the term was defined at that point, it did not come into play in any significant way until nearly a decade later. And that fuss was driven, predominantly, by security vendors. Businesses, and in particular, security teams, were slower to evaluate and adopt zero trust.

First off, it took some time for everyone to agree on what zero trust really meant, what it entailed, and what it would accomplish. Although the term "zero trust" was first coined by a Forrester analyst and was based on ideas set in motion by the Jericho Forum, different individuals and entities tinkered with the meaning to best suit their situation and needs. So before we dive in too deep, a quick level set is appropriate here.

Continue reading →

Windows 11 hasn’t been with us very long, but you’ve probably seen reports that Microsoft is already working on its successor, Windows 12.

While there aren’t any screenshots, or anything else, to view of Windows 12 just yet, we asked an AI text-to-image tool to give us its take on what the future operating system might look like.

Continue reading →

Security breaches cost more than just money. Investing in data security today prevents long-term negative consequences that cost your business time, money, and reputation. Acquiring threat intelligence data is a primary step in preventing cyberattacks, and web scraping is the method of choice for many modern data-driven businesses.

Business and personal activities are increasingly being digitized. Whether you are simply taking your temperature with a connected thermometer or sending products across complex supply chains, enterprises continuously collect data to improve services and refine operational processes.

Continue reading →

Verizon recently released its 2022 Data Breach Investigations Report, giving businesses vital insights into the state of cybersecurity around the world. Containing an analysis of over 23,000 incidents and 5,200 confirmed breaches over 15 years, Verizon attributes the number-one motive of cyberattacks to financial gain. Almost four out of five breaches were attributable to organized crime seeking to extort businesses of hefty ransomware sums, backed by insurance pay-out.

Verizon has also estimated that there has been a 13 percent increase in ransomware breaches -- this is more than in the last 5 years combined. Additionally, 82 percent of cyber breaches involved a human element, namely through stolen credentials, phishing, misuse or simply an error.

Continue reading →

As we all know by now, the "cloud" is not just another "IT thing" that only IT people should care about. This is because every organization that has understood this principle has triumphed. Unfortunately, a significantly higher number have merely paid lip service to this idea. To them, the cloud is just another IT thing. The cloud enables a pace of change that companies of the past could have only ever dreamed of. Instead of waiting 6 months to deploy a new app, you can have the idea in the morning and have it deployed company-wide by the afternoon.

At least that’s the theory. But how many of us have seen this happen in reality? The problem is not a technical one. Most organizations could work at this "cloud pace," but most don’t. They might have the technology, leadership support, budget etc. to operate at this "same day" pace, but they don’t. Why not?

Continue reading →

The threat landscape is constantly evolving and the shift to hybrid has only widened the attack surface. Today, organizations continue to be in the firing line as cybercriminals exploit their most used application: emails. The proliferation of phishing and business email attacks have seen hackers targeting the biggest corporate security weakness; employees.

Threat actors target workers because they are seen as the weakest link. Cybercriminals are thriving by targeting and exploiting staff, especially those who haven’t received effective user education and training. As the attack surface expands and threats become more sophisticated, organizations must reinvent the wheel by changing their approach to cybersecurity. Where should they start? With training employees and providing omnipresent tools and technology to prevent, detect, and recover from even the most sophisticated of attacks.

Continue reading →

The UK has been experiencing a shortage of delivery drivers in recent years. So much so, Amazon enticed part-time workers with up to £3,000 in incentives to ensure this didn’t affect profits during the festive period.

As well as this, according to the Road Haulage Association, the industry was short of more than 100,000 HGV drivers in June 2021. This was due to a number of factors, from barriers to obtaining a license to the introduction of Brexit.

Continue reading →

No, this is not about solid waste generated with the production of prototypes or models for different products. Prototype pollution here refers to a critical cyber threat rated 10/10 on the CVSS scale of severity.

In a paper published in July this year, entitled "Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js," security researchers revealed a serious vulnerability that affects prototype-based languages like JavaScript and the Node.js platform. This threat involves injecting properties into an object's root prototype at runtime and causes the execution of legit code gadgets.

Continue reading →

The internet is always abuzz with new technology trends, and anyone who follows them will be familiar with the terms "digital twin" or "digital twin of an organization". Although digital twins have been around for several decades, the rapid rise of Internet of Things (IoT) technology has made the concept more widely considered a tool of the future. So, as digital twins increasingly model systems of interconnected things, what potential does the technology hold to orchestrate processes, people, and things in a sophisticated way that’s beneficial for everyone?

This article defines what a digital twin is, and suggests where the technology is headed in our increasingly interconnected world.

Continue reading →