• Article

Phishing is the most common form of cyberattack as criminals seek to obtain credentials to access bank accounts or corporate networks.

Abnormal Security has analyzed which phishing attacks generate the highest click rate and categorized them based on the words included in the subject line.

Continue reading →

The latest online service to find itself facing scrutiny from the European Commission is TikTok. The Chinese-owned, video-based social media platform faces a probe from the Commission after an initial investigation into whether the company had breached the Digital Services Act (DSA).

Particular areas interest are TikTok's use of algorithms to surface content, with investigators worried about whether they create a "rabbit hole effect" and encourage addictive behavior. TikTok also faces criticisms for various failures to protect younger users, but there are concerns about the overall transparency of the platform, but especially in relation to advertising.

Continue reading →

A new intelligent SIM card technology, known as rSIM (Resilient SIM), has been introduced in partnership with global operators Deutsche Telekom IoT and Tele2 IoT. The rSIM technology is designed to enhance network connectivity for IoT devices by offering an “always on” solution that aims to improve network resilience.

The rSIM is the world's first resilient SIM card that checks its own network connectivity and automatically switches between mobile operator profiles when disruptions occur. This technology allows two independent mobile operator profiles to be stored on a single SIM card, effectively upgrading a Single SIM device to a Dual SIM. By switching to a backup mobile operator profile in the event of an outage, rSIM aims to reduce the risk of disconnection, providing a potential solution for uninterrupted internet access for IoT devices.

Continue reading →

Wyze customers experienced a service disruption last Friday morning due to an outage originating from their partner, Amazon Web Services (AWS). This incident temporarily disabled Wyze devices, preventing users from accessing live camera feeds and event recordings. The company has since apologized for the inconvenience this caused.

During efforts to restore camera functionality, a security issue emerged. Approximately 13,000 Wyze users inadvertently received thumbnails from cameras that were not their own, and 1,504 users interacted with these thumbnails. In some instances, users were able to view event videos from other accounts. Wyze has confirmed that all affected users have been notified and reassured that the majority of accounts remained unaffected.

Continue reading →

Last year, the Chromium Project -- a Google-backed open source browser project -- released its roadmap for building a safer, faster, and more stable Internet, containing recommendations to reduce the lifespan of Transport Layer Security (TLS) certificates from 398 days to 90. This was a starting gun to the industry. As the operator of Chrome, Google has the power to enforce shorter validity periods by making them a requirement -- which will likely become the de facto standard across all browsers soon after.  

When these changes come into force, every business that uses TLS certificates -- i.e. every business that connects services with the internet -- will be impacted. TLS certificates are machine identities, they enable systems to talk to each other securely over the internet. If they are not reissued or replaced before they expire, the service they are connecting stops working. This results in hugely costly outages, disruption, and increased security risks -- and it’s something that everyone has experienced with their browser through a 'can’t connect to untrusted site- error.  

Continue reading →

As cybercrime continues to increase, organizations must consider actions to improve their cyber security and cyber resilience. There are constantly new ransomware and data breach headlines hitting the news, and, according to research, a company falls victim to a cyberattack every 39 seconds.

To bolster cybersecurity, organizations must maintain constant awareness, and they should regularly update systems, encrypt and backup data. Cyber security is an ongoing action, it requires constant vigilance as cybercriminals are always looking for new ways to exploit systems and steal data. In addition, 85 percent of all organizations consider their data as one of their most valuable assets, and hackers also share this view. Ransomware is not a problem that is going to go away on its own, especially as it continues to be very profitable for criminal cyber gangs. Having said that, there are many things that you and your organization can do to mitigate against becoming another victim of cyber crime.

Continue reading →

Two years ago, the zero-day vulnerability, known as Log4Shell unwrapped itself spoiling holiday celebrations for many across the globe leaving organizations scrambling for a fix before it could be exploited. 

The vulnerability was discovered in Log4j, a widely used logging tool used by millions of computers worldwide running online services.  Its profound impact on IT environments has called for a fundamental shift in how organizations think about their security strategies.

Continue reading →

When an organization is aware software is vulnerable, it focuses on patching systems to mitigate the risk. Likewise, when security technology becomes outdated, newer versions plug the gaps. However, with people there’s no patch or update readily available.

Instead, a workforce needs to stay abreast of the current threat landscape to ensure the company remains in a good position to combat cyber risks. However, almost 80 percent of leaders lack confidence in their team's ability to tackle cyber threats effectively. This highlights a substantial weakness in current cybersecurity strategies.

Continue reading →

In a surprising turn of events, the popular IRC client HexChat has announced its final release, 2.16.2, marking the end of an era for the open-source project. The release, which was made public on February 9, 2024, includes a handful of minor fixes and features that have been in the works over the past two years.

The decision to cease development comes from the project's lead, who revealed that HexChat has been largely unmaintained for several years. Despite the lack of active maintenance, the client continued to be a favorite among many in the IRC community. However, with no one stepping up to take over the reins, the time has come to say goodbye.

Continue reading →

The Payment Card Industry Data Security Standard (PCI DSS) turns 20 next year and has remained largely unchanged during that time. But version 4.0, due to become mandatory from April 2024, will bring the standard bang up-to-date and usher in a number of big changes.

We spoke to Phil Robinson, principal consultant and QSA at Prism Infosec, to explore what's changing and how organizations can prepare to meet the new requirements.

Continue reading →

As many companies are discovering, a multi-cloud environment can offer improved workload portability, purchasing power and increased innovation velocity, as well as other significant benefits. However, managing a multi-cloud environment can be challenging. From complex integrations to fragmented cost visibility to security and compliance concerns, today’s tech leaders can become overwhelmed.

Competing organizational interests, lack of expertise, and unexpected or hidden costs can detract from the great promise of a multi-cloud environment. Organizations need the right people, processes, and tools to overcome the challenges and realize the rewards.

Continue reading →

In a significant upgrade from its predecessor, SABRENT has launched the Rocket RGB USB-C 20Gbps M.2 SATA/NVMe SSD Enclosure, promising to double the transfer speed of the previous 10Gbps model. This latest enclosure is available in two editions -- the EC-RGBG (available here for $49.99) and the "special edition" EC-RGBC (available here, also for $49.99) The special edition is essentially the same, but with a funky pinkish color scheme rather than grey.

The Rocket RGB enclosure supports both NVMe and SATA M.2 SSDs, accommodating a variety of sizes including 2230, 2242, 2260, and 2280. This versatility ensures that users won't be limited by the type of SSD they can use, making it a flexible option for a wide range of storage needs. The device operates over a USB 3.2 Gen 2x2 connection, offering speeds of up to 20Gbps with compatible USB ports, and maintains backward compatibility with 5 and 10Gbps ports.

Continue reading →

For many years, organizations have relied on Enterprise Content Management (ECM) systems to help manage information in an efficient and secure fashion. However, with the advent of new content management technologies -- including cloud-based content management systems -- there are signs that the prominence of traditional ECMs is on the wane.

As the challenges faced by businesses continue to grow, achieving new standards of flexibility and efficiency when it comes to content management is key. This is why first-generation ECM systems -- built on decades-old technologies -- are not as effective as they once were.

Continue reading →

Microsoft has fixed a puzzling issue in the latest version of its Edge web browser. Some users reported that Microsoft Edge was importing open tabs from Google Chrome automatically on their devices about two weeks ago.

While Microsoft Edge does have a preference to do so, the users claimed that the preference was set to off on their devices.

Continue reading →

Today, Google releases Android 15… sort of. You see, it is not a stable release, but instead, it is the official Developer Preview. And most likely, you cannot run it on your phone or tablet either. Right now, it is only available for certain Google Pixel devices -- the Pixel 6 series, Pixel 7 series, Pixel 8 series, Pixel Fold, and Pixel Tablet. Got a different Android device? Sorry, you must wait.

Android 15 continues to focus on elevating developer productivity while introducing new capabilities for creating superior media experiences. The platform is designed to minimize battery impact and maximize app performance, all while maintaining a strong emphasis on user privacy and security.

Continue reading →