• Article

Half of IT professionals believe there are devices connected to their network that they're unaware of, despite nearly 60 percent admitting that insecure devices pose a 'very high' or 'high' risk to their organization.

This is among the findings of a survey of 250 IT professionals by Advanced Cyber Defence Systems (ACDS) which also finds over two-thirds of organizations have experienced three or more data breaches in the past 24 months.

Continue reading →

Windows 10 continues to live on, although it is now a ripe old age. Despite the looming end-of-life for the operating system, Microsoft has surprised users by continuing to add new features and options.

This is not the case with the new KB5039299 update, however. This is a non-security update which, Microsoft proclaims, "includes quality improvements". This is a cute way of saying it's a boring bug fixer, but if you've been affected by those bugs, it's an important update.

Continue reading →

Microsoft has released a preview version of next month's KB5039302 update for Windows 11. Although there are no security fixes, the update addresses a number of problems such as distorted audio in Snipping Tool recording and issues with ejecting USB devices.

This update also sees the welcome return of the Show Desktop button in the taskbar and brings new TAR and 7-Zip creation options to the context menu of File Explorer. But there's much more too.

Continue reading →

Apple's Self Service Repair Diagnostics tool, previously available only in the US, has now made its way to 32 European countries, including the UK, France, Germany, and the Netherlands.

Launched stateside in December 2023, the Diagnostics tool gives users the repair abilities previously reserved for Apple Authorized Service Providers and Independent Repair Providers. This means Europeans can now perform tests on their iPhones, Macs, and Studio Displays to check for to make sure everything is working as it should and identify necessary repairs, all in 24 different languages.

Continue reading →

Google has updated its Chrome browser for mobile devices with new features aimed at improving the user experience on Android, iPadOS, and iOS. These updates focus on making navigation and interaction within the browser more efficient and personalized.

The company has introduced enhanced Chrome Actions to help users interact more seamlessly with local businesses directly from their search results. Now, when searching for a restaurant or other local businesses, shortcut buttons for actions like calling or getting directions are more prominently displayed. This feature is already available on Android and is slated to come to iOS later this fall.

Continue reading →

Unleash the power of cloud computing with Multi-Cloud Handbook for Developers, your guide to mastering the nuances of cloud-native and multi-cloud, covering practical strategies for design, development, and management.

Explore the essential concepts, challenges, and methodologies critical for navigating the complex landscape of modern cloud computing. Using core architectural and design principles (such as microservices and 12-factor architecture) and advanced strategies (such as distributed application design patterns, domain-driven design (DDD), and API-first strategies), you’ll learn how to build portable and efficient apps across various cloud platforms.

Continue reading →

Canonical has introduced a new service enabling the creation of custom distroless Docker images under its "Everything LTS" program. This initiative allows customers to include any open-source software in their Docker images, regardless of whether it is packaged in Ubuntu, with a security maintenance commitment of up to 12 years.

Mark Shuttleworth, CEO of Canonical, said: "Everything LTS means CVE maintenance for your entire open source dependency tree, including open source that is not already packaged as a deb in Ubuntu. We deliver distroless or Ubuntu-based Docker images to your spec, which we will support on RHEL, VMware, Ubuntu, or major public cloud K8s."

Continue reading →

Enterprise secrets could be inadvertently leaking via GitHub repositories, according to new research from Aqua Security.

By scanning the most popular 100 organizations on Github, which collectively includes more than 50,000 publicly accessible repositories, Aqua researchers found active secrets from open source organizations and enterprises such as Cisco and Mozilla providing access to sensitive data and software. The exposed secrets could lead to significant financial losses, reputational damage, and legal consequences.

Continue reading →

A new report shows that while 14 percent of organizations experienced an API attack in the last 12 months, only 38 percent say they have an API security solution in place.

The research from Traceable AI, based on a security of cybersecurity delegates at the RSA conference, finds that although 43 percent of organizations say they do not struggle with API sprawl, 33 percent are unsure if they are managing it effectively, and 24 percent acknowledge they are struggling.

Continue reading →

A new report reveals that organizations are suffering multiple ransomware infections, 18 percent have suffered a ransomware infection 10 or more times in a 24-month period, a further 18 percent were infected five to nine times, and 30 percent were infected between two and four times.

The study from anti-ransomware platform Halcyon also shows that data exfiltration occurs in nearly every major ransomware attack today, and nearly 60 percent of respondents say that sensitive or regulated data was exfiltrated from their organization, with 55 percent reporting the attackers issued an additional ransom demand to protect the exfiltrated data.

Continue reading →

Ultimate Ears, a Logitech brand, has released its new EVERBOOM Bluetooth speaker, designed for a premium 360° sound experience. The launch is accompanied by updates to its existing line, including the WONDERBOOM 4, BOOM 4, and MEGABOOM 4, featuring upgraded acoustics, fresh color options, and materials made from sustainable sources.

Jonah Staw, General Manager of Ultimate Ears, emphasized the focus on combining durability with high-quality sound. "EVERBOOM is designed to meet the needs of our users who want dependable sound quality from their portable speakers," said Staw.

Continue reading →

A new study reveals growing anxiety among consumers that weaknesses in their banks' fraud-protection measures could leave them exposed to scammers, this would result in the vast majority (75 percent) switching providers.

For the report from Jumio sampled the views of more than 8,000 adult consumers, split evenly across the UK, US, Singapore, and Mexico, with research carried out by Censuswide.

Continue reading →

There's an abundance of apps and SaaS solutions readily available these days to make the lives of employees easier and perform many work-related tasks. And the list keeps growing, with the likes of ChatGPT and Gemini paving the way for more AI-driven virtual assistants.

This is all well and good, unless your organization doesn't sanction the use of the software in question, turning something seemingly innocuous into shadow SaaS -- and a security risk. We spoke to John Stringer, head of product at data loss prevention specialist Next DLP, to learn more.

Continue reading →

Cybercriminals are not new, and often neither are their tactics. Despite this, phishing attacks, which incorporate social engineering in emails and messages to persuade people to perform an action that puts organizations at risk, continue to be highly successful. New technologies, such as GenAI, are improving these tactics further and companies must implement a strategic approach built on a solid foundation of identity security to minimize risks.

The most glaring vulnerability within an organization stems from human error. Mistakes such as using weak passwords, reusing credentials across multiple platforms, or falling victim to phishing attacks, can provide malicious actors with an easy gateway into secure systems. Social engineering exploits the natural human inclination to trust, deceive employees into divulging sensitive information or unwittingly granting access. Despite widespread awareness campaigns, these tactics continue to succeed, highlighting the gap between knowledge and practice, which presents a major risk to organizations.

Continue reading →

Fresh out of college and with just a year of self-study behind him, Cory Althoff was offered a dream first job as a software engineer for a well-known tech company, but he quickly found himself overwhelmed by the amount of things he needed to know, but hadn’t learned yet. This experience combined with his personal journey learning to program inspired his widely praised guide, The Self-Taught Programmer.

Now Cory's back with another guide for the self-taught community of learners focusing on the foundations of computer science.

Continue reading →