• Article

Systems Administrators make up the backbone of any organization’s technical infrastructure. Considering their range of responsibilities for maintaining the stability and performance of servers, networks, databases, software platforms, security tools, cloud services, and endpoints, when they talk leaders should listen.

SysAdmins need the organizational and financial support of their business leaders to do their jobs but can often find they aren't always on the same page. For example, in a recent survey on trends in IT, members of the C-suite and IT professionals responded very differently to questions regarding their organization’s network. C-suite respondents were nearly four times more likely to report their organization makes daily network configuration changes compared to technicians, and were nearly twice as confident as IT technicians in the effectiveness of their network tools for supporting a remote or hybrid workforce. 

Continue reading →

The ease with which employees can sign up for unsanctioned cloud services continues to haunt security operations teams. Call it cloud sprawl, SaaS sprawl, or identity sprawl -- all variations on the same theme: Workers or departments signing up for unmanaged cloud services that businesses might not even know about, resulting in redundant services, unmanaged subscriptions, and security debt. In 2023, companies used an average of 112 different software-as-a-service (SaaS) applications, down slightly from the 2022 peak of 130, and those are conservative estimates.

SaaS sprawl is both an IT management and security problem -- it complements Shadow IT. Increasingly, CISOs recognize the issue but often take steps that turn their employees into adversaries, not allies.

Continue reading →

Identity and access management (IAM) programs put a lot of emphasis on users, for the obvious reason that compromising user identities is the prime attack vector for ransomware and other threat actors. But while strengthening access and permission controls for employees, third parties and other stakeholders, too many organizations overlook a vast trove of network identities that can be equally vulnerable to attack -- the non-human identities (NHIs) that are proliferating in the cloud.

The number of non-human identities, ranging from API keys and cloud services to DevOps tools and software bots, has exploded in recent years. By some estimates they are now outnumbering human users on the network by 45-1. The tools and services that comprise non-human identities can significantly increase efficiency and productivity, but they greatly expand an organization’s attack surface if they’re not properly protected. And too many of them aren’t protected.

Continue reading →

McAfee has released its “2024 Celebrity Hacker Hotlist,” highlighting the celebrities whose names are most exploited by cybercriminals. Leading this year’s list is Scarlett Johansson, an actress best known for her role as Black Widow in the Marvel Cinematic Universe. Johansson’s popularity makes her a prime target for hackers, who use her name to trick unsuspecting users into clicking malicious links or downloading harmful files.

McAfee’s report warns that searches involving popular celebrities like Johansson often lead consumers to unsafe sites. These sites can install malware or collect personal data, compromising users’ privacy, data, and identity. The rise of AI has made it easier to create convincing deepfakes, adding another layer of complexity to these scams. These AI-generated images, audio, and videos can be used to deceive fans into engaging with fraudulent content, damaging not only the victim’s finances but also the celebrity’s reputation.

Continue reading →

It might sound like a Chinese secret society, but a new report warns that a 'toxic cloud triad' of publicly exposed, critically vulnerable and highly privileged cloud workloads is putting almost four in 10 organizations at risk.

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk according to the Tenable Cloud Risk Report.

Continue reading →

A new survey, which polled 200 CISOs from companies with annual revenues exceeding $500 million, highlights growing concerns across a number of areas.

The study from Portnox finds worries around the effectiveness of zero trust, the limitations of multi-factor authentication (MFA), and a looming threat to job security amidst an increasingly complex cybersecurity landscape.

Continue reading →

Though organizations and their users have greatly benefited from hybrid environments and SaaS applications, dispersed workforces have also created unforeseen risks that are increasingly difficult to secure.

The average enterprise user has more than 50 passwords not protected by single sign-on (SSO), each representing a point of risk if not properly monitored and secured.

Continue reading →

SOUNDPEATS has introduced the Air5 wireless earbuds, the latest addition to its "Air" series, which features dual certifications for both Snapdragon Sound and Hi-Res Audio. These earbuds aim to provide quality audio performance, enhanced connectivity, and multi-level noise cancellation without the premium price tag. Alongside the Air5, SOUNDPEATS has also launched the Breezy open-ear earbuds as a more affordable option.

The Air5 includes a 13mm dynamic driver for an immersive listening experience, delivering clear audio even in noisy surroundings. Bluetooth 5.4 ensures a stable connection, with the added convenience of multi-point connectivity to link multiple devices at once.

Continue reading →

A new report from Abnormal Security reveals a rise in targeted email compromise attacks on the healthcare sector.

Vendor email compromise (VEC) attacks on the sector have consistently trended upward, recording a 60 percent increase between August 2023 and August 2024. The sector's reliance on long-term vendor relationships is being exploited through VEC, where cybercriminals impersonate trusted vendors to bypass traditional email security and trick employees.

Continue reading →

Logitech has launched the POP Icon Keys, a new keyboard aimed at users who want to add some style to their workspace. The keyboard is designed to be both functional and expressive, offering a visually distinct look that breaks away from the typical boring office aesthetic.

Art O’Gnimh, GM of Logitech’s personal workspace division, expressed the company’s mission to merge design and productivity. “At Logitech, we believe you should get the style and design you want at your workspace without compromising on productivity and comfort,” he said. “POP Icon Keys delivers a brilliant typing experience and smart productivity shortcuts, in a carefully crafted standout design.”

Continue reading →

With the release of Windows 11 24H2, also known as the Windows 11 2024 Update, many people eager to try out the latest version of the operating system are encountering a roadblock. With this feature update Microsoft tightens the restriction on the hardware it can be installed on.

It has been some time since the company introduced a system requirement for TPM 2.0 support, but there have been numerous workarounds that allowed for installation on hardware that was technically incompatible. Now Microsoft has cracked down on the various methods of bypassing the requirement, so a new approach is needed.

Continue reading →

Microsoft has acknowledged a peculiar issue with Word that can cause files to be deleted immediately after they are saved. Users of the word processor are being warned to avoid naming their files in a certain way to avoid data loss while the company investigates the problem.

While having to meet specific criteria when saving files is not unusual, using an illegal name would usually simply result in an error message and a prompt to choose a different name. With this bug, however, the file appears to be saved when in reality it has been deleted.

Continue reading →

Tronsmart has launched its newest portable speaker, the Mirtune H1. Despite its small and lightweight design, the Mirtune H1 offers surprisingly powerful sound, making it versatile for use indoors and outside.

It comes with an integrated carabiner, so you can easily attach it to your backpack or belt. With up to 20 hours of battery life, the Mirtune H1 can keep your music playing all day long.

Continue reading →

Greenliant is rolling out its latest line of high-endurance NVMe M.2 2242 and 2280 ArmourDrive EX Series SSDs, and these aren’t your run-of-the-mill drives. We’re talking serious longevity here -- up to 75,000 and even 150,000 program-erase (P/E) cycles. If you’re dealing with the harshest conditions, from the freezing cold to scorching heat (-40 to +95 degrees Celsius), these drives are up for the job. Greenliant is targeting industries like aerospace, defense, and transportation.

But that’s not all. Alongside these heavy-duty EX Series drives, Greenliant is introducing the NVMe M.2 2242 and 2280 ArmourDrive PX Series SSDs. These come with high-quality industrial TLC 3D NAND that supports up to 5,000 P/E cycles. They’re fine-tuned for performance and energy efficiency. Plus, the drives come in the 2280 (GLS88AS) and compact 2242 (GLS88CS) form factors. If you’re working with tight spaces, these slim, single-sided SSDs have you covered.

Continue reading →

Google is pushing back against a court decision that forces it to make changes to Android and Google Play, based on Epic Games’ demands. The tech giant argues that these changes could mess with user privacy, make it harder for developers to get their apps noticed, and ultimately hurt competition. While these adjustments might seem like a win for Epic, Google says they could have some serious consequences for American consumers, developers, and smartphone makers.

Google points out that this whole situation doesn’t make sense when compared with another court’s ruling that shot down similar claims Epic made against Apple. The company highlights that, unlike iOS, Android has always been an open platform, letting users pick from multiple app stores and even sideload apps. Google says it’s going to appeal this decision and ask the courts to pause these Epic-led changes while the appeal is in progress.

Continue reading →