• Article

A survey of more than 1,000 IT security professionals exposes shortcomings in organizations' approach to managing third-party user identity and access that could leave them vulnerable to compromise.

The study by Dimensional Research for One Identity finds that while 94 percent of organizations grant third-party users access to their network, 61 percent admit they are unsure if those users attempted to or successfully accessed files or data they are not authorized to see.

Of organizations with on-premise data centers, 88 percent plan on moving at least some of their workloads to the cloud, managed hosting or co-location in the next three years.

This is one of the findings of a new State of IT Infrastructure Management report from data center and cloud solutions firm INAP, which also finds 38 percent of IT professionals expect to see a reduction in their on-premise workloads by 2022.

Microsoft seems to have started rolling out new integration options to Outlook.com, making life easier for anyone who uses both Microsoft and Google services.

As well as offering Gmail integration to allow people to read emails from their Google accounts within Outlook online, Microsoft is also in the process of adding support for Google Calendar and Google Drive.

Organizations are being targeted by a mixture of simple, low effort and low-cost attacks along with more sophisticated, targeted campaigns, according to the latest quarterly Threat Intelligence Report from security and compliance specialist Mimecast.

Based on analysis of over 200 billion emails, the report looks at the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. This quarter's report finds that impersonation attacks are on this rise, accounting for 26 percent of total detections -- and now include voice phishing or 'vishing.'

Artificial intelligence is a controversial subject in any field -- including practicing the law. Even now, lawyers and law firms weigh the positives and negatives of using AI to dispense legal advice or automate basic tasks.

Here’s a look at both sides of the argument.

Now that the Windows 10 November 2019 Update is widely available, Microsoft’s attention is firmly on the next feature release, due out next year.

The latest builds on the 20H1 branch haven’t introduced any new features, instead the focus has been firmly on fixing problems and making improvements.

Migrating sensitive data to the cloud inevitably raises concerns surrounding compliance and security. Most turn to encryption as a solution, but that in itself raises issues over key management.

While many cloud service providers have allowed customers to bring their own keys (BYOK), Google Cloud Platform is linking up with the Fortanix Self-Defending Key Management Service (SDKMS) to become the first public cloud provider to enable customers to bring their own key management system (BYOKMS).

AMD has been lighting the world on fire lately with its super powerful Ryzen processors, including the newest 3rd generation Threadripper. While enthusiasts will certainly be buying up those expensive chips, not everyone needs the latest and greatest multi-core processors. Some people have more meager needs, with budgets to match.

Historically, AMD has been great for consumers seeking value, and thankfully, the company is keeping that tradition alive. You see, today, the company announces the Athlon 3000G -- a processor designed for what AMD calls "mainstream desktop users." That's just another way to say "regular folks." Make no mistake, however, even though it extremely affordable at under $50, it is more than capable for general computer use -- and beyond. AMD promises support for Windows 10, Ubuntu, and Red Hat Enterprise Linux.

When it first came out in 2005, the diminutive Mac mini was a game-changing computer. Sure, it was woefully under-powered, but never before could you buy a Mac for $499. It truly allowed any consumer to jump into the Apple desktop world -- something previously reserved for those with large bank accounts.

While the newest Mac mini (introduced in 2018) is still small and fairly affordable, the $499 starting price is long gone. Instead, it now costs a minimum of $799 to get a Mac. Sigh. Sadly, even with a higher price, one of the most glaring issues to plague the Mac mini in 2005 is still an issue 14 years later -- there are no front ports! Apple chose to hide all the connectors on the rear -- the company often chooses form over function. Thankfully, the new 2-in-1 Mac mini stand and hub from Satechi solves this problem while retaining the elegant design.

Privacy-focused search engine DuckDuckGo announced the launch of a new feature today that it calls Smarter Encryption.

Smarter Encryption is designed to upgrade requests to HTTP sites automatically to HTTPS if the site in question supports HTTPS and if it is on DuckDuckGo's list of sites that can be upgraded.

Software bots are being used to automate repetitive processes in two thirds of businesses, but this can present risks depending on how properly their access to data is governed.

New research from SailPoint finds many organizations do not have the correct oversight into their day-to-day bot activities. Only five percent of respondents say they have 100 percent of bots, and their access, accounted for in their identity process.

Ten organizations including Avira, the Electronic Frontier Foundation, Kaspersky, Malwarebytes and NortonLifeLock, have joined in a global initiative called the Coalition Against Stalkerware.

Stalkerware programs carry the possibility for intrusion into a person’s private life and are being used as a tool for abuse in cases of domestic violence and stalking. By installing these apps, abusers can get access to their victim's messages, photos, social media, geolocation, audio or camera recordings, and in some cases, this can be done in real-time.

The camera applications within Google, Samsung and other Android smartphones could be vulnerable to attack, according to some new research.

Researchers at security platform Checkmarx found that in certain circumstances adversaries can take over smartphone camera apps to record videos, take photos, eavesdrop on conversations, and identify GPS coordinates, all without the user knowing.

Digital identity platform ForgeRock is launching an Identity Platform-as-a-Service solution to help developers embed modern identity capabilities into their apps.

ForgeRock Identity Cloud provides a full suite of capabilities for identity requirements in any business environment utilizing the same APIs and SDKs as the ForgeRock Identity Platform, so customers can use ForgeRock in any deployment model, on premises, hybrid cloud, public cloud, or as-a-service.

Joining the likes of Mozilla and Google, Microsoft has announced that it will support DNS over HTTPS (DoH).

The company says that the adoption of encrypted DNS is important for the overall health of the internet ecosystem. It goes on to set out a number of principles that will be at the heart of adopting DoH in the Windows DNS client.