• Article

The use of automated security technology is growing rapidly according to the latest edition of the annual Building Security In Maturity Model (BSIMM) report from Synopsys.

The research also shows that there's a move towards a 'shift everywhere' culture -- which means performing security tests throughout the entire software development life cycle -- across more organizations.

Continue reading →

A new study finds that 36 percent of IT workers are very concerned that generative AI tools will take their jobs in the next five years, this is 17 points higher than for other office workers.

However, the report from Ivanti finds office workers are six times more likely to say that generative AI benefits employers than employees.

Continue reading →

This is the time of the month when Microsoft releases preview versions of Patch Tuesday updates, and the company has unleashed the KB5032288 update for Windows 11 in keeping with this.

While the KB5032288 update addresses a number of issues in Windows 11, it is primarily concerned with fixing problems in the recently added Copilot. With Copilot being described as being "in preview" and the update being a preview version, we're in the interesting position of seeing the release of a preview version of an update for preview software. Let's dive in.

Continue reading →

The current release cycle of PowerToys sees the development team focusing on "new features, stability and improvements". While a boost to stability and general improvements are always welcome, it's the new features that are of the greatest interest.

And with the release of PowerToys v0.76.0, Microsoft does not disappoint. There are new features aplenty to be found here, with numerous modules benefitting from significant updates -- not least of which is the arrival of new add-ons for File Explorer. But there are also important UI changes across the suite, and a plethora of additions and improvements.

Continue reading →

Rockstar Games, the publishing label of Take-Two Interactive Software, has finally announced the highly anticipated release of Grand Theft Auto VI with an official trailer. Slated for a 2025 debut, this latest installment will grace both the PlayStation 5 and Xbox Series X|S game consoles.

Sam Houser, the Founder of Rockstar Games, expressed his excitement about the upcoming game by saying, “Grand Theft Auto VI continues our efforts to push the limits of what’s possible in highly immersive, story-driven open-world experiences. We’re thrilled to be able to share this new vision with players everywhere.”

Continue reading →

Today, Lenovo announces its new Chromebox Micro. This is a new type of Chromebox: a svelte and affordable computer running ChromeOS. The first micro form factor Chromebox by Lenovo, the device is built for 24/7 digital display deployments in high-traffic facilities.

This ChromeOS computer, designed without fans or vents and resistant to dust, accommodates dual 4K resolution displays and boasts a size small enough to fit snugly in limited spaces, even more compact than many smartphones. It comes equipped with various connectivity options, including USB-C, USB-A, and HDMI ports, along with screw holes for simple installation.

Continue reading →

Zorin OS 17 Beta was released today, and the new pre-release version of the operating system is chock full of changes. For instance, the Zorin Menu has undergone a transformation, evolving from a simple launcher to a versatile universal search tool. This enhancement aims to streamline the user experience, allowing for quick access to files, appointments, and more with customizable search settings.

Zorin OS 17 Beta introduces an improved activities overview, emphasizing ease of use in multitasking. Workspaces are now arranged horizontally and are easily navigable, offering a more intuitive workflow.

Continue reading →

Alongside traditional approaches like software vulnerabilities and misconfigurations in applications, hackers are constantly looking for new ways to get into devices and corporate networks. Two of the biggest growing threats are Search Engine Optimization (SEO) poisoning and Malvertising.

SEO Poisoning is where hackers lure victims to legitimate websites by populating them with content on topics of interest to potential victims. For example, Gootloader, an Initial-Access-as-a-Service operation, targets law professionals because they handle sensitive business data that can be extremely valuable. Hackers use Gootloader to get a foothold into an organization’s IT environment and then spread laterally through the entity’s IT network to implant ransomware or exfiltrate data.

Continue reading →

2023 looks set to be yet another record-breaking year for ransomware attacks. According to Statista, over 72 percent of businesses worldwide have already been affected by ransomware attacks this year, with LockBit3.0 and CI0p Ransomware claiming the bulk of victims last quarter.

The scourge of modern digital businesses everywhere, the proliferation of ransomware shows no sign of slowing down thanks to the rise of ransomware-as-a-service (RaaS) platforms -- so much so that it has become the most prevalent issue confronting organizations today.

Continue reading →

A new global study of over 1,600 software testers reveals that 78 percent have already adopted some form of AI to improve productivity.

The report from LambdaTest also shows companies are working to respond to the need for greater software reliability with 72 percent of organizations involving testers in 'sprint' planning sessions, signaling a substantial shift towards software quality being considered earlier in the software development lifecycle.

Continue reading →

While we all know email is a big target for attackers, it’s important to remember that email is not the only risk vector. As companies use more tools and features, the risks grow too. Email is just one piece of the puzzle, which is why it is crucial to consider a wide range of employee security behaviors to get a holistic view of your risks. By doing so, you can focus resources more efficiently.

Human Risk Management (HRM) is a vital part of cyber security. Even if you have technological safeguards in place, HRM plays a substantial role in your overall security stance. Here I highlight some of the employee cyber risks that often get overlooked and how we can better keep an eye on them in real time.

Continue reading →

The demands of daily lives increasingly mean that we want to be connected wherever we are. Add in the shift to hybrid working and we’re likely to want to be in touch with the office all the time too.

That makes the lure of free public Wi-Fi, whether it's in a coffee shop, a hotel or an airport, hard to resist, especially if you have a limited data allowance on your mobile contract. But of course using public networks always comes with a side order of added risk.

Continue reading →

As we approach the end of 2023, the Linux community receives a delightful surprise: the December refresh of Mabox Linux 23.12. This update is not just a routine upgrade; it introduces the latest Long-Term Support (LTS) kernel 6.6, ensuring enhanced stability and longevity for users.

That 6.6 kernel promises support until December 2026, aligning with Mabox's commitment to long-term reliability. Additionally, Mabox hasn't forgotten its legacy hardware users, offering an alternative ISO with the older yet reliable LTS 5.4 kernel. Users can install multiple kernels, from the latest 6.6 to the sturdy 4.19 version, and select their preferred one at boot time.

Continue reading →

When we want to secure something highly valuable, say, a bag of ancient Spanish coins worth millions, we think of locking it behind as many layers as possible. For example, you might put it in a safe deposit box in a bank vault, nestled safely inside the institution that is itself blanketed with redundant physical security controls.

As organizations have become increasingly complex, so too have their associated layers of security around application access. Enterprises have tremendous amounts of applications and data, as well as users and devices with differing levels of permissions trying to access that data. To provide a consistent, IT-vetted method of creating, managing, storing, and authenticating the complexity of application access, we have arrived at Identity Provider (IdP) tools. IdPs are (typically) cloud-hosted services that store unique information used to identify users, organizations, and devices ("digital identities"), authenticate access requests, add/remove users, and provide security around these functions. Popular examples of solutions often used for IdP functionality include Okta, Microsoft Azure AD, and Duo.

Continue reading →

The IT and cloud computing landscape has grown and evolved in 2023, and it’s poised to continue developing in 2024. Companies worldwide are actively adapting to the dynamics of a post-pandemic world. In this pursuit of resilience and innovation, we anticipate the emergence of four key trends that will shape the new year. These trends encompass technological advancements and shifting IT paradigms regarding spending, loyalty and governance.

Here are four trends we will likely see in the new year.

Continue reading →