Security and compliance issues hold back innovation
Three quarters of C-suite executives responding to a new survey say that compliance challenges and security challenges limit their company's ability to innovate.
The study from software delivery platform CloudBees also shows executives overwhelmingly favor a shift left approach, a strategy of moving software testing and evaluation to earlier in the development lifecycle, placing the burden of compliance on development teams.
Three-quarters of organizations have suffered an API security incident in the last year
Over three-quarters (76 percent) of respondents in a new survey have suffered an API security incident in the last 12 months, primarily caused by dormant/zombie APIs, authorization vulnerabilities, and web application firewalls.
The research from Noname Security also shows that 74 percent of cybersecurity professionals don’t have a complete API inventory or know which APIs return sensitive data.
Microsoft Teams gains language interpretation for multi-lingual environments
Recognizing the fact that many groups, organizations and work forces are made up of multi-lingual members from many countries, Microsoft has made language interpretation Generally Available for users of Microsoft Teams.
Rather than offering automatic translation of speech, language interpretation allows professional interpreters to convert what a speaker says into another language in real-time.
Microsoft Teams for Windows, macOS and Linux insecurely stores authentication tokens in unprotected cleartext -- and a fix is NOT in the pipeline
Researchers from cybersecurity firm Vectra have issued a warning that Microsoft Teams stores authentication tokens in an unprotected form that could easily be abused by hackers.
The desktop apps for Windows, macOS and Linux all store authentication tokens in cleartext, and this can be used by an attacker to steal an identity and log into accounts. This is clearly worrying, but what is more concerning is Microsoft's reaction; the company says that the issue does not require "immediate servicing".
Why virtualization is making enterprise data warehouses obsolete [Q&A]
For many years the database has been at the heart of enterprise IT. But the shift to the cloud has led to massive challenges with migrations proving both slow and expensive.
A different way to approach this is to use virtualization, allowing existing applications to run on any modern cloud platform without being rewritten or replaced. We spoke to Mike Waas founder and CEO of Datometry, a SaaS database virtualization platform, to find out more.
How to get verified on Twitter -- social network revamps its guide
Users of Twitter crave different things -- everything from an edit button (now available to some) to account verification.
For anyone seeking the much sought-after blue tick, Twitter has revamped its Help Center pages, providing detailed information about how to get verified. While not complicated, the updated guide provides clear information about exactly how to apply, and how to increase your chances of a successful application for verification.
Microsoft releases PowerToys v0.62.1 to fix various bugs
The last update to Microsoft's PowerToys utility collection was a big one, adding no fewer than three new tools. Now there is a smaller, but still significant, update available in the form of PowerToys v0.62.1.
Although this particular release may not be quite as exciting as its predecessor, the fact that it addresses various issues with the software means that it is still well worth downloading.
Uber suffers 'cybersecurity incident' with hackers gaining access to internal systems and vulnerability reports
Uber is working with law enforcement after it became the latest company to fall victim to a cyber attack. Hackers were able to breach its internal systems and gain access to a range of data including emails, vulnerability reports, its HackerOne bug bounty program and more.
The attackers were also able to access Uber's Slack server, going as far as posting messaging to it. At the moment, it is not clear whether customer data has been exposed in the attack which seems to have come as the result of extracting passwords from an employee via social engineering.
Employees take risks to avoid login hassles
A new report from 1Password reveals that 43 percent of employees admit to risky online behaviors such as sharing logins, offloading tasks to others, or even abandoning certain tasks altogether to circumvent complicated login procedures.
Having to remember multiple logins heightens stress levels and strains mental health according to 41 percent of respondents. While 37 percent say that the onboarding process at their current job was time-consuming, confusing or challenging when it came to logging into work-related accounts.
US businesses unprepared for rise in cyberattacks
The average US business faces around three successful cyberattacks each year, and while most agree that attacks are set to increase, 32 percent still lack a management platform for IT secrets, like API keys, database passwords and privileged credentials, posing a significant risk to organizational security.
A new US Cybersecurity Census Report from Keeper Security shows most organizations think they're prepared to fend off cyberattacks, with 64 percent of respondents rating their preparedness at least an eight on a 10-point scale and 28 percent rating themselves as a 10/10.
The future is electric: Why electric cars will take over sooner than you think
We’re currently experiencing a boom period in electric vehicles. Right now, the RAC estimates there are at least 456,000 battery electric cars on the roads up and down the UK, with one in eight new cars being plug-ins.
The UK government’s strategy to combat climate change involves planning to stop the sale of new petrol and diesel vehicles by 2030, and for them to be zero emission by 2035. While these goals may seem lofty if you’ve never considered even test-driving an electric vehicle, the sales and registration figures alone are encouraging enough that it’s possible.
Organizations are being overwhelmed by cloud complexity
As the move toward cloud-native architectures accelerates, the data generated outstrips the ability of current solutions to produce meaningful analytics, according to a new study.
The survey, from software intelligence company Dynatrace, of 1,300 CIOs and senior cloud and IT operations managers in large organizations, shows 71 percent of CIOs say the explosion of data produced by cloud-native technology stacks is beyond human ability to manage.
Microsoft issues patch for serious security vulnerability affecting everything from Windows 7 to Windows 11
We have already written about some of the security patches issued by Microsoft this month, but the company has released a very large number of fixes in total. Included among the fixes is a patch for a security issue deemed so serious that Microsoft has even released a fix for Windows 7, despite security support for the operating system having ended at the beginning of last year.
The vulnerability is tracked as CVE-2022-37969, and is a described as a "Windows Common Log File System Driver Elevation of Privilege Vulnerability".
McAfee launches new all-encompassing privacy and identity security product line called McAfee+
The McAfee name is one that has been somewhat tainted by the activities of John McAfee, but it is one that also remains firmly associated with security. The company has just announced a new product line called McAfee+, available in three tiers, that includes an unlimited VPN at all levels.
Currently only available to users in the US, McAfee+ has Premium, Advanced and Ultimate options, each of which have Individual and Family variants, with prices ranging from $49.99 to $219.99 per year.
Microsoft introduces 'update under lock' so Microsoft 365 apps can be updated without users interruption
Keeping software updated is not only an important part of keeping on top of security, but also making sure that you have access to all of the latest features and options. But installing updates can also be annoying and disruptive, with notifications interrupting workflow -- so Microsoft has come up with a solution.
The company has developed a new technique called "update under lock" that makes it possible to apply updates to Microsoft 365 apps while a machine is in idle or locked mode. Updates can be installed even if apps are running, and there are no notifications or disruptions to irritate users.
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.