The MITRE ATT&CK framework is now used by many organizations to help them understand and counter threats. Less well known is the latest addition, MITRE Shield.

We spoke to Carolyn Crandall, chief deception officer and CMO at Attivo Networks to find out more about how this can be used along with MITRE ATT&CK to better address adversaries.

Continue reading →

The COVID-19 pandemic has been a major influence on spending and digital transformation plans in 2020 with many businesses speeding up plans to move to the cloud.

A new study from BillingPlatform of 300 CFOs and senior finance executives shows that this trend is likely to continue into 2021. Respondents named their three top priorities as investing in cloud-based technologies (42 percent), identifying ways to drive higher revenue through new products and services (41 percent) and reducing operating costs or capital investments (36 percent).

Continue reading →

IBM Security is launching a new service that allows companies to experiment with fully homomorphic encryption (FHE) -- an emerging technology that allows data to remain encrypted while being processed or analyzed in cloud or third-party environments.

IBM Security Homomorphic Encryption Services provide companies with education, expert support, and a testing environment to develop prototype applications that can take advantage of FHE.

Continue reading →

Using unique passwords is essential for keeping documents, data and accounts safe. However, it can be hard to remember them all.

Using password managers is the ideal solution for keeping everything organized. Now that the new year is nearly upon us, it’s time to take a look at the best password managers for 2021.

Continue reading →

There are way too many streaming services nowadays. If you want to subscribe to them all, it will cost a small fortune. For instance, there is Netflix, Hulu, Disney+, and more. One of the newer services is HBO Max, which is already wildly popular. It will only gain in popularity, as several Warner Bros. movies will debut on the service simultaneously with theaters in 2021. This includes the highly anticipated Matrix 4.

With all of that said, HBO Max has not been available on Roku, which is absolutely tragic. After all, millions on households depend on Roku devices for their streaming services. Today this changes, however, as HBO Max finally comes to Roku. Woo-hoo!

Continue reading →

Back in October, we told you that Linux Mint 20.1 would be named "Ulyssa." There was excitement about this version of the operating system, especially since the developers planned to release it around Christmas. Unfortunately, there was controversy and drama surrounding Ulyssa too, as we learned the Linux Mint developers were foolishly wasting resources on an IPTV player named "Hypnotix."

So here we are -- Christmas is fast approaching, and today, the Ubuntu-based Linux Mint 20.1 'Ulyssa' BETA finally becomes available for download. The pre-release operating system can be had with your choice of three excellent desktop environments -- Cinnamon, MATE, and Xfce.

Continue reading →

January 1 is not only New Year’s Day, but also Public Domain Day. This is the day where certain previously copyrighted works enter the public domain, allowing anyone to use or creatively reinterpret them without needing to seek permission or pay a fee.

In 2021, copyrighted works from 1925 will enter the US public domain, and the list of books, movies and songs included is an impressive one. The BBC has even stated that 1925 could well be the greatest year for books, ever.

Continue reading →

For many organizations, the immediate shift to remote work meant IT pros had to manage a hyper-accelerated, mass cloud migration coupled with large-scale SaaS platform rollouts. Daily users of Microsoft Teams, for example, rose from 75 million to 115 million in less than six months. Now that the first tidal wave of digital transformation has passed, IT and security teams should recalibrate and reprioritize application security and data governance in 2021 and beyond.

And while the pandemic has underscored major SaaS platform security concerns, including a rise in sophisticated cyber threats, research indicates many organizations still struggle with the fundamental tasks needed to secure the workforce -- both remote and on-prem. Here are three common mistakes and how to avoid them.

Continue reading →

The move towards zero trust has been one of the big security stories of 2020, driven by a switch to remote work, but so far it has been largely the preserve of bigger organizations.

Now though JumpCloud has added Conditional Access policies to its Directory Platform, enabling IT admins to adopt zero trust security from the same cloud platform that they use to manage and securely connect users to IT resources.

Continue reading →

Microsoft took a big gamble with Windows 8. Back in 2012 the tech giant believed that touchscreens were the way we’d all be interacting with our devices, and so overhauled Windows to give it a touch-first design and a Start screen in place of the traditional Start menu -- which didn’t go down at all well with the Windows faithful.

Although the company relented and eventually added a Start menu and made various other user-requested tweaks, Windows 8 is viewed by many as one of the worst versions of Windows, which is a little unfair as it had much to recommend it.

Continue reading →

Researchers at mobile device security company Lookout have uncovered a new strain of spyware targeting iOS and Android users in multiple Asian countries.

Called Goontact, it targets users lured to illicit sites and steals personal information stored on their mobile devices in order to carry out sextortion scams.

Continue reading →

Paying off a bad actor for successfully implementing ransomware into an organization is the enterprise equivalent of rewarding a bad child who vandalized a home with candy -- but unfortunately, many organizations often have no choice but to pay… and pay a lot.

Technology has enabled asymmetric attacks. In other words, one attacker can federate an attack across many organizations. The attacker needs to get the attack right once -- while the defenders (corporations, governments, hospitals, etc.) need to get their defense right every… single… time!

Continue reading →

The Surface Duo is a pretty cool device on paper. If you aren't familiar, Microsoft essentially connected two Android smartphones using innovative hinges. Why did the company do this? Well, the goal was productivity -- having two apps running simultaneously on two displays would be great for business use (and entertainment).

Unfortunately, Surface Duo doesn't just exist on paper -- it is an actual product. And for the most part, it has been panned by critics. Its software is reportedly buggy and the hardware durability is questionable -- the damn thing develops cracks. Its bezels are large and unsightly, making it look very outdated. There are reports that the camera is horrible too.

Continue reading →

Without a doubt, the pandemic has accelerated digital transformation initiatives, and, in our new remote working environment, enterprises are focusing on how they can continue to provide seamless digital experiences to consumers. To achieve this, APIs are widely recognized as the oil that fuels our digital world, and different types of APIs power the digital mesh to which we are now all connected. 

Once considered niche, API technology has now become mainstream and is viewed as an integral part of the day-to-day digital landscape. In fact, according to The Forrester Wave: API Management Solutions, Q3 2020 report, "By opening access to digital business capabilities, APIs drive agility to optimise customer experiences, create dynamic digital ecosystems, achieve operational excellence, and build platform business models." 

Continue reading →

New account fraud based on ID verification declined by 23.2 percent worldwide, year-on-year in 2020 according to a new report from AI-powered identity verification specialist Jumio.

Although selfie-based fraud rates were five times higher than ID-based fraud, this shows the growing number of stolen ID documents available on the dark web and, more importantly, the growing need to determine if an ID is authentic and belongs to the user.

Continue reading →