Apple's Advanced Data protection allows the data that its users store in iCloud to be end-to-end encrypted. On Friday of last week the company announced that it would be removing this tool from users in the UK.

The move follows a demand from the UK government to allow 'backdoor' access into data in order to investigate crime. The problem is that even Apple can't access ADP protected data and the company argues that a backdoor would be exploited by attackers.

Continue reading →

Financial institutions are facing a significant increase in deepfake fraud attempts, which have grown by a staggering 2,137 percent in the last three years.

Data from Signicat based on responses from 1,200 people in the financial and payment sectors across seven European countries, including the UK, shows that account takeover is the leading type of fraud their customers are exposed to, followed by card payment fraud and phishing.

Continue reading →

Insider security incidents remain a problem for business, yet many organizations struggle with limited budgets, minimal talent resources, and tools that fail to detect subtle insider threat patterns.

OpenText is launching a new Core Threat Detection and Response solution, an AI-powered product designed to address the growing challenge of insider threats and advanced attacks.

Continue reading →

It's becoming common in the cybersecurity industry to encounter two situations that are equally untenable.

On the one hand, the job of a typical chief information security officer (CISO) has become overburdened with the high stress of constantly evolving risks, talent shortages, budget constraints, board disconnects and more, leading to burnout. On the other, many organizations, particularly small to midmarket ones, don't have the resources to afford a full-time security executive, despite facing the same cybersecurity and compliance challenges as everyone else.

Continue reading →

As organizations increasingly rely on mobile devices for business operations, including multi-factor authentication and mobile-first applications, mobile phishing poses a severe risk to enterprise security.

New research from Zimperium's zLabs shows a surge in mobile-focused attacks, dubbed 'mishing', activity peaking in August 2024 with over 1,000 daily attack records. These attacks are specifically designed to evade desktop security measures, executing only on mobile devices.

Continue reading →

Only a third of cybersecurity professionals would recommend their employer according to a new study carried out by IANS Research in collaboration with Artico Search.

It finds low satisfaction coincides with perceptions of limited career growth, with fewer than 40 percent of respondents satisfied with their advancement opportunities and more than 45 percent expressing frustration over slow progression. While compensation remains a factor, the ability to develop new skills and advance within an organization has a greater impact on retention.

Continue reading →

AI adoption is gaining momentum in the public sector as elsewhere, with benefits like predictive analytics and issue detection, but concerns still linger.

Around four in 10 respondents to a new study by SolarWinds, focused on public sector staff, say they are extremely or very concerned about potential risks associated with adopting AI, such as data privacy and compliance, making full-scale implementation a cautious process.

Continue reading →

Microsoft is moving closer to quantum computing supremacy with the arrival of its new Majorana 1 chip, a development which could potentially have a far-reaching impact on cybersecurity. While the Windows-maker touts this as progress, the reality is far more concerning. The encryption that protects banking transactions, government data, and personal communications could soon be worthless.

Microsoft's advancement comes down to Microsoft’s new topoconductor material, which enables a type of quantum computing that scales far beyond anything possible today. “We took a step back and said ‘OK, let’s invent the transistor for the quantum age. What properties does it need to have?’” said Chetan Nayak, Microsoft technical fellow. “And that’s really how we got here -- it’s the particular combination, the quality and the important details in our new materials stack that have enabled a new kind of qubit and ultimately our entire architecture.”

Continue reading →

Ransomware is continuously on the rise. Despite multiple major law enforcement actions against ransomware groups over the past year, there has been a significant increase in ransomware attacks between 2023 and 2024. Interestingly enough, there was also a tracked 35 percent drop in ransomware payments in 2024, but it is clear that this is not stopping ransomware attacks from continuing as threat actors are finding other ways to monetize the data they’re stealing.

To combat this rise, cyber security measures within organizations need to be improved at every level, especially as the threat landscape grows even more complex. This past year has shown us that the importance of careful third-party vendor collaboration particularly must not be overlooked. With that said, there are a few considerations that need to take priority as 2025 progresses.

Continue reading →

A new report from Darktrace reveals that Malware-as-a-Service (MaaS) is now responsible for 57 percent of all cyber threats to organizations, a 17 percent increase from the first half of 2024.

The use of remote access trojans (RATs) has also seen a significant increase in the latter half of last year, representing 46 percent of campaign activity identified, compared to only 12 percent in the first half.

Continue reading →

Increased use of open source and third-party code leaves organizations open to more attacks on the software supply chain.

Open source vulnerabilities have become a prime target for attackers and organizations need to strengthen their defenses. We spoke to Richard Clark, senior solutions architect at JFrog, to discuss the importance of proactive measures in protecting against these threats.

Continue reading →

A new report from Fortanix finds that 97 percent of companies block or restrict GenAI usage, and 89 percent of the respondents believe that such controls on usage are successful.

However, the same report -- based on a survey of 1,000 executives -- reveals that 95 percent of professionals use some form of AI, and 66 percent of respondents use GenAI for work, with 64 percent using personal email accounts to access the tools.

Continue reading →

Around a third of web users say they would like to delete themselves from the internet, with people in the US and Canada being at the top of the list.

Research from cybersecurity company NordVPN and personal data removal service Incogni, finds that worldwide 45 percent of people are worried about being hacked, one of the key reasons for wanting to take themselves off the web.

Continue reading →

The cybersecurity landscape is constantly evolving and organizations need to stay up to date if they're to adequately protect themselves.

At the end of last year, O'Reilly released its 2024 State of Security survey, which analyzes the threats that concern frontline practitioners most, the projects they're implementing to safeguard systems and infrastructure, the skills companies are hiring for, and more.

Continue reading →

Analysis of data logged by the Barracuda Managed XDR Security Operations Center shows ransomware threats have increased by four times over the last year.

In 2024, Barracuda Managed XDR logged 11 trillion IT events -- 350,000 per second. Just over a million were flagged as a potential risk and of these, 16,812 were identified as high-severity threats that required immediate defensive action. That’s a small percentage but highlights the need for powerful engines, analysis tools and human expertise to detect them.

Continue reading →