A vulnerability arising from the default installation of popular business management platform SAP could lead to a full compromise of the system say researchers.

SAP security and compliance specialist Onapsis has revealed the flaw which is found in SAP Netweaver and can be compromised by a remote unauthenticated attacker with only network access to the system.

Continue reading →

Secondary storage specialist Cohesity is launching new capabilities that allow organizations to leverage the public cloud for faster application testing and development, while still ensuring seamless backup and recovery.

A growing number of enterprises are moving application testing and development onto public cloud infrastructure, taking advantage of its agility and elasticity to speed time to market. Using Cohesity CloudSpin, users can instantly convert backup data stored on Cohesity DataPlatform into a new virtual machine for testing or development in the cloud.

Continue reading →

Although endpoint security solutions have improved, a new survey of IT security professionals finds that three quarters believe their existing anti-malware solutions would be able to prevent no more than 70 percent of infections.

The study from anti-evasion specialist Minerva Labs shows nearly half of the respondents surveyed (48 percent) say that they have seen about the same number of malware infections than previous years while 32 percent claim to have seen an increase in infections.

Continue reading →

Sales staff often find themselves spending time on administrative tasks that keep them away from actual selling.

San Francisco-based company SalesHero is aiming to change that with the launch of Robin, a new AI assistant for sales staff that learns from the user's actions and automates processes to improve daily productivity.

Continue reading →

The cloud is the best place to run analytics according to 83 percent of the world’s biggest companies.

A new survey for Teradata conducted by Vanson Bourne shows that by 2023, most organizations want to run all of their analytics in the cloud. But an overwhelming 91 percent say that analytics should be moving to the public cloud at a faster rate.

Continue reading →

A new study looking at industrial control systems (ICS) security in the energy industry reveals a majority of respondents are worried about potentially catastrophic effects from a successful cyber attack.

The study carried out for security and compliance specialist Tripwire by Dimensional Research included 151 IT and operational technology (OT) security professionals at energy and oil and gas companies.

Continue reading →

A new survey of channel partners by container platform specialist Diamanti reveals that resellers and service providers see the adoption of containers as a massive disruption and opportunity.

Enterprises are rapidly adapting their applications and systems for the cloud, and containers are viewed as a key enabling technology. According to Diamanti's survey, more than 75 percent of channel partners say containers represent a moderate or major money-making opportunity.

Continue reading →

A new survey reveals that 60 percent of companies are not likely to meet the May 25 deadline for compliance with the new European GDPR legislation.

The study from Crowd Research Partners shows only seven percent of surveyed organizations say they are in full compliance with GDPR requirements today, and 33 percent state they are well on their way to the compliance deadline.

Continue reading →

Hardware authentication specialist Yubico is announcing a new FIDO2 compatible security key which will be supported in Windows 10 devices and Microsoft Azure Active Directory (Azure AD).

This means that organizations will have the option to enable employees and customers to sign in to an Azure AD joined device with no password, simply by using the security key to get single sign-on to all Azure AD based applications and services.

Continue reading →

Public cloud services are now in use in 97 percent of organizations, but one in four have experienced data theft and cloud-first strategies are on the decline.

These are among the findings of the latest annual cloud report from McAfee. Among other highlights are that 83 percent store sensitive data in the public cloud and 69 percent trust the public cloud to keep their sensitive data secure. However, one in five organizations has experienced an advanced attack against its public cloud infrastructure.

Continue reading →

Cyber security company ESET is using this week's RSA Conference in San Francisco to launch its new range of enterprise security products.

These include a new ESET Enterprise Inspector, an Endpoint Detection and Response (EDR) solution, and ESET Dynamic Threat Defense, a tool that provides off-premise cloud sandboxing, which leverages machine learning and behavior-based detection to prevent zero-day attacks.

Continue reading →

Breaches related to open source components have grown 50 percent since 2017, and an eye-opening 121 percent since 2014, according to a new survey from open source governance and DevSecOps automation specialist Sonatype.

But the survey finds that those companies with mature DevOps practices are 24 percent more likely to have deployed automated security practices throughout their development lifecycle.

Continue reading →

Targeted attacks launched via a compromised account were the most successful email attack vector in the past 12 months according to new research.

The study carried out for email security company Agari by Osterman Research reveals that 44 percent of organizations have been victims of a successful ATO-based attack.

Continue reading →

A new report reveals that 97 percent of organizations are not prepared for the latest multi-vector, fast-moving, mega-scale Gen V cyber threats targeting businesses.

The 2018 Security Report from Check Point analyses the security threats and attacks that organisations globally are experiencing on their networks. It finds just three percent of enterprises are using threat prevention with cloud and mobile security which protects against large-scale, multi-vector Gen V attacks.

Continue reading →

Kubernetes is one of the most popular container platforms, which means enterprises need fast and decisive responses when security incidents and potential attacks occur within their deployments.

Container security specialist NeuVector is launching an enhanced security solution to protect Kubernetes environments by building on the unique NeuVector run-time security automation, which combines east-west traffic visibility with container process monitoring and vulnerability scanning.

Continue reading →