Internet

New analysis from CyCognito of over two million internet-exposed assets, across on-prem, cloud, APIs, and web apps, identifies exploitable assets across several key industries, using techniques that simulate real-world attacker behavior.

Techniques used include black-box pentesting using 90,000+ exploit modules, credential stuffing simulations, data exposure detection, etc. The study also used Dynamic Application Security Testing (DAST) to identify runtime web application vulnerabilities, as well as active vulnerability scanning of internet-facing services to detect CVEs, misconfigurations, and exposed assets.

We’re all familiar with the idea of TLS/SSL security certificates that verify the identity of a website and ensure trust and security on the web by confirming that the site you’re visiting is what it says it is.

Usually these relate to the domain name of the site, since that’s how most people gain access, indeed if you type in the underlying IP address instead you’ll often get an error because of the lack of a certificate.

In an age where every click, swipe, and search can be tracked, stored and analyzed, data privacy is no longer a luxury but a necessity. From social media profiles to medical records and financial transactions, personal information is constantly collected and processed, often without understanding or consent.

Recognizing data privacy as a fundamental human right isn't just a legal or technical issue, but vital for individual dignity, autonomy, and freedom of expression.

Not all browser extensions are created equal, and just because one is available in a high-profile store doesn't mean it's safe. Stores may do simple verifications to check for obvious red flags, but it's not part of their workflow to investigate deeper indicators of suspicious or malicious behavior.

ExtensionPedia, a new database developed by LayerX, changes that by providing individuals and businesses with detailed risk analyses on over 200,000 extensions to distinguish between safe, risky and malicious tools.

Time was when office colleagues would exchange information, ideas and gossip around the water cooler or coffee machine.

That's changing because of technology though, new research reveals that platforms like TikTok and Instagram are directly influencing how 83 percent of people communicate professionally, fueling conflict and misunderstanding among an increasingly intergenerational workforce.

While businesses focus on cloud services and digital transformation, they often don't realize that their operations depend on the massive cable networks laid underwater.

Recent incidents have highlighted how critical these subsea cables are for business continuity, so do businesses need to rethink their approach to infrastructure as a result? We spoke to Sharat Sinha, director and CEO of Airtel Business to find out.

A new report from performance analytics company Conviva highlights a rise in 'digital rage' as 91 percent of consumers report encountering frustrating digital service issues in the past year.

Businesses risk backlash, lost revenue, and damaged reputations if they fail to address these problems. Poor digital experiences have immediate and tangible impacts on revenue as 55 percent of consumers abandon their purchase, 50 percent switch to another company, and 39 percent cancel their subscription.

The browser space, like so many other areas of software design, is one filled with inspiration and plagiarism. When one browser adds a new feature, you know it’s probably not going to be long before its rivals follow suit. Firefox is no different, but it likes to take its sweet time.

Mozilla has just launched a tab grouping option to its web browser, finally catching up with every other major browser in existence. Quite why it took so long to introduce what is such a common feature is not clear, but Mozilla has an awful lot to say about it.

Google is making a huge change to the most famous and widely used search engine in the world. And it is the global nature of Google search, and the internet in general, which is at the heart of the change.

For a very long time, Google has used different URLs for its search engine in different countries -- google.co.uk in the UK, google.es in Spain, for instance. But no more. The company has announced that different country code top-level domain names (ccTLD) are no longer needed and will not be used.

We all know about good bots like search engine crawler bots, SEO bots, and customer service bots. And we know about bad bots, designed for malicious or harmful online activities like breaching accounts to steal personal data or commit fraud.

New research from Barracuda identifies an additional breed of 'gray bots', and these include GenAI scraper bots, designed to extract or scrape large volumes of data from websites, often to train generative AI models. Other examples of gray bots are web scrapers and automated content aggregators that collect web content such as news, reviews, travel offers and more.

Lookalike domains, crafted to closely resemble authentic domains, enable a wide range of deceptive activities. By sending emails that appear to originate from trusted sources, attackers can effectively conduct a variety of scams from phishing and social engineering attacks to invoice fraud.

A new report from BlueVoyant looks at how cybercriminals encourage their victims to click on lookalike domains, whilst highlighting the critical need for vigilance and proactive measures to counteract these threats.

Mozilla has long positioned itself as a champion of privacy and open-source software, but its latest move really makes me worry that the organization could be drifting away from those values. You see, Mozilla has introduced Terms of Use for Firefox for the first time ever. Additionally, there is an updated Privacy Notice. And while Mozilla frames this as a move toward transparency, the actual terms are raising some major red flags for me.

Mozilla claims these new terms are necessary due to a changing “technology landscape,” yet the fine print tells a far different story. One of the most troubling aspects is that users must grant Mozilla all rights necessary to operate Firefox, including a “nonexclusive, royalty-free, worldwide license” to use information entered through the browser. Mozilla insists this is meant to help users navigate the web, but the vague wording leaves a dangerous amount of room for interpretation. Could this include personal data, saved passwords, or browsing history? Mozilla simply fails to say.

Around a third of web users say they would like to delete themselves from the internet, with people in the US and Canada being at the top of the list.

Research from cybersecurity company NordVPN and personal data removal service Incogni, finds that worldwide 45 percent of people are worried about being hacked, one of the key reasons for wanting to take themselves off the web.

A surge in artificial intelligence (AI), generative AI (GenAI), and machine learning (ML) technologies is creating a massive online appetite for data. These tools are hungry for training data, this has boosted AI web scraping, which sits in a legal gray zone. Sometimes it's legal, sometimes it's not, but what's clear is that it's having ripple effects across online businesses.

We talked to Nick Rieniets, field CTO of Kasada, to learn more about the impact of web scraping and what companies can do to protect their content.

After a period of intense public and political debate, Australia has approved laws that will ban anyone under the age of 16 from using social media.

While the laws were passed yesterday, it may well be a year until they come into effect -- and they will be the strictest in the world. Once in force, tech companies such as Meta could be hit with fines of up to AUS$50 million (US $32.5 million) for failing to comply.