Articles about Internet

Recent attacks have highlighted the vulnerability of industrial control systems to attack and a new report has found 18,000 exposed devices that are likely used to control industrial systems.

The report, from internet intelligence platform Censys, focuses on ICS devices in the US and UK and also finds that almost 50 percent of the human-machine interfaces associated with water and wastewater systems (WWS) identified could be manipulated without any authentication required.

Continue reading →

Take up of passkeys as a more secure means of accessing websites has been a little disappointing to date, but new research from Dashlane shows that passkeys are starting to gain traction with consumers.

It finds that early passkey adoption is largely being driven by the consumer space, with 'sticky' apps (those used frequently on a daily basis -- including Facebook and X) leading the way.

Continue reading →

Cybercriminals are abusing legitimate URL protection services to hide malicious URLs in phishing emails, according to a new Threat Spotlight from Barracuda Networks.

Researchers have observed phishing attacks taking advantage of three different URL protection services to mask their phishing URLs. The services are provided by trusted, legitimate brands. To date, these attacks have targeted hundreds of companies.

Continue reading →

When the internet first emerged, the need for load balancers was mainly to optimize the growing use of PC servers and to support the surge in Web traffic. Their basic functionality was designed to pool server resources to meet this demand.

Load balancers have come a long way since, becoming broadly accepted as essential for evolving IT infrastructure and the exponential growth of apps.

Continue reading →

Over 58,000 unique websites from around the world are vulnerable to data breaches and even complete takeovers according to new research.

The Cybernews research team has investigated publicly exposed environment files (.env) that should be kept private and protected at all costs. These files hold passwords, API keys, and other secrets that websites need to access databases, mail servers, payment processors, content management systems, and various other services.

Continue reading →

Organizations have grappled with business threats posed by various automated bots and crawlers over the years. The latest flavor to take the spotlight is AI crawlers which source proprietary content to feed the AIs they serve.

We spoke to Eyal Benishti, CEO of IRONSCALES, to discuss AI crawlers and why it's important for security teams to establish boundaries for their use.

Continue reading →

Microsoft has announced a series of updates to Edge for Business aimed at making the browser a more attractive proposition for enterprises.

Launched at Build yesterday, new features include screenshot prevention in order to block data exfiltration, this also applies to Copilot prompts and responses. There's also improved leak protection for sensitive documents.

Continue reading →

We tend to think of the internet as being something that's the same all over the world, but with nations like China, India and Russia increasingly closing off the wider web to their citizens, is the global nature of the internet under threat?

We spoke to Ruoting Sun, VP of Product at Secureframe about the phenomenon of 'internet fracturing' and what it means for businesses.

Continue reading →

More than half of respondents (53 percent) to a new survey say their existing cybersecurity solutions do not effectively address website impersonation attacks, and 41 percent say their existing solutions only partially protect them and their customers.

The study from Memcyco, based on research from Global Surveyz, finds just six percent of brands claim to have a solution that effectively addresses these attacks despite 87 percent of companies recognizing website impersonation as a major issue and 69 percent admitting to having had these attacks carried out against their own website.

Continue reading →

For banks, know-your-customer (KYC) measures amount to 40 percent of all anti money laundering (AML) compliance costs, totaling $5.7 million each year. This sum is tiny, however, compared to what is paid for non-compliance. In 2022, global fines for inadequate AML grew by 50 percent, almost reaching $5 billion.

We spoke to Vaidotas Šedys, head of risk management at web intelligence platform Oxylabs, to discover that KYC-related challenges are not just faced by banks but are an issue for proxy and web scraping service providers too.

Continue reading →

In 2025, a new European Accessibility Act comes into force with the aim of ensuring equal access to digital products and services across the EU.

This will apply to all businesses that wish to trade in Europe, but a new report from testing specialist Applause shows that while a third of global companies are on track to comply with the EAA, over third of European companies are trailing behind.

Continue reading →

Governments around the world have been busily introducing privacy rules over the last few years and only this month the US Congress introduced a draft of a new federal law, the American Privacy Rights Act (APRA).

But how do you know if the websites you use are following the rules? ImmuniWeb is launching a new free website privacy test with checks and verifications that cover specific requirements of the majority of modern privacy, data protection and consumer protection laws in the US, UK, Europe and other regions.

Continue reading →

A new report from Imperva finds that 49.6 percent of all internet traffic came from bots in 2023, a two percent increase over the previous year, and the highest level since the company began monitoring automated traffic in 2013.

The proportion of web traffic associated with bad bots grew to 32 percent in 2023, up from 30.2 percent in 2022, while traffic from human users decreased to 50.4 percent. Automated traffic is costing organizations billions of dollars annually due to attacks on websites, APIs, and applications.

Continue reading →

Bots have been around for a long time, but they're now much more sophisticated, capable of mimicking human behavior, evading detection, and perpetrating a wide range of malicious activities.

A new report from CHEQ shows that latest bots are able to scrape data without permission, inflate engagement metrics, commit fraud, and compromise the security and integrity of websites, mobile apps, and APIs.

Continue reading →

New research from Barracuda finds that 30 percent of all attacks against web applications target security misconfigurations -- such as coding and implementation errors.

Analysis of incidents detected and mitigated by Barracuda Application Security during December shows 21 percent involved code injection. Though these were more than just SQL injections, generally designed to steal, destroy, or manipulate data.

Continue reading →