Does your laptop have USB-A ports? Gross! Don't you know no one uses them anymore? Everyone uses USB-C now. I am, of course, being facetious -- USB-C, while great, still has a long way to go before dethroning the ubiquitous Type A. With that said, there are computers that are USB-C only, such as Apple's MacBook Pro. Owners of those computers have to get dongles to use their USB-A devices.
Tomorrow, however, Google is making it possible to ditch the dongle when using a Titan security key. You see, the search giant is launching a USB-C variant of the two-factor authentication device. Not only will it be more convenient for those with USB-C laptops, but this new model looks nicer too (it's pretty).
Security leaders have every reason to worry about the evolving threat landscape. As cyber threats proliferate (ranging from HTTP phishing to state-sponsored ransomware), the cyber talent and skills gap only grows wider.
As if this weren’t enough to keep CISOs and CIOs up at night, IT and security teams are less confident than ever in their organizations’ abilities to defend against the latest cyber attacks. Research shows at least 80 percent of IT, security, and other professionals don’t feel adequately prepared to defend their organizations. And at least 68 percent doubt their organizations’ readiness to thwart advanced threats.
Increasing overlap of IT systems with operational technology and industrial control systems poses a range of cybersecurity risks.
Visibility and control specialist Forescout Technologies wants to help organizations uncover and manage these risks with the addition of a new Asset Risk Framework to its its industrial control system security solution SilentDefense.
Phishing attacks have become commonplace to the point where we almost take them for granted. From the cybercriminal's point of view they are popular because they work.
But what are the origins of phishing and how has it developed? Email security specialist Anavan has put together an infographic looking at the history and future of the threat.
Artificial intelligence inspires intrigue, fear and confusion in equal measure. But to thrive in the new era, organizations need to reduce the risks posed by AI and make the most of the opportunities it offers.
This is the conclusion of a new report from the Information Security Forum aimed at helping business and security leaders to better understand what AI is, identify the information risks posed and how to mitigate them, and explore opportunities around using AI in defense.
The Emotet Botnet has started spreading several new spam campaigns again after a three-month break, according to research from Check Point.
Researchers first reported the notorious botnet taking a break in June 2019, but that the infrastructure had become active again in August. Some of the spam campaigns featured emails which contained a link to download a malicious Word file, and some contained the malicious document itself.
Small businesses are frequently a target for attack because they lack the resources to protect their systems as effectively as larger enterprises.
BullGuard is addressing this problem with the launch of Small Office Security which provides robust endpoint protection for desktops, laptops, tablets and smartphones, making it possible to safely on devices in the office, at home, or while hot desking or traveling.
Due to the potentially crippling effect of security breaches and data loss on both the bottom line and a brand’s reputation it's vital for organizations to protect their users.
Increasingly, identity management has become central to building seamless, secure digital engagement platforms, differentiating products, and winning long-term loyalty. However there can be a trade off between security and performance.
Traditional cyber defenses are designed to protect assets that exist within an organization's network. But with the growth of the cloud, IoT and more, assets now extend far beyond the network perimeter, increasing the risk of exposure or theft.
FireEye is launching a Digital Threat Monitoring tool that automatically collects and analyzes content on the dark and open web, alerting defenders whenever a potential threat is detected.
Pass the Hash (PtH) attacks which use stolen hashed administrator credentials to breach security are a major risk to businesses.
A new report from One Identity, based on a survey of over 1,000 IT professionals carried out by Dimensional Research, finds 95 percent of respondents say that PtH attacks have a direct impact on their organizations.
Twitter has announced that email addresses and phone numbers provided by users for use with two-factor authentication (2FA) have been "inadvertently" used to deliver tailored ads.
The company says it does not know how many people are affected by the incident, but apologizes for letting private data be used in this way. The timing of the announcement is a little strange. Twitter says that the matter was under control as of September 17, and it is not quite clear why it took three weeks to go public about it -- even though it says "in an effort to be transparent, we wanted to make everyone aware".
It shows that 76 percent of US companies have been attacked within the last 12 months, up from 55 percent in 2016. Globally, 66 percent of respondents report attacks in the same time frame.
Despite growing adoption of DMARC technology, fewer than 10 percent of enterprise email domains are protected from impersonation according to a new report from Valimail.
Valimail found that 850,000 domains worldwide now have DMARC records, a five times increase since 2016. However, fewer than 17 percent of global DMARC records are at enforcement -- meaning fake emails that appear to come from those domains are still arriving in recipients’ inboxes.
Poor privileged access management practices that lead to people having too much access continue to be a critical challenge for many organizations despite significant risks of data breaches and security incidents.
A new report from technology consulting company Sila and the Ponemon Institute surveyed more than 650 North American respondents and finds 70 percent think it likely that privileged users within their organizations are accessing sensitive or confidential data for no discernible business need.
Nearly a quarter of malicious URLs are being hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.
This is one of the findings of the latest Webroot threat report which also shows 29 percent of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol.