Articles about Security

Generative artificial intelligence (AI) systems have witnessed significant advancements in recent years, offering remarkable capabilities in a variety of domains.

Generative AI is a powerful tool that can be used for both good and bad. Threat actors have been employing the latest technology to harm businesses in various ways for decades, but organizations have and must continue to find ways to use this same technology to their advantage, and ultimately outsmart these digital thieves as AI is becoming more accessible and accepted.

Continue reading →

Moving to the cloud has always presented something of a challenge, but the pandemic made things even more difficult because of the need to manage more applications across a distributed workforce.

Add in the issue of shadow IT, and enterprises are increasingly struggling with SaaS sprawl. We spoke to BetterCloud CTO, Jamie Tischart to learn more about the problem and how to deal with it.

Continue reading →

In a world where technology and sustainability are becoming increasingly intertwined, Acer takes a significant step forward by introducing the Acer Connect Vero W6m, its first eco-friendly Wi-Fi 6E mesh router. This innovative networking solution not only offers impressive speeds and enhanced connectivity but also incorporates post-consumer recycled (PCR) materials in its construction. With a dedicated Eco mode for efficient energy consumption, Acer demonstrates its commitment to minimizing carbon footprint and fulfilling its environmental responsibility.

With Wi-Fi 6E Tri-Band AXE7800 throughput, the Acer Connect Vero W6m delivers speeds of up to 7.8 Gbps, ensuring fast and stable internet connections for all users. Furthermore, the Vero W6m can be paired with up to four units, providing impressive network ranges of up to 465m² on a dual mesh system and up to 930m² on a quad mesh system. These capabilities effectively eliminate dead spots, ensuring seamless coverage in larger areas.

Continue reading →

The latest spear phishing trends report from Barracuda Networks shows that 50 percent of organizations studied were victims of spear-phishing in 2022, with 24 percent having at least one email account compromised through account takeover.

The report draws on a data set that comprises 50 billion emails across 3.5 million mailboxes, including nearly 30 million spear-phishing emails, as well as a survey by Vanson Bourne of IT professionals from frontline to the most senior roles at 1,350 companies.

Continue reading →

Online security and privacy can be difficult to achieve in a household environment, with different people using a range of devices. Proton, the company behind a number of privacy-focused services like Proton Mail and Proton VPN, may have the answer with the launch of a new family plan.

Proton Family offers an all-in-one digital security and privacy solution designed for families. The plan offers up to six family members access to Proton's premium services and features, including end-to-end encryption for emails, calendars, file storage, password management, and VPN protection.

Continue reading →

Bug bounty programs have become a common way for companies to track down issues with software before they start to cause security concerns for users. While Google has various existing programs of this nature, the company has just launched the Mobile Vulnerability Rewards Program.

Google Mobile VRP is a bug bounty program that focuses on the company's own software. It lets security researchers and software detectives submit reports about Google's Android apps, earning financial rewards for discovering security flaws.

Continue reading →

Russia’s invasion of Ukraine in February 2022 signaled many things to the Western world, but perhaps one of the biggest warnings was how precarious energy security really was as oil and gas prices skyrocketed following the start of the war.

As Europe entered winter and the demand for energy increased, it highlighted just how vicious the cycle can be as cyber attacks on critical infrastructure and operation technology increased.

Continue reading →

The global market for commercial spyware is currently estimated at around $12 billion, which over the last 10 years has seen 80 countries purchase the technology. Spyware is used for a range of purposes, allowing operators to gain remote access to devices from across the world. Once a device becomes infected, the perpetrator gains complete control of the device, which can mean unfettered access to messages, audio calls, photos, and remote access to cameras and microphones.

What’s worrying is spyware is becoming accessible even to users lacking advanced tech skills. Cheaper, more rudimentary forms of spyware like stalkerware exist. Stalkerware can be particularly intrusive and abusive as it must be physically installed, meaning attackers need direct access to which ever device they try to infiltrate. In this article, we will expose the threat from digital spying and stalking, and how to maximize protection.

Continue reading →

The security of APIs remains a top cybersecurity concern this year, according to a new study, yet there is still a lack of dedicated API security for many companies.

Research from TraceableAI, carried out at this year's RSA conference, finds that though 69 percent of organizations claim to factor APIs into their cybersecurity strategy, 40 percent of companies do not have dedicated professionals or teams for API security.

Continue reading →

Cybersecurity is an emerging career trend and will continue to become increasingly important.

Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started. Cybersecurity Career Master Plan is designed by leading industry experts to help you enter the world of cybersecurity with confidence, covering everything from gaining the right certification to tips and tools for finding your first job.

Continue reading →

Whether security leaders oversee a small security team or an enterprise-scale team spread over numerous security operations centers (SOCs), building and maintaining integrations with other tools in the tech stack can be difficult and time-consuming.

The average business integrates approximately 75 different security products and often multiple public, and private cloud services into its technology stacks. Many dynamic factors are at play with integrations, from versioning and version control to the constant evolution of Application Program Interfaces (APIs).

Continue reading →

A new report shows that 2022 saw a 300 percent increase in 'carpet bomb' DDoS attacks compared to 2021. Carpet bomb attacks, also known as spread-spectrum or spray attacks, distribute traffic across large IP address spaces.

Legacy technology, like standard victim-oriented detection and mitigation detection techniques, often fails to accurately identify these attacks, leading to incomplete mitigation or false positives. Legacy solutions can also simply be overwhelmed by the number of IP addresses involved.

Continue reading →

Security professionals all know that they should test their security hardware and software periodically to make sure it's working as intended. Many normal IT activities have unintended consequences that cause security configurations to 'drift' over time and make the organization more vulnerable.

But testing is frequently postponed or ignored because it never becomes a high enough priority. We spoke to Song Pang, SVP of engineering at NetBrain, to find out how automation can be used to detect when security products or network traffic are no longer behaving as intended.

Continue reading →

WhatsApp has long been one of the more secure messaging apps with mass appeal, largely thanks to end-to-end encryption. This has been boosted further by features such as disappearing messages, and now Meta has added Chat Lock.

The company says that the feature "lets you protect your most intimate conversations behind one more layer of security"; what this means in practice is that message can be password or fingerprint protected. But there is more to Chat Lock than this.

Continue reading →

Microsoft has been spotted scanning for malware within password protected zip files stored on its cloud services.

Security researcher Andrew Brandt was among those to notice that Microsoft appears to be bypassing passwords added to zip archives in order to check for malware. While the intentions of the company may be good, the practice raises serious questions about privacy and security.

Continue reading →