Linux-based operating systems are generally considered to be more secure than the likes of Windows, but that does not mean they are completely without security issues. Google security researcher have issued a warning about a series of "zero-click" vulnerabilities in the Linux Bluetooth stack.

Dubbed BleedingTooth, the collection of security flaw could allow for remote code execution attacks. The issue affects Linux kernel 4.8 and higher, and can be found in the open-source BlueZ protocol stack. It has been assigned CVE-2020-12351 and a CVSS score of 8.3.

Continue reading →

Securing enterprise networks used to be a matter of simply defending the perimeter, but in the new normal world of much higher levels of remote access, things have become more complicated.

One of the technologies being used increasingly by businesses is Secure Access Service Edge (SASE). We spoke to Mike Wood, chief marketing officer of Versa Networks, to discover more about SASE and what it can deliver.

Continue reading →

The General Data Protection Regulation (GDPR) came into force in the EU in May 2018 with the aim of giving individuals greater protection over how businesses use their data.

But the COVID-19 pandemic has thrown up new challenges and remaining compliant with the regulations in an age of remote working is one of them. We spoke to Brendan Kiely, managing director and co-founder of secure remote working specialist ThinScale Technology to discuss the implications of GDPR and the 'new normal'.

Continue reading →

New research from Exabeam reveals that while 88 percent of cybersecurity professionals believe automation will make their jobs easier, younger staffers are more concerned that the technology will replace their roles.

The 2020 Cybersecurity Salary, Skills and Stress Survey, an annual survey of security practitioners finds overall satisfaction levels continue a three-year positive trend, with 96 percent of respondents indicating they are happy with their role and responsibilities and 87 percent pleased with salary and earnings.

Continue reading →

APIs have become an important mechanism in the modern web, allowing organizations to create powerful web and mobile experiences, using back end data and logic to create new and innovative offerings.

But in order to use them safely they need to be secured and that means understanding what APIs there are in your environment, what their function is and what their traffic profile looks like.

Continue reading →

Virtual appliances are an inexpensive and relatively easy way for software vendors to distribute their wares for customers to deploy in public and private cloud environments, but new research shows appliances often have exploitable and fixable vulnerabilities, or are running on outdated or unsupported operating systems.

The Orca Security research study found 401,571 total vulnerabilities in scanning 2,218 virtual appliance images from 540 software vendors. This means less than eight percent of virtual appliances were free of known vulnerabilities.

Continue reading →

Targeting of SaaS user accounts was one of the fastest-growing problems for organizations, even before COVID-19 forced a rapid shift to remote work, but a new report shows cybercriminals are using built-in Office 365 services in their attacks.

The study from network detection and response company Vectra, based on four million monitored Office 365 accounts, shows that 71 percent of of those surveyed had seen suspicious Office 365 Power Automate behaviors.

Continue reading →

According to a new report, 71 percent of healthcare organizations are now more concerened about insider threats than they were before the pandemic.

The study from Netwrix shows that pre-pandemic, these organizations were mostly concerned about employees accidentally sharing sensitive data (88 percent) and rogue admins (80 percent). Today they are worried about phishing (87 percent), admin mistakes (71 percent) and data theft by employees (71 percent).

Continue reading →

We reported earlier this week that ransomware attacks have increased dramatically in the last year and it's undoubtedly a growing problem.

In order to demonstrate just how big an issue it's become, Lumu, which helps businesses measure their compromise exposure, has produced an infographic detailing the cost and extent of ransomware.

Continue reading →

The latest annual Cybersecurity Report Card from threat intelligence specialist DomainTools shows security breaches among those surveyed have remained essentially unchanged from last year's report at 16 percent.

Yet almost 60 percent of organizations detected a moderate to a dramatic increase in cyber attacks during and following the pandemic, which points to a rise in the overall breach prevention success rate.

Continue reading →

A new report from Thycotic reveals that 58 percent of IT security decision makers say their organizations plan to add more security budget in the next 12 months, and almost three out of five believe that in the next financial year they will have more security budget because of COVID-19.

More than three quarters (77 percent) of respondents have received boardroom investment for new security projects either in response to a cyber incident in their organization (49 percent) or through fear of audit failure (28 percent).

Continue reading →

With phishing and social engineering attacks on the increase it's usually the case that the weakest link in the security chain is now the human one.

Cybersecurity company ESET clearly thinks so because for the first time it's launching its own Cybersecurity Awareness Training, a new online offering designed to educate workforces on how to recognize phishing, avoid scams and understand internet best practices.

Continue reading →

The risk of cyberattack and loss of data is very real for all companies and it's something that's starting to be a concern for investors too.

New research from security ratings company BitSight and Solactive, a German index engineering firm, shows that company's cybersecurity performance is an indicator of its business performance.

Continue reading →

In the last three months ransomware attacks have grown by a global average of 50 percent compared to the first half of 2020.

The figures look even bleaker for individual countries, with attacks up by by 98 percent in the US, 80 percent in the UK, 145 percent in Germany, 36 percent in France and 160 percent in Spain.

Continue reading →

A new study finds that 56 percent of IT and operational technology security professionals at industrial enterprises have seen an increase in cybersecurity threats since the start of the COVID-19 pandemic in March.

In addition, the research from Claroty, based on a global, independent survey of 1,100 full-time IT and OT security professionals, shows that 70 percent have seen cyber criminals using new tactics to target their organizations in this time frame.

Continue reading →