Articles about Security

Email is suffering an identity crisis. Email’s core protocols make no provisions for authenticating the identities of senders, which has resulted in a worldwide spearphishing and impersonation epidemic, leading to billions of dollars in monetary losses, security mitigation costs, and brand damage. As a result, email security will be a central theme in the new year, both as a source of threats as well as an increasingly urgent issue for cybersecurity professionals to address.

In 2020, we will see email security prove itself to be a weak link in election security as well as corporate security. At the same time, Domain-based Message Authentication, Reporting and Conformance (DMARC) will gain popularity across several industries, driven both by the need to eliminate domain spoofing, and by the desire for brands to take advantage of Brand Indicators for Message Identification (BIMI), a new standard that requires DMARC. Email authentication works -- but it’s up to domain owners to take advantage of it. Increasingly they will do so, as they realize that a failure to proactively defend their domains can leave them vulnerable to convincing exploits from cybercriminals.

Continue reading →

Advanced persistent threats (APTs) have become aggressive in their attempts to breach organizations’ networks. These malicious actors look to gain unauthorized access to infrastructures for prolonged periods of time so that they can perform various acts including mining and stealing sensitive data. Their ability to evade conventional security measures have allowed them to cause costly data breaches against many businesses.

Hackers have even found ways to intensify their malicious activities. According to an Accenture report, threat actors and groups have now teamed up to conduct targeted intrusions and spread malware. Among them are financially motivated groups such as the Cobalt Group and Contract Crew. These increasing cyberattack threats have prompted companies to toughen up their security. Gartner estimates that security spending will grow to $170.4 billion in 2022.

Continue reading →

With deepfake voice fraud an increasing threat, new research shows that 30 percent of Americans are not confident they would be able to detect the difference between a computer generated voice and a human one.

The study from ID R&D, a provider of AI-based biometrics and voice and face anti-spoofing technologies, shows only just over a third (36 percent) are confident they could spot a fake.

Continue reading →

It's the time of year again where the great and good of the tech sector like to consult the tea leaves, gaze into the crystal ball, read the runes -- and of course draw on their industry knowledge -- to give their predictions for the year ahead.

So, what do they think is in store for cybersecurity in 2020?

Continue reading →

Financial services business tend to be attacked more than those in any other sector, but a new study finds that 75 percent of respondents in this industry are over confident in their data management practices.

A worrying 24 percent of respondents to Integris Software's 2019 FinServ Data Privacy Maturity Study only update their personal data inventory once a year. Even more concerning, 13 percent only inventory sensitive data when audited or in response to regulation requests.

Continue reading →

Security segmentation limits the ability for attacks to move laterally inside an organization by breaking data center and campus networks or clouds into smaller segments. But a new study reveals that only 19 percent currently implement segmentation solutions today.

The study of 300 IT professionals carried out by Virtual Intelligence Briefing for Illumio also shows that while approximately 25 percent are actively planning a project, more than half are not protecting with segmentation at all or planning to in the next six months.

Continue reading →

In the retail sector particularly the line between online and offline worlds is increasingly blurred. But how can businesses protect their customer data effectively in this world?

We spoke to, Gary Barnett, CEO of secure payment systems specialist Semafone to discuss this, the effect of the upcoming CCPA legislation and more.

Continue reading →

A new survey of almost 300 IT security professionals in large enterprises finds 53 percent of respondents say most or all cybersecurity vendors rely on unclear, opaque, and ambiguous data to promote their products.

In addition the study from Valimail, a provider of identity-based anti-phishing solutions, finds 42 percent of respondents say cybersecurity products deliver value 'sometimes,' but it is difficult or impossible to prove that value.

Continue reading →

Data usage and analysis are now key drivers of innovation and competitive advantage, but increased data use raises issues surrounding security, privacy and compliance.

Israeli company Satori Cyber is launching a new Secure Data Access Cloud to offer continuous visibility and control of data flows across all cloud and hybrid data stores.

Continue reading →

DNS amplification attacks have grown by over 4,000 percent over the last year according to Nexusguard's latest threat report.

DNSSEC (Domain Name System Security Extensions) remains the main source of growth in DNS amplification attacks in the quarter, but Nexusguard analysts have also detected a sharp and concerning rise in TCP SYN Flood attacks.

Continue reading →

According to a new report, more than 60 percent of all leaked records in 2019 were exposed by financial services organizations, despite only six percent of breaches affecting these organizations.

The 2019 Financial Breach Report from Bitglass says these figures are at least partially due to the Capital One breach, which compromised more than 100 million records.

Continue reading →

Despite data breaches involving stolen or cracked passwords constantly being in the news, it seems people are still making poor choices when it comes to their login credentials.

Password manager NordPass has compiled a list of the 200 most commonly used passwords of 2019 and highlighted the 20 you should never be using.

Continue reading →

New account fraud -- attempts by an individual to create a new online account by manipulating a government-issued ID -- is up 28 percent this year according to a new report.

Data from trusted identity provider Jumio shows this type of fraud has increased over 100 percent on 2014 levels.

Continue reading →

Network security and intelligence company WatchGuard Technologies has released its internet security report for the third quarter of 2019 showing the most popular network attacks.

Apache Struts vulnerabilities -- including one used in the devastating Equifax data breach which tops the list -- appeared for the first time on WatchGuard's list. The report also highlights a major rise in zero day malware detections, increasing use of Microsoft Office exploits and legitimate penetration testing tools, and more.

Continue reading →

New data published by INAP at Gartner's IT Infrastructure, Operations and Cloud Strategies Conference in Las Vegas this week reveals the top challenges IT professionals expect to face in 2020.

Migrating applications to the cloud tops the list for 37 percent (up from 34 percent last year) while protecting against cyber attacks is in second place chosen by 31 percent (down from 36 percent).

Continue reading →