Articles about Security

Starting next week, GitHub is going to require active developers on the site to enable at least one form of two-factor authentication (2FA). The security initiative will start with specially selected groups of developers and administrators on March 13.

Until the end of the year, GitHub will begin notifying those who have been selected of the 2FA requirement. As the year progresses, more and more users will be obliged to enable two-factor authentication.

Continue reading →

The threat of business email compromise (BEC) is growing year on year and is projected to be twice as high as the threat of phishing in general.

According to a new report from cloud email security platform IRONSCALES, over 93 percent of organizations have experienced one or more of the BEC attack variants in the previous 12 months, with 62 percent facing three or more attack variants.

Continue reading →

Secrets are not just login credentials and personal data; they securely hold together the components of the modern software supply chain, from code to the cloud. And because of the leverage they provide they are much sought-after by hackers.

However, many breaches that occurred in 2022 show how inadequate the protection of secrets is. Research from automated detection specialist GitGuardian finds that one in 10 code authors exposed a secret in 2022.

Continue reading →

Much of our modern communication relies on satellites, but the data sent between them and ground stations is vulnerable to theft, leaving satellite communications even more accessible than typical internet communications.

Post-quantum cybersecurity company QuSecure has announced that it's achieved an end-to-end quantum-resilient cryptographic communications satellite link.

Continue reading →

Password service 1Password is launching a new service that will allow enterprise customers to unlock their 1Password accounts using third-party identity services.

Unlock with Single Sign-On (SSO) automatically provisions and deprovisions employees, with streamlined deployment through the bridge connection for the 1Password SCIM (System for Cross-domain Identity Management).

Continue reading →

The latest Annual Trends Report from Jamf, based on a sample of 500,000 devices protected by the company's technology, looks at the threats impacting devices used in the modern workplace and finds social engineering tops the list.

The combination of an increasingly distributed workforce with the relative ease with which bad actors can carry out phishing campaigns, leads to the leakage of user credentials. In 2022, 31 percent of organizations had at least one user fall victim to a phishing attack.

Continue reading →

Things have been undeniably chaotic at Twitter since the arrival of Elon Musk, but the social network is still rolling out new features. Next in line for an update are direct messages.

DMs are due to receive a batch of new features and functionality, not least of which is a much-requested security feature -- encryption. But there is much more to look forward to. And if all goes according to plan, the new features will roll out later this month.

Continue reading →

In 2023, regulators will throw down a 'reporting gauntlet', and mandate listed companies to disclose cyberattacks in record time. This legislative sea change will not only intensify the need for adequate protections against attacks, but will require companies to identify and report an incident to their shareholders and the Cybersecurity Infrastructure Security Agency (CISA) within 72 hours.

Regulators have taken note that businesses are fighting a losing battle against foreign and domestic cyber criminality, and by introducing more stringent cybersecurity regulation, their focus is to ensure companies treat cyberattacks as an increasingly systemic threat.

Continue reading →

From healthcare and education to housing, transport, energy, and so much more, governmental departments across the UK are the critical components of the country’s democratic system which ensures continued good governance through the dispensations of services that meet citizens' needs while representing their interests.

Alongside extraordinary financial challenges, the local government sector has had to grapple with a quickly-changing environment brought on by the disruption of the pandemic, rising geopolitical tensions, and a rapidly digitizing global society. This has driven the need for the digital transformation of the UK’s public sector in order to not only keep pace with the shifting landscape, but also take advantage of the opportunities that emerging technologies have to offer in improving efficiencies and enhancing service delivery.

Continue reading →

A recent Statista report revealed the financial consequences of cybercrime in 2022 were higher than ever, with the average cost of data breaches in the U.S. totaling more than $9 million. With 2023 poised to be the year of reduced spending given an uncertain economy, protection against the rise of cyber incidents and data breaches will impact numerous industries and become more costly due to inflation. The human cost, however, is just as great, as businesses face increasing pressures to protect employees’ and customers’ personal information as well as their time and trust.

When a data breach occurs there’s little room and time for error: victims, as well as employees and stakeholders, expect a swift and appropriate incident response. Companies that handle mass amounts of personal data, especially in the legal sector where PII-containing case data is at stake, should look to new solutions rooted in artificial intelligence to complete similar tasks at faster speeds and reduced price points. This will also provide senior leadership much-needed peace of mind amid security-compromised induced stress.

Continue reading →

Everyone needs a backup -- but those backups require protecting too. Thankfully Acronis Cyber Protect Home Office 2023 Advanced has both bases covered: comprehensive backup for everything from individual files and folders to entire hard drives on the one hand, and protection against data-stealing malware on the other.

Not only does Acronis Cyber Protect Home Office 2023 Advanced -- available for under £25/$30 thanks to our great deal -- allow you to back up your files to another drive plugged directly into your PC or Mac or some form of network attached storage, but your subscription also entitles you to hundreds of gigabytes of online storage space, ensuring at least one copy of your data is stored offsite according to backup best-practice.

Continue reading →

Enterprises need real-time access to lots of data, but it's important that access to that data is properly controlled.

Radiant Logic is launching a new data intelligence offering that offers identity observability and visualization capabilities, all built on an extensible API-layer and available as a SaaS offering.

Continue reading →

Following a security disclosure by Intel way back in June of last year about vulnerabilities affecting its processors, Microsoft has issued a series of out-of-band fixes for the flaws.

In all, Intel revealed details of four data-exposing chip flaws (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127 and CVE-2022-21166) described collectively as Processor MMIO (memory-mapped I/O) Stale Data Vulnerabilities. Now Microsoft has released a total of six emergency updates for various versions of Windows 10, Windows 11 and Windows Server.

Continue reading →

In a tumultuous geopolitical environment, organizations use digital transformation initiatives to accelerate and maintain their productivity. Companies want IT to increase innovation and improve the efficiency of processes across their business. At the same time, IT leaders are under mounting pressure to gain full visibility of their infrastructure. This pressure stems from the need to minimize or mitigate the risk of any disruption that could directly impact customers, shareholders and employee data.

Without a clear understanding of where your tech stack sits today, those future goals will forever be out of reach. Whether you are a brand new CIO taking on IT responsibility for the first time, or a seasoned CIO with years of experience, being able to go between the big picture and the nuanced details is a necessary skill to develop.

Continue reading →

According to data from Lookout, 2022 has seen the highest percentage of mobile phishing encounter rates ever, with an average of more than 30 percent of personal and enterprise users exposed to these attacks every quarter.

Since 2021, mobile phishing encounter rates have increased by around 10 percent for enterprise devices and more than 20 percent for personal devices.

Continue reading →