Articles about Security

Much of our current IT infrastructure relies on DNS to safely route traffic. Securing that infrastructure is in turn heavily reliant on cryptography, but there's a threat looming on the horizon.

Quantum computing will offer a level of processing power that could render current cryptographic techniques obsolete, and that's a problem for the entire internet and networking world. We spoke to Peter Lowe, principal security researcher at DNSFilter, to discuss the possible impact of quantum computing on security and what can be done to address the threat.

Continue reading →

Threat hunting takes a proactive approach to identifying the security issues an organization might face. But since it tends to be based on intelligence about current threats it can overlook new ones.

Now though Trustwave has enhanced its Advanced Continual Threat Hunting platform, offering resulting in a three times increase in behavior-based threat findings that would have gone undetected by current Endpoint Detection and Response (EDR) tools.

Continue reading →

The latest report from the GuidePoint Research and Intelligence Team (GRIT) shows an increase in ransomware activity from Q3 2022 to Q4 2022, as rebranded ransomware groups significantly increased the number of publicly claimed victims.

No quarter of last year saw less than 569 total victims -- with the biggest lull occurring in late June and early July, most likely attributed to the shift from Lockbit2 to Lockbit3, although challenges in the crypto currency market may have also had an impact.

Continue reading →

New research commissioned by Telstra shows 41 percent of UK technology leaders identify cybersecurity as an enabler of innovation within their organization.

The fallout from the COVID-19 pandemic has seen unprecedented levels of digital transformation. At the same time though an ever-evolving threat landscape means that security risks are on the rise, leaving organizations facing the difficult task of balancing rapid digitization with security.

Continue reading →

A new survey of 1,300 CIOs and senior DevOps managers in large organizations finds it's getting harder for IT teams to maintain software reliability and security amid the rapid acceleration of digital transformation and rising complexity of cloud-native environments.

The study from Dynatrace finds 90 percent of organizations say their digital transformation has accelerated in the past 12 months. 78 percent of organizations deploy software updates into production every 12 hours or less, and 54 percent say they do so at least once every two hours.

Continue reading →

The switch to remote and hybrid working has led to more people working from mobile devices and using cloud platforms.

This needs a security solution that 'follows' and protects corporate data wherever it flows or resides, and with the launch of its new Cloud Security Platform, Lookout does just that.

Continue reading →

Thanks to improved security technology, most cyberattacks now rely on some element of social engineering in order to exploit the weakest link, the human.

Phillip Wylie, hacker in residence at CyCognito, believes CISOs now need to take a step back and focus on the overall picture when it comes to security. This includes securing internal and external attack surfaces, and testing the security of these environments, as well as educating employees about the risks.

Continue reading →

A new survey reveals that 72 percent of organizations report insider attacks have become more frequent (a six percent increase over last year), with 60 percent experiencing at least one attack and 25 percent experiencing more than six.

The study by Gurucul and Cybersecurity Insiders gathered responses from over 320 cybersecurity professionals and finds 75 percent say they feel moderately to extremely vulnerable to insider threats -- an increase of eight percent over the previous year.

Continue reading →

According to a new study, 33 percent of global organizations are not taking the threat of cyberwarfare seriously.

The report, from asset visibility and security company Armis, is based on a survey of over 6,000 IT and security professionals around the world and finds 24 percent feel under prepared to handle cyberwarfare. Indeed, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22 percent).

Continue reading →

League of Legends publisher Riot Games has announced that it suffered a security breach last week. While it is not clear precisely what was compromised in the social engineering-driven attack, the company says that personal information and player data was not accessed by the hackers.

The impact of the hack is that key updates and patches for numerous titles will be delayed. In addition to League of Legends, games including Teamfight Tactics have also been affected, forcing developers to change the release schedule for hotfixes.

Continue reading →

Introduced by the US military in the 1950s, Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts.

This technique has been translated to the cybersecurity world in recent years, but while the concept is strong, it's a complex strategy that has many drawbacks if not executed properly. We spoke with Avihay Cohen, CTO and co-founder of Seraphic Security, find out more about how this concept is applied to today's cybersecurity strategies, its pitfalls and how to implement it successfully.

Continue reading →

Although it has a reputation as a safe and secure operating system, Linux is not immune to malware. Indeed it's become an attractive target as increasing numbers of servers and other devices run Linux-based OSes.

Data analyzed by the Atlas VPN team, based on malware threat statistics from AV-ATLAS, shows new Linux malware threats hit record numbers in 2022, increasing by 50 percent to 1.9 million.

Continue reading →

A barrage of new threats along with increasingly complex IT environments and a shortage of skilled staff make securing the enterprise and ensuring compliance more of a challenge than ever.

In order to help businesses visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats across environments, ThreatModeler is launching a new cybersecurity asset marketplace.

Continue reading →

The advent of quantum computing offers a serious threat to the safety of encrypted information. But current post-quantum cybersecurity (PQC) solutions either can't reach edge devices like laptops and mobile phones or required software installation on these devices which is cumbersome and hard to manage.

Now though QuSecure is launching a new solution for protecting encrypted private data on any website or mobile application with quantum-resilient connections and sessions, all with no end-user installation required.

Continue reading →

The company behind NortonLifeLock, Gen Digital, has issued a warning to customers about a security breach that took place in December. Hackers used a credential-stuff attack to gain access to hundreds of thousands of Norton Password Manager accounts.

Gen Digital says that its own systems were not compromised, but warns affected customers that "we strongly believe that an unauthorized third party knows and has utilized your username and password for your account".

Continue reading →