Articles about Security

Enterprises investing ample time and money in secure email gateways are still seeing fraudulent messages being delivered to their users’ inboxes undetected. In fact, phishing attacks are the origin of most breaches today.

Many organizations have therefore turned towards user security awareness programs; training staff to recognize and avoid the threats that make it into their inboxes. Why then, despite these efforts, have the number of breaches originating from phishing attacks grown every year since 2017?

Continue reading →

It's safe to say that Hollywood and pop culture have not always been kind to the tech and cybersecurity industry.

Throughout the years, movies and TV shows have established a stereotype of how IT and security experts should look, with one of the biggest stereotypes being the representation of a hacker.

Continue reading →

Ransomware actors have been forming affiliate gangs and using new tactics in order to lure additional victims, according to a new report.

The latest 2022 Bi-Annual Cyber Threat Report from Deep Instinct reveals changes in the world of ransomware gangs, including LockBit, Hive, BlackCat, and Conti.

Continue reading →

When the likes of Meta and Microsoft spend billions to kick-start what they see as the next big tech gold rush, it’s worth taking notice. We are, of course, talking about the Metaverse, a prospect so compelling that it prompted Facebook’s corporate rebrand alongside an investment in the region of $10 billion per year.

According to their launch content, the money is going towards the creation of a "hybrid of today’s online social experiences, sometimes expanded into three dimensions or projected into the physical world. It will let you share immersive experiences with other people even when you can’t be together."

Continue reading →

Do you know what IT devices are in your business or on your network right now? If not, it’s not just cybercriminals that might be knocking on your door very soon, but the White House.

Binding Operational Directive 23-01, or BOD 23-01, is a new directive from the U.S. Cybersecurity and Infrastructure Security Agency. CISA has issued a Binding Operational Directive (BOD) that orders federal agencies in the country to keep track of their IT assets and any vulnerabilities on their networks.

Continue reading →

As suggested by historical data, October has, over the last few years, shown an 'exponential growth' in cyber-attacks, ironically it is also Cyber Security Awareness month, and Halloween. As we approach the end of this year's security awareness month, and head to Halloween, it’s important that close attention is paid to proactive insights and advice offered by industry leaders.

Here is some critical advice in terms of how organizations can maintain a resilient security infrastructure in today’s target-rich environment and potentially avoid a cyber horror.

Continue reading →

Critical infrastructure is a prime target for cybercriminals and nation state actors. It often operates on legacy operational technologies (OT) which have vulnerabilities that can't be fixed easily or directly. 

We spoke to John Moran, technical director, business development at Tufin, to discuss how organizations can protect themselves. John is a former incident response consultant and is a cybercrime forensics expert.

Continue reading →

The latest report from email security and threat detection company Vade shows the volume of phishing emails up 31 percent in the last quarter compared to Q2.

Volumes peaked in July (79.2 million), dipping in August (57.5 million), and rebounding in September (67.2 million). If this pace continues through Q4, phishing volumes in the second half of 2022 are set to exceed those reached in the first half (315 million).

Continue reading →

No longer shop with a brand? Pay more for goods and services from a company with a better privacy record? Stop using an app?

All of these and more are actions people are prepared to take if they find out organizations aren't keeping their data safe, according to a new report from DataGrail.

Continue reading →

New research from Rezilion finds that there's a high level of inaccuracies and noise created by the market's most popular commercial and open-source scanning technologies.

Researchers examined 20 popular containers on DockerHub, ran them locally, and scanned them using six different, popular vulnerability scanners in the commercial and open-source market. Taking false negatives into account the scanners returned only 73 percent of relevant results out of all vulnerabilities that should have been identified, including those the scanners failed to detect.

Continue reading →

A new report analyzing billions of link-based URLs, attachments and natural language messages in email, mobile and browser channels over six months in 2022, finds more than 255 million phishing attacks -- a 61 percent increase compared to 2021.

The study from messaging security company SlashNext shows earlier security strategies, including secure email gateways, firewalls, and proxy servers are no longer stopping threats, as bad actors increasingly launch these attacks from trusted services and business and personal messaging apps.

Continue reading →

Businesses today face a wider and more dangerous array of cybersecurity threats than ever before. In the UK alone there were more than 400,000 reports of fraud and cybercrime in 2021. Those crimes come with significant costs too. In addition to the reputational damage that comes with cybersecurity incidents, data breaches cost UK companies an average of US$4.35 million.

That makes it critical that organizations have the best possible cyber defences in place, not just for the threats they face today but also for those of tomorrow. This is especially true for business-critical applications like ERP systems that need to be run continuously in order for the organization to keep operating smoothly and servicing its customers.

Continue reading →

Two-thirds (66 percent) of security and compliance leaders are worried that their employees are using unmonitored communications channels, according to a new report.

The study from Theta Lake finds 67 percent of respondents expect the usage of collaboration tools and popular platforms like Microsoft Teams, Zoom, Webex, Slack and RingCentral to increase.

Continue reading →

A new survey of UK IT decision makers from cybersecurity company WithSecure looks at global supply chain issues, with 67 percent of respondents believing that these issues will either remain the same (28 percent) or get worse (39 percent) within the next year.

As issues around inflation and supply shortages remain high in the news agenda, 43 percent believe they are very knowledgeable in their understanding of supply chain issues. However, few are confident of quick fixes to these global issues, and 60 percent of respondents believe that they will last for two years or more.

Continue reading →

Attacks on the software supply chain have become more common in recent years. Part of the key to tackling them lies in understanding what components are in your software and where they originate.

This is why the software bill of materials (SBOM) has become a vital tool for organizations seeking to secure their software. We spoke to Alex Rybak, senior director, product management at Revenera to learn more about SBOMs and what advantages they offer.

Continue reading →