Articles about Security

The psychology of building a resilient cybersecurity team

Cyber resilience

Cyber resilience has been a high-profile issue across industries, especially since the pandemic. As organizations were forced to adopt hybrid working, they had to reconsider infrastructural configuration. Facilitating remote working meant that businesses needed to consider a plethora of new endpoint devices connecting to the enterprise network. This increasing digital landscape is creating a wide range of complexities for businesses around network management and device visibility.

The ever-evolving IT estate is only a part of the cyber-security team’s challenges. It is almost impossible to 'solve' the complexity it brings with it because the requirements of dealing with and handling the technology keep changing. The security team's preparedness, ability to work under pressure, and people skills will determine how resilient an organization is, and how well it can detect, defend, and respond to a new or emerging attack. It is therefore vital to give teams the capabilities they need adapt to the ever-changing threat landscape. security teams.

Continue reading

ForgeRock launches cloud-native identity solution for enterprises

The change to hybrid work and increased adoption of cloud-based services has led to greater pressure on enterprises to get a grasp on their identity management.

Digital identity company ForgeRock is launching a new identity governance solution designed to address identity and compliance issues for large organizations.

Continue reading

It is bigger and it is cleverer -- Firewalla Gold Plus [Review]

Two years ago when we reviewed the Firewalla Blue we remarked on how tiny it was relative to the level of protection it offers.

The recently launched Gold Plus version is a much bigger and more serious piece of kit aimed at small businesses and professional home users. It offers the same simple, plug-in protection as the Blue but can be used in a number of other ways too.

Continue reading

Containers: The ultimate Trojan horse

Containers are meant to be immutable.Once the image is made, it is what it is, and all container instances spawned from it will be identical. The container is defined as code, so its contents, intents and dependencies are explicit. Because of this, if used carefully, containers can help reduce supply chain risks.

However, these benefits have not gone unnoticed by attackers. A number of threat actors have started to leverage containers to deploy malicious payloads and even scale up their own operations. For the Sysdig 2022 Cloud-Native Threat Report, the Sysdig Threat Research Team (Sysdig TRT) investigated what is really lurking in publicly available containers.

Continue reading

Volla Phone 22 is a privacy-focused smartphone that runs the Google-free Android-based Volla OS, Ubuntu Touch, or Sailfish OS [Review]

When buying a smartphone, you have two real choices. You can opt for an iPhone, which runs iOS, or one of the many Android handsets available from the likes of Google, Samsung, Huawei, OnePlus and Sony.

If you value your privacy, then you might want a phone that truly does too. Volla Phone 22, from German firm Hallo Welt Systeme UG, is a good-looking device that is focused on keeping you safe and secure. It runs a choice of operating systems -- Volla OS, Ubuntu Touch, and the recently added Sailfish OS -- that can be selected on start-up. Support for additional mobile operating systems is coming soon.

Continue reading

Cryptojacking malware sees a 230 percent increase in 2022

cryptocurrency mining

Crypto mining has become incredibly popular with cybercriminals over the past year, growing by 230 percent. It's not hard to see why as it's expensive in terms of machinery and energy consumption, so if you can cryptojack someone else's machine to do it there are healthy profits to be made.

New research from Kaspersky shows that despite the 'crypto winter' which has seen the value of cryptocurrencies drop significantly and the cryptocurrency industry facing a liquidity crisis, criminal activity targeting the crypto industry doesn’t seem to be slowing down.

Continue reading

How fake data can help to combat breaches [Q&A]

September this year marked five years since the notorious Equifax data breach which exposed the social security numbers, birthdates, credit card details, and more of millions of customers.

But how much has the industry learned from this breach? And what measures can be used to help avoid similar issues in the future? We spoke to Ian Coe, co-founder at Tonic.ai to find out why fake data might be the answer.

Continue reading

SMB's security spending is not keeping up with threats

Lock and money

A survey of over 1,200 cybersecurity decision-makers from small and medium-sized businesses in Europe and North America shows 74 percent believe that they are more vulnerable to cyberattacks than enterprises.

The study from ESET also reveals that 70 percent of businesses surveyed admit that their investment in cybersecurity hasn't kept pace with recent changes to their operational models such as hybrid working.

Continue reading

Cyber threat activity continues to grow in Q3

open digital lock

New data from managed security service provider Nuspire reveals large increases in overall threat activity in the second quarter of this year continued throughout Q3, with additional growth in both exploits and botnets.

There's been a 236.22 percent jump in Kryptik variants -- a type of trojan malware distributed to victims through phishing campaigns, the goal being to steal information, including cryptocurrency wallets, files and SSH keys.

Continue reading

Threat intelligence adoption grows but skills lag behind

A new study from Vulcan Cyber shows 75 percent of organizations have dedicated threat intelligence teams and two-thirds have dedicated threat intelligence budgets.

However, 73 percent of respondents say a lack of skills is their biggest threat intelligence challenge and is keeping organizations from making the most of their investments in threat intelligence resources.

Continue reading

Email is the top vector for cyberattacks

Malicious email

Hot on the heels of a report showing that 40 percent of business emails have unwelcome content, comes another report revealing that email is now the top way of delivering cyberattacks.

The report from Tessian shows that 94 percent of organizations experienced a spear phishing or impersonation attack, and 92 percent suffered ransomware attacks over email this year.

Continue reading

Four out of 10 work emails are unwanted

Email attack

Analysis of over 25 billion emails from Hornetsecurity reveals that 40.5 percent of work emails are unwanted.

We're tempted to say, "only four out of 10?" but it all depends how you define unwanted. The report looks specifically at the use of email to deliver malicious payloads -- so those emails from your boss that you'd rather not receive don't count!

Continue reading

Only a quarter of businesses have confidence ex-employees can no longer access infrastructure

Laptop with red Wi-Fi logos

Only 24 percent of respondents to a new survey are fully confident that ex-employees no longer have access to their company's infrastructure, while almost half of organizations are less than 50 percent confident that former employees no longer have access.

The study from Teleport also finds infrastructure is becoming more complex, with organizations using on average 5.7 different tools to manage access policy, making it complicated and time-consuming to completely shut off access.

Continue reading

12 percent of employees take IP with them when leaving a job

New research into hundreds of insider threat investigations released by DTEX shows that 12 percent of employees take sensitive intellectual property with them when they leave an organization.

The DTEX i3 (Insider Intelligence and Investigations) team has produced an infographic of the results of the research.

Continue reading

New platform aims to tackle API security problems

api

API security is a major challenge for IT teams, traditional solutions are often fragmented, leading to the need for multiple products and added complexity and cost.

Israeli cybersecurity startup Wib is launching a holistic API security platform to bring complete visibility and control across the entire API ecosystem from code right through to production.

Continue reading

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.