Articles about Security

Cyber resilience has been a high-profile issue across industries, especially since the pandemic. As organizations were forced to adopt hybrid working, they had to reconsider infrastructural configuration. Facilitating remote working meant that businesses needed to consider a plethora of new endpoint devices connecting to the enterprise network. This increasing digital landscape is creating a wide range of complexities for businesses around network management and device visibility.

The ever-evolving IT estate is only a part of the cyber-security team’s challenges. It is almost impossible to 'solve' the complexity it brings with it because the requirements of dealing with and handling the technology keep changing. The security team's preparedness, ability to work under pressure, and people skills will determine how resilient an organization is, and how well it can detect, defend, and respond to a new or emerging attack. It is therefore vital to give teams the capabilities they need adapt to the ever-changing threat landscape. security teams.

Continue reading →

The change to hybrid work and increased adoption of cloud-based services has led to greater pressure on enterprises to get a grasp on their identity management.

Digital identity company ForgeRock is launching a new identity governance solution designed to address identity and compliance issues for large organizations.

Continue reading →

Two years ago when we reviewed the Firewalla Blue we remarked on how tiny it was relative to the level of protection it offers.

The recently launched Gold Plus version is a much bigger and more serious piece of kit aimed at small businesses and professional home users. It offers the same simple, plug-in protection as the Blue but can be used in a number of other ways too.

Continue reading →

Containers are meant to be immutable.Once the image is made, it is what it is, and all container instances spawned from it will be identical. The container is defined as code, so its contents, intents and dependencies are explicit. Because of this, if used carefully, containers can help reduce supply chain risks.

However, these benefits have not gone unnoticed by attackers. A number of threat actors have started to leverage containers to deploy malicious payloads and even scale up their own operations. For the Sysdig 2022 Cloud-Native Threat Report, the Sysdig Threat Research Team (Sysdig TRT) investigated what is really lurking in publicly available containers.

Continue reading →

When buying a smartphone, you have two real choices. You can opt for an iPhone, which runs iOS, or one of the many Android handsets available from the likes of Google, Samsung, Huawei, OnePlus and Sony.

If you value your privacy, then you might want a phone that truly does too. Volla Phone 22, from German firm Hallo Welt Systeme UG, is a good-looking device that is focused on keeping you safe and secure. It runs a choice of operating systems -- Volla OS, Ubuntu Touch, and the recently added Sailfish OS -- that can be selected on start-up. Support for additional mobile operating systems is coming soon.

Continue reading →

Crypto mining has become incredibly popular with cybercriminals over the past year, growing by 230 percent. It's not hard to see why as it's expensive in terms of machinery and energy consumption, so if you can cryptojack someone else's machine to do it there are healthy profits to be made.

New research from Kaspersky shows that despite the 'crypto winter' which has seen the value of cryptocurrencies drop significantly and the cryptocurrency industry facing a liquidity crisis, criminal activity targeting the crypto industry doesn’t seem to be slowing down.

Continue reading →

September this year marked five years since the notorious Equifax data breach which exposed the social security numbers, birthdates, credit card details, and more of millions of customers.

But how much has the industry learned from this breach? And what measures can be used to help avoid similar issues in the future? We spoke to Ian Coe, co-founder at Tonic.ai to find out why fake data might be the answer.

Continue reading →

A survey of over 1,200 cybersecurity decision-makers from small and medium-sized businesses in Europe and North America shows 74 percent believe that they are more vulnerable to cyberattacks than enterprises.

The study from ESET also reveals that 70 percent of businesses surveyed admit that their investment in cybersecurity hasn't kept pace with recent changes to their operational models such as hybrid working.

Continue reading →

New data from managed security service provider Nuspire reveals large increases in overall threat activity in the second quarter of this year continued throughout Q3, with additional growth in both exploits and botnets.

There's been a 236.22 percent jump in Kryptik variants -- a type of trojan malware distributed to victims through phishing campaigns, the goal being to steal information, including cryptocurrency wallets, files and SSH keys.

Continue reading →

A new study from Vulcan Cyber shows 75 percent of organizations have dedicated threat intelligence teams and two-thirds have dedicated threat intelligence budgets.

However, 73 percent of respondents say a lack of skills is their biggest threat intelligence challenge and is keeping organizations from making the most of their investments in threat intelligence resources.

Continue reading →

Hot on the heels of a report showing that 40 percent of business emails have unwelcome content, comes another report revealing that email is now the top way of delivering cyberattacks.

The report from Tessian shows that 94 percent of organizations experienced a spear phishing or impersonation attack, and 92 percent suffered ransomware attacks over email this year.

Continue reading →

Analysis of over 25 billion emails from Hornetsecurity reveals that 40.5 percent of work emails are unwanted.

We're tempted to say, "only four out of 10?" but it all depends how you define unwanted. The report looks specifically at the use of email to deliver malicious payloads -- so those emails from your boss that you'd rather not receive don't count!

Continue reading →

Only 24 percent of respondents to a new survey are fully confident that ex-employees no longer have access to their company's infrastructure, while almost half of organizations are less than 50 percent confident that former employees no longer have access.

The study from Teleport also finds infrastructure is becoming more complex, with organizations using on average 5.7 different tools to manage access policy, making it complicated and time-consuming to completely shut off access.

Continue reading →

New research into hundreds of insider threat investigations released by DTEX shows that 12 percent of employees take sensitive intellectual property with them when they leave an organization.

The DTEX i3 (Insider Intelligence and Investigations) team has produced an infographic of the results of the research.

Continue reading →

API security is a major challenge for IT teams, traditional solutions are often fragmented, leading to the need for multiple products and added complexity and cost.

Israeli cybersecurity startup Wib is launching a holistic API security platform to bring complete visibility and control across the entire API ecosystem from code right through to production.

Continue reading →