Microsoft 365 targeted as businesses struggle to block email threats
A new study commissioned by email security company Cyren from Osterman Research seeks to understand how businesses using Microsoft 365 for email are being impacted by email-borne security threats, such as phishing, business email compromise (BEC), and ransomware attacks.
It shows security team managers are most concerned that current email security solutions do not block serious inbound threats -- particularly ransomware. Fewer than half of organizations surveyed rank their currently deployed email security solutions as effective.
Organizations not equipped to handle increasing third-party risks
A new study into third-party risk management shows that 45 percent of organizations experienced a third-party security incident in the last year.
But the report from Prevalent also also reveals that eight percent of companies don't have a third-party incident response program in place, while 23 percent take a passive approach to third-party incident response.
GitHub to introduce 2FA requirement for developer accounts
GitHub has announced plans that will require call code contributors to enable at least one form of two-factor authentication (2FA) as a security measure.
Although the requirement for the extra protection will not kick in immediately, it is something that developers need to be aware of if they want to continue to use the platform.
Many of your 'secure' passwords will have been leaked or compromised -- here's how to easily check and change them
I reuse passwords regularly. But, here’s the thing -- I only do so on websites where that doesn’t matter. Sites that I don’t need to revisit regularly, or at all, and which don’t hold any personal information on me. Those passwords tend to be short and easy to guess, and get leaked in breaches all the time. It’s no big deal.
What is a big deal, however, is when one of my carefully curated, long, complicated and never reused passwords gets leaked. And that can, and does, happen. There are a number of ways to find out if your passwords have been compromised, including using HaveIBeenPwned. But for this article I’m going to show you the best and easiest ways to find out what passwords have been leaked. I will warn you now, you may be in for a very nasty surprise.
World Password Day helps to raise security awareness
The death of the password is something that has been predicted for a very long time. But the venerable means of securing our accounts still clings tenaciously to life.
Today's World Password Day is designed to raise awareness of the continued importance of passwords and the need -- where we do still use them -- to change them and to choose strong words that are not easy to hack.
Three-quarters of companies focus development on cloud-native applications
More and more workloads are being shifted to the cloud and a new report from Tigera shows that 75 percent of companies are focusing development on cloud-native applications.
But this increased development and deployment of cloud-native applications also creates the need for more advanced observability and security capabilities.
How much does security software really slow down your PC?
One of the frequent complaints people make about security software is that it slows the performance of your system.
But how much difference does it really make? Independent testing organization AV-Comparatives has been carrying out some research to find out.
Developing smart tools for Windows -- the man behind CCleaner and Tweakeze [Q&A]
Heitor Tome is the man behind a new tool called Tweakeze which is designed to prevent unwanted changes to your computer.
But he also has a long history as the chief architect and software engineer behind popular cleanup program CCleaner -- indeed for several years he was its sole developer.
Brits have more online accounts but stick with the same old passwords
Since the start of the pandemic, the number of online accounts Britons now have has almost doubled -- going up from 18 to 32, but their password habits haven't improved.
New research from F-Secure ahead of Thursday's World Password Day shows 75 percent of Brits could be putting their finances and savings at risk by using the same password for their online banking as for other online accounts.
New endpoint solution delivers real-time protection against vulnerabilities
A new IT management and endpoint security solution from Syxsense promises to deliver real-time vulnerability monitoring and instant remediation for every endpoint across an organization’s entire network.
Syxsense Enterprise combines Syxsense Secure, Manage, and Mobile Device Manager to deliver a completely unified platform that scans and manages all endpoints, resolves problems in real-time, and reduces the risks associated with system misconfigurations.
Security professionals say attackers are better at using AI than defenders
Over 30 percent of cybersecurity professionals think that malicious actors are more adept at using AI to attack their organization than they are at leveraging AI in-house for defense.
A new survey carried out by Wakefield Research for Devo Technology also shows how organizations are struggling to effectively implement AI to aid and augment cybersecurity efforts, with more than 50 percent having to undertake major changes, or reset and start again.
Microsoft's SMB security tool, Microsoft Defender for Business, hits general availability
Microsoft has announced that its security tool for small to medium-sized businesses is now generally available. The standalone version of Microsoft Defender for Business helps to protect against ransomware and other cyber threats bringing, Microsoft says, "enterprise-grade endpoint security to SMBs".
Highlighting the importance of its solution, the company says that nearly a quarter of SMBs have experienced a security breach in the last year, often because they do not have the staff and resources available to enterprises. To help with this and to simplify deployment, Defender for Business comes with built-in policies to get customers up and running quickly.
Google SMTP service exploited to send spoof emails
Most of us don't think too much about the 'From' address field on our emails, it's filled in by your mail program or web service. At the recipient's end security tools can check this against the sending server to verify that the mail is legitimate.
But hold on a second, an SMTP relay server between the server and the inbox allows messages through even though the addresses don't match. This is how organizations send out mass mailings without them getting blocked.
Why networking technologies remain at the heart of online security [Q&A]
Networks and the internet are reliant on domain name servers, dynamic host control protocol, and IP address management. These three technologies -- grouped together as DDI (DNS, DHCP, IPAM) -- are central to the way things work but that also makes them a tempting target.
We spoke to Ronan David, chief of strategy at EfficientIP to find out why DDI is so vital to online security and how automation can help with defense.
The changing role of the CISO [Q&A]
Digital transformation, a shift to hybrid and remote working, and increasing regulatory pressure have seen major changes to the enterprise IT landscape in recent years.
CISOs have been at the heart of this, facing new challenges and taking on additional responsibilities. We spoke to Ben Smith, field CTO of NetWitness, to discuss these changes and find out what makes a good, or bad, CISO.
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.