Search engine optimization (SEO) is used to boost the ranking of websites by ensuring they offer quality content and a good user experience.

But new research from global threat intelligence firm Cybersixgill shows, perhaps not too surprisingly, that similar techniques are being exploited by threat actors to boost trust in their sites.

Continue reading →

Microsoft has teamed up with Mastercard to launch a new identity protection solution which has been designed to help tackle digital fraud.

Mastercard has boosted its existing Digital Transaction Insights solution by adding next-generation authentication and real-time decisioning intelligence capabilities. The system helps merchants to verify customers' identities, and Microsoft will be providing its own insights and integrating the technology across its business.

Continue reading →

Every day, there seems to be a new headline about the latest ransomware threat, supply chain attack or malware strain.

And, while these are very real risks that organizations need to take seriously, an equally important security issue, albeit a much less publicized one, is the divide between security teams and professionals responsible for IT service management (ITSM).

Continue reading →

Security researchers at Microsoft have found a series of vulnerabilities affecting Linux. Collectively named Nimbuspwn, the security flaws can be chained together to allow an attacker to gain root access to a system.

Microsoft warns that the vulnerabilities, which are being tracked as CVE-2022-29799 and CVE-2022-29800, could also be exploited to execute ransomware attacks and more.

Continue reading →

The first quarter of 2022 has seen a rise in cybercriminals deceiving victims through new deepfakes and crypto scams to gain access to their financial or personal information.

The latest quarterly Consumer Cyber Safety Pulse Report from Norton Labs reveals deepfakes -- computer-generated images and videos -- are on the rise and being utilized by bad actors to spread disinformation.

Continue reading →

New research from Vectra AI reveals that 74 percent of respondents experienced a significant cybersecurity event in the past year.

The study surveyed 1,800 global IT security decision-makers at companies with over 1,000 employees and finds that 92 percent of respondents say that they had felt increased pressure to keep their organization safe from cyberattacks over the past year.

Continue reading →

The FBI has warned food and agriculture companies to be prepared for ransomware operatives to attack agricultural entities during planting and harvest seasons.

The FBI warning notes previous ransomware attacks during these seasons against six grain cooperatives during the fall 2021 harvest and two attacks in early 2022 that could impact the planting season by disrupting the supply of seeds and fertilizer.

Continue reading →

New phishing sites are launched on a regular basis, even back in 2017 1.4 million were launching every month according to Webroot, and most of them exist for less than 24 hours.

This makes it hard for security teams to pre-empt attacks, but email and brand protection company Red Sift has come up with an answer in the launch of a new platform that proactively uncovers impersonation domains and takes them down before they can be exploited.

Continue reading →

To celebrate the first anniversary of its Autofill tool, Microsoft has added new capabilities to its password security utility.

Available to use with Microsoft Edge natively, on iPhones and Android devices via an app, and in Chrome using an extension, Microsoft Autofill makes it easy to store and sync passwords in the cloud and have them automatically entered in logon forms. A new update to Microsoft Authenticator app means that it can now be used to generate strong passwords on demand.

Continue reading →

As organizations move to fully embrace cloud, the significant benefits of running IT infrastructure via cloud services are becoming even more evident. Not only do cloud-based services come at a far lower cost than physical platforms and deployments, IT leaders are also able to side-step much of the risk and 'heavy lifting' around tech investment and maintenance by moving this out of local data centers. They can also enjoy expert third-party systems management and reliable service delivery, without having to give up much of the control for end users.

Microsoft 365 is a great case in point. The procurement model for this ever-expanding suite of high-qual­ity IT services is based around a price per user. It is easily scalable as teams and organizations grow and can therefore help to optimise budgets, avoiding payment for infrastructure that may go unused. It’s also growing, with new features and functionality added every day that will keep IT departments at the cutting edge of optimal business processes.

Continue reading →

A new study shows that 69 percent of tech executives believe shadow IT is a top security concern related to SaaS adoption.

The report from automated SaaS management platform Torii reveals 41 percent of executives say challenges with SaaS spend visibility and optimization have impacted the way their organization operates.

Continue reading →

We're all used to those irritating questions you have to answer when you contact a company: the make of your first car, the town where you were born, the dog's maiden name, etc. But it seems that criminals may actually be better at answering them than we are.

Fraudsters are able to pass knowledge based authentication (KBA) questions 92 percent of the time, based on a national contact center case study, while genuine customers only pass KBA's 46 percent of the time.

Continue reading →

Attackers are finding new ways to target cloud-native environments according to a new report from Aqua Security's Nautilus threat research team.

While cryptominers are the most common malware observed, with increasing frequency researchers have discovered an increased usage of backdoors, rootkits and credential stealers.

Continue reading →

Cybercrime tends to follow the money when it comes to selecting targets, so it’s perhaps not too surprising to learn that 63 percent of financial institutions admit experiencing an increase in destructive attacks.

The latest Modern Bank Heists report from VMWare surveyed the financial industry's top CISOs and security leaders on the changing behavior of cybercriminal cartels and the defensive shift in the sector.

Continue reading →

While the Russian security firm has fallen out of favor in recent months, Kaspersky has announced that it has managed to crack the Yanluowang ransomware.

Yanluowang was discovered by Symantec last year, and now Kaspersky has identified a vulnerability in the encryption algorithm it uses. This has enabled the company to develop a free decryption tool which can be used by ransomware victims to get their data back without having to pay a cent.

Continue reading →