Articles about Security

As we've grown more and more reliant on the internet to carry out everyday transactions, proving who we are has become a major issue.

We are still heavily dependent on IDs, passwords and supplementary security questions, but all of these are open to abuse leading to the risk of identity theft.

Continue reading →

A new study reveals that 97 percent of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain and 93 percent have suffered a direct cybersecurity breach.

The third-party cyber risk survey form BlueVoyant also shows the average number of breaches experienced in the last 12 months grew from 2.7 in 2020 to 3.7 in 2021 -- a 37 percent year-on-year increase.

Continue reading →

As the IT landscape has evolved, securing hybrid and cloud environments has become a more complex and challenging process.

To improve Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces, operation-centric cyber attack protection specialist Cybereason, and Google Cloud have today announced a collaboration.

Continue reading →

Remote working is leading to increased cyber risk for smaller enterprises according to new research from data center specialist ServerChoice.

New working patterns brought about by COVID mean that many technical staff at SMEs are now based remotely and 77 percent see remote working as an increased risk to their business.

Continue reading →

Containers have provided greater flexibility and enabled developers to think less about their infrastructure. However, securing them presents a challenge.

Traditional workload protection technologies designed for static workloads don't work well on minimized, ephemeral container workloads. There's also increased use of open source software that presents additional risks.

Continue reading →

As businesses rely more on the cloud and virtual infrastructure, so the potential for both configuration errors and cyberattacks increases.

The pandemic has only made the problem worse and in many cases led to a loosening of security policy. What do organizations need to do to address the issue and protect their systems? We spoke to Tal Morgenstern, Vulcan Cyber CPO and co-founder, to find out.

Continue reading →

While a great deal of news articles, white papers, and security solutions are focused on 0-days and vulnerabilities, the core vulnerability of all of our information technology is people. Our entire tech stack makes it easy for users to make mistakes because the fundamental problem is that there is no good way to authenticate anyone or anything online. In 1993, a comic in the New Yorker famously said, "On the Internet, nobody knows you’re a dog", and not much has changed in 28 years.

One of the key ways attackers get an initial foothold into organizations is by tricking users to compromise themselves, often using brand impersonation. A recent study stated that there were 88 instances where malicious mobile apps attempted to impersonate TikTok. The reason, people share TikTok videos, it’s immensely popular, and it has a trusted brand-name, so people feel safe.

Continue reading →

A new survey of over 700 small and medium businesses shows that 80 percent say they feel more secure now than they did last year in spite of increasing levels of cyberattacks.

The study from network security specialist Untangle shows security budgets increasing over 2020 levels too.

Continue reading →

As more data moves to the cloud, platforms like AWS are becoming an increasingly attractive target for ransomware operators.

A new study by cloud infrastructure company Ermetic finds that 70 percent of environments studied had machines that were publicly exposed to the internet and were linked to identities whose permissions could be exploited to allow the machines to perform ransomware.

Continue reading →

A browser-based endpoint solution created to address the unique threats imposed by the hybrid workforce and designed with employee experience in mind is being launched today by Talon Cyber Security.

TalonWork can be deployed across the organization in less than an hour, allowing security leaders to make the browser their first line of defense with minimum complexity, cost and without additional hardware.

Continue reading →

A new survey from automation platform Ivanti reveals that 71 percent of IT and security professionals find patching to be overly complex, cumbersome, and time consuming.

In addition 57 percent of respondents say that remote work has increased the complexity and scale of patch management.

Continue reading →

UK businesses faced a new cyberattack every 47 seconds over the summer as the volume of attempts to breach their systems online increased following an earlier slowdown.

Analysis of commercial internet traffic from business ISP Beaming shows that the attack rate increased by four percent between July and September, having fallen in the second quarter.

Continue reading →

Portable hardware authentication dongles are pretty darn cool -- they can be a great way to secure access to various devices, applications, and services using hardware. Google offers its own Titan security keys, for instance, but the search giant likely isn't the first company that comes to mind for these products. Actually, Yubico is probably the name most associated with authentication dongles.

Believe it or not, Yubico's popular YubiKey devices have not yet been offered with biometric support. Thankfully, this changes today. You see, the all-new YubiKey Bio features a fingerprint reader for an added level of security. Not only must you physically have possession of the YubiKey Bio to use it, but you must prove you are its owner by scanning your finger.

Continue reading →

Global losses from cybercrime now total more than $1 trillion, recent figures indicate, meaning that every business now must implement an effective threat hunting program has to protect its data security -- and long-term future. Establishing a threat hunting program from scratch may seem daunting, but it doesn’t have to be. Like so many things in life, the hardest part is taking the first step.

Even on a tight budget, numerous tools -- with SIEM, logs, and analytics -- can help security professionals start a robust threat hunting program. Below are the three main steps involved:

Continue reading →

High volumes of threats and shortages of skilled staff can lead to security teams becoming overwhelmed and this has led many companies to turn to professional and managed services.

Network detection and response (NDR) specialist ExtraHop is launching an expansion of its expanded Reveal(x) Advisor service that provides threat detection and hunting capabilities alongside network assurance analysis.

Continue reading →