Articles about Security

Coverage of fraud tends to focus on the online methods such as phishing, credential stuffing, opening fake accounts and so on.

But there's another side to the problem in the form of voice fraud via 'vishing' and the use of social engineering techniques, this is made simpler by the ease with which numbers can be spoofed so a call can appear to come from a legitimate number such as your bank.

Continue reading →

Many recent cyberattacks have focused on the software supply chain, with SolarWinds being perhaps the most high profile example.

Businesses can often have a blind spot when it comes to the supply chain and this can have catastrophic consequences. We spoke to Todd Carroll, CISO of CybelAngel to learn more about the problem and what companies can do to keep themselves safe.

Continue reading →

The rapid shift to cloud and remote working environments has raised security concerns for businesses and also meant hackers have increasingly turned their attention to cloud-native systems.

In response to this, digital forensics platform Cado Security is offering enterprises unlimited access to its Cado Response platform, including container and memory forensics, for 14-days, allowing them to carry out a free investigation.

Continue reading →

Despite a marked increase in concerns around malware attacks and third-party risk, only eight percent of organizations with web applications for file uploads have fully implemented the best practices for file upload security.

This is among the findings of the latest Web Application Security Report from critical infrastructure protection specialist OPSWAT.

Continue reading →

The latest analysis of phishing data from the Cyren Incident and Response team shows that 88 percent of evasive threats were detected using real-time techniques like machine learning.

Of the remainder six percent were found with proprietary threat intelligence or readily matched patterns from previous attacks, and the remaining six percent were suspicious messages that required human analysis to confirm the detection.

Continue reading →

Many organizations have been quick to adopt containerization and particularly Kubernetes. But while there are advantages in scale and flexibility, it also raises issues around cloud-native data protection practices.

So how can businesses adopt the technology but still protect their information? We spoke to Gaurav Rishi, VP product, at Kubernetes backup specialist Kasten by Veeam to find out.

Continue reading →

Almost all UK business leaders and IT decision makers either plan to or have already started implementing zero trust strategies at their organizations according to new research from Illumio.

The research also looks at the barriers that prevent organizations from adopting zero trust. The main technological barriers include legacy systems that can't be upgraded (29 percent) and cost constraints (22 percent).

Continue reading →

According to a new report 40 percent of all SaaS assets are un-managed, leading to a greater degree of internal, external, and public access to sensitive data.

The report from data access company DoControl categorizes data by insider and external threats. It finds that, in companies analyzed, an average of 400 encryption keys are shared internally to anyone with a link.

Continue reading →

A report out today shows that 85 percent of enterprises have increased their budget investment in security operations during the pandemic, while 72 percent have increased their staffing and 79 percent have increased their adoption of advanced security technologies.

The study from the CyberRes arm of Micro Focus also reveals that security operations centers (SOCs) have increased their adoption of the cloud, with 95 percent now deploying their solutions in hybrid-cloud environments.

Continue reading →

As a big chunk of the world suddenly started to work from home during the pandemic, many companies turned to VPNs as a means of securing remote access.

However, as more systems are now in the cloud and secured using zero trust network access (ZTNA) is the age of the VPN over? We spoke to Robert Byrne, field strategist at One Identity to find out.

Continue reading →

Security is one of the most important components to every company’s computer network. That’s why the Security Fundamentals MTA Certification is so highly sought after. Filling IT positions is a top problem in today’s businesses, so this certification could be your first step toward a stable and lucrative IT career.

Security Fundamentals is your guide to developing a strong foundational understanding of Windows security, so you can take your IT career to the next level and feel confident going into the certification exam.

Continue reading →

Analysis by CybSafe of incidents reported to the UK's Information Commissioner's Office (ICO) shows that ransomware attacks made up 22 percent of all reported cyber security incidents in the first half of 2021. This is up from 11 percent in the first half of 2020

Phishing still leads, accounting for 40 percent of all cybersecurity cases reported to the ICO, slightly down from 44 percent the year before, but ransomware has now edged into second place.

Continue reading →

A report released today finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a major challenge.

The study, from container security specialist NeuVector, polled over 1,200 DevOps professionals attending KubeCon EU 2021 and shows over 89 percent have container deployments active, and 88 percent are planning additional deployments in the next six to 12 months.

Continue reading →

Data is the lifeblood of businesses, but managing it effectively and keeping it secure presents some significant challenges.

How do you ensure that you have the latest information for example? And how can you be certain your compliance procedures are up to date?

Continue reading →

Industrial control system (ICS) vulnerability disclosures are increasing as recent high-profile cyberattacks on critical infrastructure and industrial enterprises have made ICS security a mainstream issue.

The latest biannual ICS Risk & Vulnerability Report released today by Claroty shows a 41 percent increase in ICS vulnerabilities disclosed in the first half of 2021 compared to the previous six months, which is particularly significant given that in all of 2020 they increased by 25 percent from 2019 and 33 percent from 2018.

Continue reading →