Articles about Security

Security specialist One Identity is launching its Active Roles and Password Manager products in a software-as-a-service format.

Retaining the full capabilities of One Identity's on-premises solutions, the SaaS offerings are hosted, managed and operated within the One Identity Cloud. There's also a new SaaS-delivered solution, Starling CertAccess, which delivers access request and certification Active Directory (AD) and Azure Active Directory (AAD) in the enterprise.

Continue reading →

More than half of companies in India, Austria and the US experienced ransomware attacks in the past year, compared to a global average of 37 percent.

Data from Atlas VPN, based on research by Sophos, shows that out of 300 interviewees from India, 68 percent suffered from a ransomware attack, while 57 out of 100 respondents from Austria did so.

Continue reading →

Conventional encryption methods rely on the exchange of keys. This can leave them vulnerable, particularly when they're used on public cloud services.

One way around this is to use homomorphic encryption, this permits third party service providers to perform some types of operations on a user's data without needing to decrypt it.

Continue reading →

The median attacker dwell time before detection is 11 days or 256 hours, according to data from Sophos. That's time in which they're free to conduct malicious activity, such as lateral movement, reconnaissance, credential dumping, data exfiltration, and more.

The company has released an 'Active Adversary Playbook' detailing attacker behaviors and the tools, techniques and procedures (TTPs) that Sophos' frontline threat hunters and incident responders saw in the wild in 2020.

Continue reading →

Nearly half (49 percent) of US employees create their own tricks and shortcuts for managing logins, leaving business systems open to attack.

A new report from password manager company Dashlane, created in conjunction with Datalands and based on a survey of 1,000 people, identifies four different employee personas, and the potential barriers these employees may cause to security culture.

Continue reading →

As more systems move to the cloud the threat landscape becomes more complex and detecting events that require urgent attention is more difficult.

Many businesses are turning to AI to help and threat detection specialist Vectra AI has released a new report focusing on the top 10 threat detections seen across Microsoft Azure AD and Office 365 environments.

Continue reading →

New research from Akamai Technologies reveals that financial services firms suffered 3.4 billion credential stuffing attacks in 2020, a 45 percent year-on-year increase.

The report also observed nearly 6.3 billion web application attacks in 2020, with more than 736 million targeting financial services -- an increase of 62 percent from 2019. Over the past three years (2018-2020), DDoS attacks against the financial services sector grew by 93 percent.

Continue reading →

Over the last 12 months, you certainly have heard about an increasingly complex and sophisticated barrage of cyber threats. However, if your business has a limited number of IT staff and resources, you may be questioning whether having comprehensive data protection is even possible. As we have seen, cyber-attacks are not only impacting larger enterprise organizations. They affect companies of all sizes, many of which can’t afford to build and manage a Security Operations Center (SOC) with technology and skilled security staff needed to detect and contain these attacks 24 hours a day.

It may feel daunting as a smaller organization, cybercriminals might have an inherent advantage. However, many small to midsize organizations are still relying solely on basic protection like anti-virus and firewalls. Just having these baseline protections is simply not enough, and you do not have the luxury of just ignoring the situation.

Continue reading →

Being able to find web vulnerabilities as soon as they emerge, before attackers can exploit them, is critical for organizations wanting to stay on top of web application security.

Saas security specialist Detectify is launching a new stand-alone application security tool that's specifically tailored for ethical hackers, making it easier for them to share their latest findings.

Continue reading →

Identity solutions provider GlobalSign today celebrates the significant milestone of 25 years as a Certificate Authority (CA).

The company has grown from just a few employees in 1996 to become one of the world's top CAs -- as well as the longest operating -- with over than 550 employees in more than a dozen countries.

Continue reading →

It's only a week since Microsoft stopped supporting some older versions of Windows 10 -- specifically the Home and Pro editions of Windows 10 versions 1803, 1809 and 1909 -- but it won't be long before the effects are felt.

While Windows 10 version 1809 reaching "end of servicing" means there will be no more official patches and updates from Microsoft, the operating system will not be left completely unsupported. For anyone unwilling or unable to upgrade to a more recent build of Windows 10, micro-patch service 0patch has stepped up to the plate to lend a hand.

Continue reading →

A new technology agnostic and fully customizable security operating system that consolidates an organization's entire technology stack into a single pane of glass is being launched by managed security services company Nuspire.

Called myNuspire, it will give CISOs and security analysts a clear picture into the security program and posture of their organizations in real-time, together with on-demand threat intelligence capabilities.

Continue reading →

A survey of 300 security leaders in the US by Scale Venture Partners shows 94 percent say that C-level executives have a better understanding of cybersecurity risks than a year ago.

This is probably due to the twin impacts of the pandemic and the SolarWinds attack. Half say they will increase security budgets to address the impact of SolarWinds, while 40 percent have increased their cyber headcount during the pandemic.

Continue reading →

The death of the password has been predicted for a long time, yet it remains the most common way of logging into systems.

Identity management company Beyond Identity is looking to solve what is one of the biggest challenges in IT security and aims to re-establish trust in authentication chains by finally eliminating passwords as the weakest link.

Continue reading →

The core of the Internet is getting weaker as we connect ever more of our lives -- phones, tablets, cars, refrigerators -- to it. Meanwhile, the attacks are getting stronger.

Cybercrime is a global pandemic. Cybersecurity is mainstream today because we’ve seen the repercussions personally, professionally and financially from not keeping our corporate and customer data secure.

Continue reading →