Articles about Security

While 49 percent of security teams and 44 percent of networking teams report to the same boss, 37 percent of IT professionals state that these teams don't really work together much.

A new report from security cloud company Netskope shows that 50 percent of global CIOs -- and 51 percent of respondents generally -- say a lack of collaboration between specialist teams stops their organization from realizing the benefits of digital transformation.

Continue reading →

Dell has patched a recently discovered series of security flaws in a driver installed on hundreds of millions of computers. Tracked as CVE-2021-21551, no fewer than five high severity vulnerabilities were found to exist in Dell's dbutil_2_3.sys firmware update driver since 2009.

The flawed DBUtil driver is installed on consumer and enterprise desktops, laptops and tablets around the world. If exploited, the vulnerabilities could be used to "escalate privileges from a non-administrator user to kernel mode privileges". The problem only affected Windows systems, not those running Linux.

Continue reading →

As the speed and complexity of software development increases, security and development teams have seen the need to integrate and automate security testing within their development workflows.

But doing this can slow development pipelines and overwhelm teams with large volumes of testing results, many of which don't require immediate attention. To address this Synopsys is unveiling its new Intelligent Orchestration solution at the RSA Conference later this month.

Continue reading →

The digital transformation efforts spurred by COVID 19 have created major problems for enterprises in navigating privacy and security and put identity security high on the priorities list for this shift to a new, flexible work model

Identity management platform SecureAuth has announced updates to its platform to allow businesses to address these challenges.

Continue reading →

New research from IT services provider Ensono finds that security is the biggest concern for IT professionals considering, or already using, multi-cloud strategies.

UK IT professionals rate security, governance and cost optimization as their top three concerns for multi-cloud strategies, while security, cost optimization and maintaining a positive end user experience are the top concerns in the US.

Continue reading →

Recent high-profile supply chain attacks such as SolarWinds have highlighted how vulnerable the software development pipeline can be.

To find out more about why the CI/CD pipeline is particularly vulnerable to attacks and what can be done to prevent them, we spoke to Vickie Li, developer evangelist at ShiftLeft, which has just launched a new product, ShiftLeft CORE, aimed at reducing risk to the software code base.

Continue reading →

We looked last week at how government agencies are adapting to remote working, but a new report from ESET shows they are also facing a growing attack surface and greater challenges from APT groups and cybercriminals.

Many of the threats facing government have come from organized criminal groups, which have been increasingly willing to work together towards a common goal. Plus the line between cybercriminals and nation-state actors continues to blur.

Continue reading →

The pandemic boost to digital transformation last year has brought security into the spotlight as companies have scrambled to shift almost their entire organization to remote operations.

It’s more important than ever for businesses to identify and fix risks that could leave them open to a data breach, which is why RedMonocle is adding new features to its SaaS platform aimed at helping CISOs and other security leaders anticipate threats in their technology security stack.

Continue reading →

Three months ago, law enforcement agencies from across the planet worked together to bring down Emotet, one of the world's most infamous botnets.

This action resulted in huge numbers of compromised email addresses being obtained by the various agencies, and the FBI has now offered these to Have I Been Pwned (HIBP) to make it easier for anyone to check if their information was harvested and used by Emotet.

Continue reading →

Almost three-quarters (74 percent) of banks and insurers have experienced a rise in cybercrime since the pandemic began according to a new report.

The findings released today by by BAE Systems Applied Intelligence, the cyber and intelligence arm of BAE Systems, as part of The COVID Crime Index 2021 analyze the changing nature and impact of fraud, risk and cyber threats on UK and US financial institutions and consumers over the last 12 months

Continue reading →

The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021.

The latest Sophos State of Ransomware report also reveals that the average ransom paid is now $170,404, but that only eight percent of organizations managed to get back all of their data after paying a ransom, with 29 percent getting back no more than half of it.

Continue reading →

Widening visibility gaps in cloud infrastructure, end-user devices and Internet of Things (IoT) device initiatives are leading to increased risk and security incidents according to a study carried out by Enterprise Strategy Group (ESG) for Axonius.

More than 70 percent of respondents report that additional complexity in their environments has contributed to increasing visibility gaps. More than half cite the rapid shift to remote work and changes to technology infrastructure necessitated by security and privacy regulations as key reasons for this increased complexity.

Continue reading →

Looking to find the password for a Wi-Fi connection? There are various reasons you might want to retrieve the password for a wireless network you have already connected to, but it may not be obviously how to go about it in Windows 10.

Your router may have its security details helpfully printed on a sticker on the back, but this is not necessarily very accessible when you need to get the password for a new laptop or other device. Thankfully, there is a way to view saved Wi-Fi passwords in Windows 10, helping to make life a little easier.

Continue reading →

Researchers at digital risk protection company CybelAngel recently tracked bad actors targeting French hospitals by analyzing conversations on the dark web.

It discovered how cybercriminals plan healthcare-related fraud, ransomware and other attacks by obtaining stolen credentials, leaked database files and other materials from specialized sources in the cybercrime underground.

Continue reading →

You would think that getting to work for a ransomware gang would be a bit different from applying for a normal IT job.

However, after following up a post on a forum a researcher at CyberNews managed to get an interview with the Ragnar Locker ransomware operators which reveals a surprisingly corporate approach to recruitment and remuneration as well as uncovering some of how the gangs operate.

Continue reading →