Ian Barker

Cybersecurity is a priority for all enterprises. We regularly see news of data breaches across a wide range of industries, and as workforces increasingly move to a hybrid model the issue becomes more acute.

As businesses undergo digital transformation they need to update not only their tools but also their attitude toward keeping systems secure. We spoke to Pravin Kothari, executive vice president, product and strategy at cloud security company Lookout to find out why in a cloud-native world security needs a different approach.

Continue reading →

Undocumented malware only makes up a small proportion of files, yet it presents a high risk of infection. Sandboxing and analyzing everything in order to eliminate risk, however, has a major impact on performance.

To address this Cyren has produced Hybrid Analyzer. Using emulation -- effectively automatically reverse engineering the code contained in a file -- this new offering operates 100 times faster than a malware sandbox and between five and 20 times faster than alternative file analysis solutions.

Continue reading →

Every year, thousands of code vulnerabilities are discovered, patched and publicly disclosed to improve security for current and potential users.

But many of these vulnerabilities share common features, so what can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place? We talked to Johannes Dahse, head of R&D at clean code specialist SonarSource, to find out. 

Continue reading →

Until today Amazon WorkSpaces cloud desktop solution simply offered the option of either Windows or Amazon Linux machines. Now though Canonical has announced the availability of Ubuntu WorkSpaces on AWS.

This is a fully managed virtual desktop infrastructure (VDI) on the public cloud and the first third-party Linux OS to be available on the platform. It gives developers access to a wide choice of open source tools and libraries in cutting-edge fields like data science, artificial intelligence/machine learning, cloud and internet-of-things.

Continue reading →

Phishing is one of the most common methods of launching a cyberattack, yet new research from Red Sift shows that only a small percentage of publicly traded companies have fully adopted the latest email standards that could protect them and their customers.

DMARC (Domain-based Message Authentication, Reporting and Conformance) and BIMI (Brand Indicators for Message Identification) help prevent spoofing and allow businesses to display their logo on authenticated emails.

Continue reading →

Revenue loss from bot-driven account fraud and web scraping continues to increase according to a new report, with 69 percent of companies that have a bot management solution report losing more than six percent of their revenue due to account fraud this year.

Account fraud includes account takeovers and new account fraud, where fraudsters create fake accounts to gain access to loyalty programs and take advantage of promotional discounts.

Continue reading →

A new study of 3,000 individuals across the US, UK and Canada finds that although 58 percent of tech users that had access to cybersecurity training or education say they are better at recognizing phishing messages and related attacks, 34 percent still fell victim to at least one type of cybercrime.

The research from The National Cybersecurity Alliance and CybSafe shows that of more than 1,700 incidents of cybercrime that were disclosed by participants, 36 percent were phishing attacks that led to a loss of money or data, while 24 percent report falling victim to identity theft.

Continue reading →

According to a new report 81 percent of organizations have experienced a cloud-related security incident over the last 12 months, with almost half (45 percent) suffering at least four incidents.

The findings, from machine identity management specialist Venafi, reveal that the underlying issue for these security incidents is a dramatic increase in security and operational complexity connected with cloud deployments.

Continue reading →

According to a new report from Sysdig, the unified container and cloud security company, it costs $430,000 in cloud bills for an attacker to generate $8,100 in cryptocurrency revenue. This works out at a $53 cost to the victim for every $1 the cryptojacker makes.

The report takes an extensive look at TeamTNT, a notorious cloud-targeting threat actor that generates the majority of its criminal profits through cryptojacking. TeamTNT is best known for its crypto‐jacking worm activity, which began in 2019, exploiting vulnerable instances of popular key‐value store Redis.

Continue reading →

Businesses are starting to recognize the advantages of leveraging data-driven approaches to improve customer experience. These approaches are also hugely valuable when included in strategic roadmaps to increase engagement and return on investment.

Analytical data is ideal for businesses wanting to assess the needs of their target customers to deliver personalized experiences and attain more accurate forecasting and demand planning. Moreover, data from analytics promotes more effective inventory and supply chain management, compounding supply and fulfillment issues businesses are currently experiencing

Continue reading →

Digital transformation is still seen as a priority by many enterprises, but research for low-code application development platform, Toca, reveals the extent of the challenges faced by IT teams in delivering these projects.

Budget constraints, a lack of collaboration across the wider business, legacy systems, a shortage of developers and integration challenges are seen as the top five barriers to transformation initiatives.

Continue reading →

The latest development in the ongoing 'PayPal-gate' story is that the fintech giant has now reversed its decision and apologized for closing the Free Speech Union's account.

The FSU tweeted news of the decision yesterday evening following several days of people closing down their accounts and the stirring up of a political storm with questions asked in the UK parliament.

Continue reading →

US companies are the most affected by ransomware, with 46 percent of all ransomware attacks happening there, according to new research by cybersecurity company NordLocker.

But just who is being targeted? The research finds that out of 18 industries identified, construction accounts for 12 percent of all attacks. Next most likely to be hit are manufacturing (9.6 percent), transportation (8.2 percent), healthcare (7.8 percent), and tech/IT (7.6 percent).

Continue reading →

Cybercriminals have become more adept at bypassing defenses with new DDoS attack vectors and successful methodologies, according to the latest DDoS Threat Intelligence Report from NETSCOUT.

The report is based on intelligence on attacks occurring in over 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs). It finds there were over six million DDoS attacks in first half of 2022, with TCP-based flood attacks (SYN, ACK, RST) still the most used attack vector, accounting for around 46 percent.

Continue reading →

Nearly eight out of ten (79 percent) of UK and Irish IT decision makers and professionals say there are gaps between their data dependency, backup frequency, SLAs and ability to get back to productive business.

The results of the Data protection Trends Report from Veeam Software also show that 76 percent of respondents admit falling prey to at least one ransomware attack in the past year, with 65 percent now using cloud services as part of their data protection strategy to increase resiliency.

Continue reading →