Ian Barker

Software supply chain attacks grew by more than 300 percent in 2021 compared to 2020 as attackers focused on open source vulnerabilities and poisoning, code integrity issues, and exploiting the software supply chain process and supplier trust to distribute malware or backdoors.

According to Aqua Security's Argon Security arm, 2021 Software Supply Chain Security Review, security across software development environments remains low, and significantly, every company evaluated had vulnerabilities and misconfigurations that could expose them to supply chain attacks.

Continue reading →

Multicloud strategies have led to a surge in complexity, with enterprise infrastructure teams dealing with big volumes of data as they try to monitor and manage their constantly changing environments.

A new study from software intelligence company Dynatrace shows that as a result, teams are spending 42 percent of their time on manual, routine tasks, limiting their ability to accelerate innovation and highlighting the need for increased use of AI and automation.

Continue reading →

New data shows that while total perimeter malware detection volume has decreased, endpoint malware detections had already surpassed the total volume seen in 2020 by the third quarter of 2021.

The latest quarterly report from WatchGuard Technologies also shows a continuing trend for a significant percentage of malware to arrive over encrypted connections, the percentage delivered via TLS jumping from 31.6 percent to 47 percent.

Continue reading →

Financial services companies on the Bugcrowd platform experienced a 185 percent increase in the last 12 months for Priority One (P1) submissions, which relate to the most critical vulnerabilities.

According to activity recorded on the Bugcrowd Security Knowledge Platform, high-level trends include an increase in ransomware and the reimagining of supply chains, leading to more complex attack surfaces during the pandemic.

Continue reading →

Although Secure Access Service Edge (SASE) is widely seen as the answer to balance network performance and security, new research from Cato Networks shows a radical approach is needed in order to reap the full benefits.

The study of over 2,000 IT leaders and nearly 1,000 channel partners doesn't show much difference between those who have and have not adopted SASE. When asked how they react to performance issues with cloud applications, 67 percent of SASE users and 61 percent of non-SASE users claim they would add bandwidth, while 19 percent of SASE users and 21 percent of non-SASE users would look to WAN optimization appliances.

Continue reading →

Back in November last year we reported on Amazon's decision to stop accepting UK issued Visa credit cards due to high processing charges.

The change was due to take place this Wednesday (January 19) but it seems that an 11th hour deal may have been reached to allow customers to continue using their Visa cards.

Continue reading →

Historically identity and access management has been built around an on-premises model. But with more systems now residing in the cloud the old way of doing things isn't working.

To find out more about why the cloud needs a new approach to IAM we spoke to Britive CEO, Art Poghosyan, about the challenges it raises and how to address them.

Continue reading →

We none of us particularly like handing over money, and that applies equally to businesses and individuals.

Payments are essential to the commercial world, up to now though they've always been a quite labor intensive to process. But what if it could be automated? Would you feel comfortable handing over control of payments to AI?

Continue reading →

Adobe Creative Cloud hosts popular apps including Photoshop and Acrobat, it also aids collaboration by allowing users to share documents.

Cybersecurity researchers at Avanan have discovered that hackers are now exploiting these file-sharing services as a phishing attack vector by sending legitimate emails through a trusted sender, bypassing ATP protection via Adobe’s SaaS offering.

Continue reading →

As baby boomers reach retirement age, younger people are taking their place in the workforce. But does this lead to a loss of skills that aren't being replaced?

A new study commissioned by Appgate looks at how generational differences impact cybersecurity teams and the benefits to be gained from having an inter-generational mix of staff.

Continue reading →

The financial services industry is a prime target for cybercriminals due to the vast sums of money managed but also the quantity and quality of sensitive information that is collected by these institutions.

A new industry report by Blueliv uses threat intelligence gathered by the company’s Threat Compass to assess the evolving threat landscape surrounding the financial services sector.

Continue reading →

Since the Log4Shell attack targeting a log4j vulnerability was first uncovered towards the end of last year it's posed a threat to web servers worldwide.

It's a tricky problem to address because doing so means updating software dependencies. Meanwhile attackers are seeking to inject text into log messages or log message parameters, then into server logs which can then load code from a remote server for malicious use, using obfuscation techniques to hide from security software.

Continue reading →

Last year 48 percent of ransomware attacks were directed at targets in the United States, with industrial and energy, retail, and finance businesses among the most threatened.

Research from AtlasVPN finds that out of 2,845 witnessed ransomware attacks worldwide in 2021 1,352 were launched against targets in the US. Meanwhile one in five attacks were against European countries with France suffering 146 attacks, the UK 139 and Germany 115.

Continue reading →

The majority of data breaches are down to compromised credentials that allow privileged access to corporate systems, in particular infrastructure secrets such as API keys, certificates, database passwords and access keys.

Keeper Security is launching a new solution to help businesses in securing these secrets. Keeper Secrets Manager is cloud-based, fully-managed and uses innovative security architecture.

Continue reading →

A new survey by NordVPN reveals that 73 percent of Americans are worried about being tracked online, and 35 percent think they are being tracked almost all the time.

The majority of Americans believe they are mostly tracked by criminals (60 percent) and the government (47 percent), but they're also worried that social media giants like Facebook (46 percent), brands or advertising agencies (34 percent), and information and advertising aggregators like Google (40 percent) are following their activities online.

Continue reading →