Ian Barker

Ubuntu creator Canonical is launching a new Managed Apps platform, allowing enterprises to have their apps deployed and operated by Canonical as a fully managed service.

At launch the service will cover ten widely used cloud-native database and LMA (logging, monitoring and alerting) apps on multi-cloud Kubernetes but also on virtual machines across bare-metal, public and private cloud.

Continue reading →

Recorded Future has been logging sandbox submissions from its platform as mapped to the MITRE ATT&CK framework over 2019 and has released a list of the most frequently referenced tactics and techniques.

The most common tactic in the results is Defense Evasion and the most common technique Security Software Discovery. Defense Evasion involves avoiding detection by, among other things, hiding in trusted processes, obfuscating malicious scripts, and disabling security software.

Continue reading →

New research commissioned by analytics database Exasol finds that 63 percent of UK data decision makers experience resistance from employees in adopting data-driven methods.

Key drivers of this resistance are anxiety over job redundancy if all decisions are based on data (39 percent), a lack of understanding (39 percent), and a lack of education on the positive impact data can have (36 percent).

Continue reading →

Microsoft office files have long been used as a means of delivering malware payloads and researchers at Mimecast have discovered a rise in LimeRAT malware delivered using an Excel default password.

Excel files are designed to be easily encrypted, which helps attackers evade detection by common malware detection systems when a file is emailed.

Continue reading →

As digital transformation projects mean enterprises are sharing more and more information with customers and suppliers, added focus is placed on the security of that data.

To find out how companies can address this, while still reaping the benefits of AI, IoT and other fast growing technologies, we spoke to Fouad Khalil, VP of compliance at SecurityScorecard.

Continue reading →

With phisherfolk ever keen to cash in at the end of the tax year, a new study has analyzed the public DNS records for 200 domains likely to be impersonated for tax fraud and finds that 78 percent are not adequately protected.

The research from email security company Valimail looked at Fortune 100 businesses, US states' departments of revenue, federal tax agencies and well-known tax preparation services.

Continue reading →

Next Tuesday is World Backup Day and to mark the event AOMEI is offering a 12 month free subscription to its Backupper Professional product. The offer is available from now until April 2nd.

With more people working at home on their own machines due to the Coronavirus, security and protection of data is more important than ever.

Continue reading →

Malware attacks using USB flash drives dropped in offices or public locations like car parks are not uncommon. But researchers at Trustwave Spiderlabs have been investigating a new attack disguised as a gift card.

The attack came in the form of a letter that appears to be from retail chain Best Buy offering a $50 gift to loyal customers. With the letter comes a USB drive supposedly containing a list of items to spend the money on.

Continue reading →

Vulnerabilites in the 'Diameter' signalling protocol used to authenticate and authorize messages and information distribution in 4G networks leave them vulnerable to attack.

Researchers at Positive Technologies replicated the actions of threat actors and their attempts to infiltrate mobile networks were 100 percent successful. They also discovered that the biggest threat was denial of service attacks.

Continue reading →

New research reveals a concentrated drive to target workers now operating remotely as a result of the COVID-19 outbreak.

Phishing detection specialist RedMarlin used artificial intelligence tools and submissions to its CheckPhish.ai site to detect thousands of attacks by cybercriminals with the intent of penetrating networks and stealing corporate data.

Continue reading →

According to a new survey of 1,000 IT security professionals around the world, 74 percent are more concerned about a cyber attack on critical infrastructure than an enterprise data breach.

The study by Claroty reveals 62 percent of global respondents believe that industrial networks are properly safeguarded against cyber attacks and 60 percent believe their country’s critical infrastructure is adequately protected.

Continue reading →

Less than half of organizations can patch vulnerable systems swiftly enough to protect against critical threats and zero-day attacks, and 81 percent have suffered at least one data breach in the last two years.

A new report from cyber hygiene platform Automox cites the pace of digital transformation and modern workforce evolution, difficulty in patching systems belonging to mobile employees and remote offices, inefficient patch testing, lack of visibility into endpoints, and insufficient staffing in SecOps and IT operations as inhibitors to patching.

Continue reading →

Automation is having an impact on almost every industry, but it's not just in the world of legitimate commerce that its presence is being felt. A new report from Recorded Future shows criminal enterprises are turning to automation tools too.

Indeed the criminal underground has created an ecosystem of tools and resources allowing threat actors to both operationalize and monetize their campaigns increasingly quickly.

Continue reading →

With more people working from home due to the COVID-19 crisis, it's concerning to find that top VPNs are recording their users and potentially leaking their data according to new research.

Comparison site VPNpro analyzed 114 VPNs and found that, of those, 102 have websites with trackers on them and 26 of those websites have 10 or more trackers. Many of these trackers involve third parties with reputations for not respecting user privacy.

Continue reading →

Researchers at Check Point have identified an auto-clicker malware family operating inside the Google’s Play Store.

Disguised in over 56 applications and downloaded over 1,000,000 times globally, the malware -- dubbed 'Tekya' -- commits mobile ad fraud by imitating the actions of a user, clicking ads and banners from ad agencies like Google's AdMob, AppLovin', Facebook, and Unity.

Continue reading →