Ian Barker

According to a new study 90 percent of IT professionals believe disclosing vulnerabilities serves a broader purpose of improving how software is developed, used and fixed.

The survey from application security testing specialist Veracode finds more than a third of companies received an unsolicited vulnerability disclosure report in the past 12 months, representing an opportunity to work together with the reporting party to fix the vulnerability and then disclose it, improving overall security.

Continue reading →

The sophistication level of bots attacking eCommerce sites is on the rise according to a new report from cybersecurity company Imperva.

Traffic to eCommerce sites is made up of 17.7 percent bad bots, 13.1 percent good bots and 69.2 percent humans, the findings show, and the bad bots are getting better -- but not in a good way.

Continue reading →

Ransomware attacks are a major problem and they often gain access to systems via brute-force attacks against open and exposed remote access points such as Remote Desktop Protocol.

Cloud-native virtual application delivery platform Cameyo is launching its new RDP Port Shield security technology, along with a free, open source monitoring tool that any organization can use to identify attacks taking place over RDP in their environment.

Continue reading →

Human error has become one of the biggest contributors to data breaches. Organizations have traditionally relied on the effectiveness of technology controls but haven't addressed the fundamental reasons why humans make mistakes and are susceptible to manipulation.

A new report from the Information Security Forum finds that by helping staff understand how these vulnerabilities can lead to poor decision making and errors, organizations can better manage risk.

Continue reading →

Researchers at cybersecurity company Symantec have uncovered a new threat group dubbed 'Tortoiseshell' that is attacking IT providers.

The research has identified 11 targets, most of them in Saudi Arabia. In two cases hundreds of hosts were infected, probably because the attackers were hunting for machines that were of particular interest.

Continue reading →

The healthcare sector collects a lot of detailed information about its clients and that makes it a prime target for cybercriminals.

A new report from SecurityScorecard confirms this, aggregating data from a number of different sources it reveals that healthcare remains the most breached industry.

Continue reading →

Protecting sensitive data and meeting compliance rules is an issue for all companies. A new cloud-based module offers on-demand encryption to allow businesses to meet their security needs.

The hardware security module (HSM) from nCipher Security is called nShield and, delivered as a service, can be used in cloud-first strategies, selective cloud migration, or to add HSM capacity to handle workload spikes.

Continue reading →

As businesses dash towards digital transformation initiatives and the cloud, the pressure to secure both systems and data becomes more intense.

One answer to this is a security automation approach that enables growth while providing visibility across all cloud environments, responding to critical incidents and protecting for governance, risk and regulation compliance.

Continue reading →

The second quarter of 2019 saw DNS amplification DDoS attacks up more than 1,000 percent over the same period last year according to the latest threat report from Nexusguard.

Nexusguard researchers attribute Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65 percent of the attacks last quarter according to the team's evaluation of thousands of worldwide DDoS attacks.

Continue reading →

People are spending more of their time and managing more of their lives on the internet, so it's little wonder that the web is a rich hunting ground for cybercriminals and scammers.

In order to make using the internet safer, Malwarebytes is launching Browser Guard, a free browser extension aimed at safeguarding consumers from scammers, and allowing them to browse up to four times faster.

Continue reading →

We're all aware that there is a skills shortage and that it’s particularly acute in some areas -- such as cybersecurity. One of the ways companies can help retain the employees they have -- while making it more attractive to work there -- is by improving the employee work experience.

But what exactly does improving an employee’s work experience actually involve? We spoke to Pedro Bados, CEO of digital experience specialist Nexthink to find out.

Continue reading →

There is global concern about the business impact and risk from rampant and unrestricted data growth according to a new report.

In addition the study from StorageCraft shows that the IT infrastructures of many organizations are struggling, and often failing, to deliver business continuity in the event of severe data outages.

Continue reading →

Most US citizens acknowledge and accept that state and local government agencies share their personal data, even when it comes to personal information such as criminal records and income, according to a new survey conducted by YouGov and sponsored by Unisys Corporation.

The survey of nearly 2,000 people across eight states finds that more than three-quarters (77 percent) accept that their data is being shared between government agencies.

Continue reading →

Cyber criminals have upped the intensity of IoT attacks and those using Windows SMB in the first half of 2019, according to a new F-Secure report.

F-Secure's honeypot servers measured a twelvefold increase in such events compared to the same period a year ago. The increase was driven by traffic targeting the Telnet and UPnP protocols, which are used by IoT devices, as well as the SMB protocol, which is used by the Eternal family of exploits to propagate ransomware and banking Trojans.

Continue reading →

Popular cloud-based business platform Zoho One is launching its latest update with the addition of Orchestly, a workflow management application that lets users create, manage, and optimize their business processes through an intuitive drag-and-drop interface.

Using Orchestly managers and administrators can automate and run their regular workflows, including cross-departmental workflows such as purchase approvals, content publishing, asset management, and onboarding employees.

Continue reading →