Ian Barker

The popular database MySQL version 5.7 hits end of life status on the 31st of October 2023, just a few months away.

This means organizations that are running MySQL 5.7 will have to plan ahead on their options for the future. Dave Stokes, technology evangelist at Percona, spoke to us about some of the choices that will need to be made as well as how to get started on the process.

Continue reading →

A new research paper from ShadowDragon examines how AI, such as ChatGPT, is being used to spread hate and misinformation via fake reviews and deepfakes.

Written by Nico Dekens, director of intelligence, collection innovation at ShadowDragon, the paper looks at how to identify AI-generated materials online that are intentionally spreading false information or worse.

Continue reading →

The majority of organizations use six or more communication tools, across channels, with email being the single channel seen as the most vulnerable to attacks.

Of those responding to a new survey by Enterprise Strategy Group (ESG) and Armorblox of almost 500 IT and security professionals, 38 percent see email as the most vulnerable channel.

Continue reading →

The technology world never stands still for very long and as new technologies emerge so too do new threats. With things like quantum computing on the verge of becoming mainstream it's important to understand their security implications.

We spoke to Archie Agarwal, founder and CEO of ThreatModeler to discuss how DevSecOps can help to identify and mitigate these new threats to cloud services.

Continue reading →

The security of APIs remains a top cybersecurity concern this year, according to a new study, yet there is still a lack of dedicated API security for many companies.

Research from TraceableAI, carried out at this year's RSA conference, finds that though 69 percent of organizations claim to factor APIs into their cybersecurity strategy, 40 percent of companies do not have dedicated professionals or teams for API security.

Continue reading →

New analysis by Orca Security of scan results from its Cloud Security Platform reveals the top risks facing organizations this year.

The analysis of workload, configuration and identity data from real-world production cloud assets on Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Kubernetes and more identifies five of the most common, yet severe, cloud security risks which are found in many cloud environments.

Continue reading →

Thankfully the days of organizations storing passwords in plain text are pretty much gone. Most are now hashed using algorithms that prevent hackers from reading the database easily.

But, as new research from Specops Software reveals, that doesn't necessarily make things safe. The quality of the password itself has a big impact on how long it will take to crack.

Continue reading →

Could AI one day make your job obsolete? 81 percent of respondents to a new survey don't believe so.

The study of almost 1,200 UK office workers by ID Crypt Global finds that while 95 percent have heard of AI, 94 percent are doing nothing to prepare for the eventuality of AI replacing them in the workplace, such as learning new skills or looking for new industries to work in.

Continue reading →

A new report shows that 2022 saw a 300 percent increase in 'carpet bomb' DDoS attacks compared to 2021. Carpet bomb attacks, also known as spread-spectrum or spray attacks, distribute traffic across large IP address spaces.

Legacy technology, like standard victim-oriented detection and mitigation detection techniques, often fails to accurately identify these attacks, leading to incomplete mitigation or false positives. Legacy solutions can also simply be overwhelmed by the number of IP addresses involved.

Continue reading →

Security professionals all know that they should test their security hardware and software periodically to make sure it's working as intended. Many normal IT activities have unintended consequences that cause security configurations to 'drift' over time and make the organization more vulnerable.

But testing is frequently postponed or ignored because it never becomes a high enough priority. We spoke to Song Pang, SVP of engineering at NetBrain, to find out how automation can be used to detect when security products or network traffic are no longer behaving as intended.

Continue reading →

A new AI-based analysis and response engine designed to quickly address security gaps and resource limitations in mission critical operational infrastructure is being launched by Nozomi Networks.

Vantage IQ uses artificial intelligence (AI) and Machine Learning (ML) to help security teams by automating the time-consuming tasks associated with reviewing, correlating and prioritizing network, asset and alert data.

Continue reading →

Analysis of around a trillion API transactions spanning a range industries over the second half of 2022 by Cequence Security seeks to highlight the latest API threat trends plaguing organizations.

In the second half of 2022, approximately 45 billion search attempts were made for shadow APIs, marking a 900 percent increase from the five billion attempts made in the first half of the year.

Continue reading →

A new report from the Secureworks Counter Threat Unit (CTU) uncovers a thriving market in infostealer logs that serves as a key enabler for some of the most damaging forms of cybercrime such as ransomware attacks.

On the 'Russian Market' site alone, the number of logs for sale increased by 150 percent in less than nine months, from two million on a single day in June 2022 to over five million on a single day in late February 2023.

Continue reading →

It's human nature to have an, 'it can't happen to me' approach to life's mishaps, whether it's being involved in a traffic accident or falling victim to cybercrime.

But of course these things do happen to someone. When it comes to identity theft, Home Security Heroes has taken a more scientific approach to determining how likely you really are to become a victim.

Continue reading →

The number of deepfake videos online is increasing at an annual rate of 900 percent according to the World Economic Forum.

In the light of this Kaspersky researchers have revealed the top three fraud schemes using deepfakes that people should be aware of.

Continue reading →