BetaNews Staff

Hackers are having a moment. As high-profile breaches have become the norm over the last few years, more and more enterprise organizations have turned to bug bounty programs. As a result, the idea of hacking for good has finally begun to resonate with the general public. This rise in popularity has inspired many, from aspiring hackers to seasoned security professionals, to join the hunt and seek out bug bounty programs to "hack on".

As an information security professional by trade and a hacker by heart, I’ve had years of experience hacking for good. From my days as a penetration tester and security leadership roles at HP Fortify, Redspin and Citrix to hacking on bug bounty programs of all sizes, I have spent my life hacking for good -- much of this experience has been hacking on bug bounty programs.

Continue reading →

The DVSA (Driver and Vehicle Standards Agency), which focuses on improving road safety in Britain by setting and enforcing the standards for vehicles, driving and motorcycling, is transforming its technology landscape from primarily outsourced contracts to in-sourced agile delivered services using a combination of vendors and employees. As part of this, the agency has deployed a technology service desk.

Known as the Technical Support Service, it supports the DVSA’s new MOT software application currently in use by thousands of MOT testers around the UK delivering around 150,000 MOT tests daily. Here I will explain the modernization journey and why it was vital to support the agency’s strategic direction.

Continue reading →

The web-enabled generation has become increasingly reliant on technology for everyday activities. Cloud services, social networks, web extensions, plug-ins and online games, are all growing in popularity and as such, are replacing desktop applications. This heightened use of mobile web-browsers has opened the back door to cybercriminals, who now have new channels to implement browser-based attacks, spread malware and maximize infection campaigns.

Traditional "man in the browser attacks" (MITB) have been given a new lease of life as a result of the latest types of malware, distribution models and special features. Cybercriminals are becoming ever more sophisticated, injecting JavaScript code into web pages to steal user credentials or hijack data, such as those used for online banking.

Continue reading →

Users of popular software programs are increasingly discovering that programs which are otherwise very useful are acting in a totally unacceptable manner. Note the following examples:

Adobe Reader can create 257 unique folders under c:\programdata\adobe\arm\reader_11.0.00\<username> each containing the exact same four executables:

Continue reading →

According to the Crime Survey for England and Wales published this October by the UK's Office for National Statistics (ONS), the official crime rate all but doubled in the year ending June 2016 after the inclusion of online crime figures for the very first time. In fact, card fraud was cited as the most common crime in the UK. John Flatley, head of crime statistics and analysis at the ONS, stated that members of the public are now 20 times more likely to be a victim of fraud than of robbery.

The Numbers Are Soaring!

Continue reading →

The recent proposed Green Paper, and in particular its element on "stakeholder engagement", called for the voices of employees and customers to be heard in the Boardroom. It followed the PM’s U Turn on her commitment to put employees on company boards, but echoed the Chancellor’s sentiments on UK productivity.

As Mr Hammond reminded us in his Autumn Statement, UK productivity lags behind that of the US and Germany by some 30 percentage points. According to research from Qualtrics, British workers think a third of their working day is wasted. Giving employees a "voice", however, dramatically improves outcomes, because low productivity and dysfunctional employee engagement are two sides of the same coin.

Continue reading →

According to IDC, by 2018 at least half of IT spending will be cloud based, reaching 60 percent of all IT Infrastructures, and 60 to 70 percent of all software, services, and technology spending by 2020.

As cloud has become a standard way of doing business, organizations globally are using it as a tool for innovation and business transformation. Those who successfully use the cloud to achieve growth will have a mature, strategic view of how best to implement and integrate it across their organizations. All approaches to cloud have advantages. From the straightforward simplicity of public cloud services, versus the increased security and control of a private cloud, there is a cloud environment to meet every organization’s needs.

Continue reading →

Multi-cloud has been discussed within the cloud computing industry for a while, but there is still confusion and disagreement about what it is. What most can agree on is that multi-cloud is about mixing and matching the best-in-class technologies and services from different cloud providers to create the best possible solution for a business.

This flexibility is what will define the industry in the coming years, allowing organizations to leverage the relative advantages, price-points and geographic locations of the solutions to their best advantage. However, the transition to a multi-cloud solution can be fraught with risks if improperly managed. As a result, enterprises looking to gain advantage through this technology are seeking expert help in the form of third-party managed service providers.

Continue reading →

We found out last week that one billion Yahoo accounts were hacked in 2013, only a couple months after we learned about a separate hack, that took place in 2014, which compromised an additional 500 million accounts. Combine that with the 360 million compromised MySpace passwords, 117 million from LinkedIn, 65 million from Tumblr, and 32 million from Twitter, and you can almost guarantee that you or someone you know was affected by the mega-breaches announced in recent months.

Being as most people use the same password over and over, these breaches give hackers access to multiple accounts. In a proactive security screen this fall, Netflix found a number of users whose Netflix passwords were compromised as part of another company’s breach. These instances do not simply let attackers tweet on your behalf; they can affect all of your accounts. How many people use the same password for LinkedIn or Yahoo as they do for their corporate email? An unsettling number.

Continue reading →

If Gartner’s right, smart machines will become a business mainstream by 2021. Its new report, entitled "Smart Machines: Consulting and System Integration Services Market Forecast and Opportunities", says smart machines will see a 30 percent adoption in the next five years among large enterprises.

Gartner says cognitive computing, artificial intelligence (AI), intelligent automation, machine learning and deep learning are all considered "smart machines". By becoming mainstream, smart machines will open up an entirely new industry, which is expected to be worth approximately $29 billion (£23.3bn) by 2021.

Continue reading →

Less than a third (31 percent) of consumers in the UK perform firmware updates on their devices as soon as they become available, a new report by Ubuntu Core, a Canonical company working on connected devices, says. Four in ten (40 percent) have never updated the firmware on their devices, ever.

This leaves them extremely vulnerable to attacks, as firmware updates are also designed to patch security holes. What’s also interesting is that a significant number of consumers don’t even think it’s their responsibility to keep their devices up-to-date and protected.

Continue reading →

In the sci-fi film Ex Machina, reclusive inventor Nathan Bateman foresees a bleak future, telling the movie's protagonist, Caleb, that "One day the AIs are going to look back on us the same way we look at fossil skeletons on the plains of Africa".

When we don’t understand something, we tend to fear it; which is one reason popular movies like Ex Machina and HBO’s nail-biting new series Westworld like to imagine futures in which artificial intelligence plots to destroy humanity.

Continue reading →

The data processing landscape has seen huge changes since 1995, in May 2018 the EU is replacing the Directive with a new regulation, the General Data Protection Regulation (GDPR). Enforceable from May 2018, organizations have had to take account of their responsibilities under the DPA for many years now.

Many have mature and well-considered data management policies in place that already address elements of the GDPR. Nonetheless, with the threat of significant penalties for data breaches under the GDPR it would be prudent to reexamine procedures and to consider how these can be enhanced to ensure compliance when GDPR comes into effect in May 2018.

Continue reading →

Back in 2008 the death knell of the PBX was being forecast -- albeit mainly by VoIP suppliers. Whilst sales have dropped and there was some amalgamation of suppliers there is still a strong market. The number of PBX extensions still outnumbers VoIP by around seven or eight to one.

So, to misquote Mark Twain -- reports of the PBX’s death have been grossly exaggerated. It is the rise of a parallel technology SIP that has blunted many of the arguments put forward by VoIP suppliers suggesting we should throw away that box on the wall.

Continue reading →

The global business landscape is being transformed by the Internet of Things. Soon, every business will be an IoT business simply because those that don’t adapt, innovate, and transform their models will risk falling behind in the Connected Economy. But even as business leaders scramble headlong to get in on the IoT gold rush, many are faced with the same harsh realization: that actually monetizing IoT data is difficult.

I’ve written about the challenges of IoT monetization before, and I agree with Gartner’s assessment that 80 percent of IoT implementations will squander their transformational opportunities. This statistic isn’t due to a lack of opportunity, as I believe that for any company that has customers, suppliers, employees or assets, IoT monetization can be transformational. Here are my top three strategies for ensuring that your IoT initiative is part of the 20 percent that actually succeed.

Continue reading →