BetaNews Staff

For the past few months, the tech -- and tech-adjacent -- world has been fascinated by ChatGPT. A generative artificial intelligence (AI) tool that has been open for public use since late 2022, it’s designed to interact with humans to answer questions or develop content based on a prompt written in simple, conversational English rather than a complex data query.

ChatGPT has been used to write Valentine’s Day poems, plan a Thanksgiving menu and write other humorous outputs. It also has quickly become a research hub, programming tutor and source for writing inspiration. Famously, a leading tech news site used ChatGPT to write some of its articles, to varying degrees of success.

Continue reading →

With the creation, storage, and use of data continuing to accelerate dramatically, security vulnerabilities and risks to data integrity are also escalating across the board. The trends are alarming, with one recent study from IDC -- looking at the requirements for ransomware and disaster recovery preparation -- revealing that in 2022, almost 80 percent of organizations surveyed had activated a disaster response. What’s more, 83 percent had experienced data corruption, and most worrying of all, almost two-thirds said that a ransomware attack had resulted in unrecoverable data.

Indeed, there is currently no application type that can be considered to be completely safe from ransomware. Among the wide range of possibilities this situation creates are the risks posed to organizations that are refactoring their applications for Kubernetes. Refactoring is an increasingly popular approach to application deployment, whereby apps are broken down into a range of services that can subsequently be operated independently. One of the key benefits this offers is that the application’s underlying hardware is used more efficiently, while each service can also be scaled as required without impacting other services and resources.

Continue reading →

Developers are constantly innovating better and more efficient ways to deploy software, but not all teams are privy to the new strategies. We as a developer community need to eliminate all gatekeeping and share best practices. What benefits one team will help another, allowing us to continuously build on these improvements together.

Deployment velocity drives business value, but only if the software is reliable. Users won't care about receiving frequent updates if they don't work. Sharing deployment best practices can eliminate manual tasks and enable developers to focus on coding, leading to more reliable deployments and apps and more efficient processes.

Continue reading →

Cybersecurity threats are growing at an alarming rate across the globe while at the same time, cybercriminals are becoming even more sophisticated in their methods of attacks. Meanwhile, the shortage of cybersecurity talent is making it difficult for organizations and industries to meet these constantly shifting security demands.

As such, the cybersecurity landscape has become increasingly challenging. In fact, cybercrime is expected to cost the world $10.5 trillion annually by 2025 but organizations are struggling to build the specialized skills required to manage these growing threats. According to ISACA’s latest State of Cybersecurity Report, 63 percent of enterprises have unfilled cybersecurity positions while labor shortages in the UK have become particularly acute. In fact, while there are currently about 339,000 cyber professionals in the UK (up 13 percent year-on-year), there is still a shortfall of 56,811 workers (up 70 percent year-on-year).

Continue reading →

Our threat researchers at Lares encounter a broad range of security flaws and vulnerabilities when we conduct Purple Team exercises on behalf of our clients. Over time, the same unforced errors seem to come up so often that we warn security teams to develop standardized practices to defend against them.

The Lares Adversarial Collaboration Unit assists clients with defensive collaboration engagements and Purple Team assessments, which combine offensive and defensive techniques to strengthen security protections. Red Teams emulate external or insider attackers, while Blue Teams serve as internal security defenders. Purple Teams assist both sides by aligning the defensive tactics of the Blue Team with the threats attempted by the Red Team.

Continue reading →

It's like in the movie "Groundhog Day". Every 31st March the music plays and on World Backup Day we are reminded of the promise: "I solemnly swear to back up my important documents and applications". A noble goal that every company and every user immediately agrees to.

But in the weeks surrounding World Backup Day, we hear from the media that companies have been hacked and their data hijacked by ransomware. The big promise to restore the data from the backup and thus be resistant to any attempt at blackmail is then broken again.

Continue reading →

Implementing your security approach will depend on how you can translate your approach from strategy into reality. As part of this, you will have to make decisions on what tools you use based on the functions that they cover, how they help you create and use data, and how they work. This latter part is important as all security professionals have their own preferences. One of the big debates here is whether you use agent-based or agentless tools.

Using security tools that rely on agents can be an issue for some security professionals, while others will swear by their agent-based tool of choice, and you would have to pry it from their hands. The challenge here is when you have a combination of complex environments to consider, faster software development goals to support, real-time security pressures to contend with, and more data than you know what to do with. So what approach should you choose?

Continue reading →

It is no secret that the web browser is becoming an increasingly popular target for cybercriminals looking to compromise an endpoint to gain entry to a network. The increased business use of the browser (remote work) on networks that lack the perimeter security infrastructure of traditional campus networks has made them easier to exploit. In recent months, we have seen an increase in cyberattacks and data leaks caused by browser-related security incidents, including a data breach caused by a phishing attack on Dropbox that gained the hacker access to over 100 of the company’s code repositories in November, and December’s CircleCi breach resulting from an infection of information-stealing malware.

Highly Evasive Adaptive Threats, or HEAT attacks, are a new spin on existing browser exploit techniques that make them much more dangerous. These attacks exploit browsers by leveraging features and tools to bypass traditional security controls and then attack from within, including compromising credentials or deploying ransomware. Comprised of known tactics such as phishing messages, HTML smuggling and dynamic drive-by downloads, these attacks frequently target SaaS applications and other web-based tools that are critical to productivity.

Continue reading →

Artificial intelligence continues to hog the headlines, as more people discover the power of tools like OpenAI’s DALL-E 2 and especially ChatGPT. These futuristic-seeming tools work by taking a human’s query or prompt and returning an intelligent textual or visual response.

From an enterprise perspective, AI adoption is growing rapidly. According to Forrester, spending on AI software is set to accelerate from $33 billion in 2021 to $64 billion in 2025 -- growing twice as fast as the overall software market. But while tools like ChatGPT may seem like magic, it’s important to understand these solutions aren’t perfect.

Continue reading →

As technology continues to evolve, the networking industry is experiencing significant changes that will have a profound impact on businesses worldwide. The key areas where we expect to see developments include innovation driven by the major cloud providers, accelerated connectivity, and the need for transparency into the network. 

These trends represent key factors that can enable businesses to drive innovation and competitiveness, even in the face of an increasingly challenging economic environment.

Continue reading →

In 2022, the education sector experienced a 44 percent increase in cyberattacks. In the UK alone, six in ten higher education institutes reported experiencing ​​​at least ​weekly ​​​attacks or breaches​​​. This increasing number of threats to the sector is causing major disruptions to teaching and even forcing schools and universities to shut down. 

When it comes to prioritizing security and adopting latest technology, the education sector has always lagged behind other major industries. This lack of urgency is party the reason why education is such a vulnerable target. Many schools are still using outdated and unprotected technology that is easy to infiltrate. Despite not being a cash-rich target, these facilities hold a wealth of personal and financial data, which can be used in future attacks or sold on the dark web. 

Continue reading →

In the early days of computing, authentication was simple, but the approach grew in sophistication over time. For example, modern password-based authentication systems like Kerberos don’t actually transmit passwords anymore; they generate an authentication token that is submitted instead.

But even with these enhancements, a username-and-password based approach to authentication still has a key weakness: if someone learns another user’s password, they are indistinguishable from the true user. And although Bill Gates predicted the death of the password nearly 20 years ago, they remain the default method of authentication for a range of services at work and home.

Continue reading →

Ignore the hype: Artificial intelligence (AI) can improve your security posture now.

We’ve been waiting for AI to deliver benefits to cybersecurity for a long time. ChatGPT aside, AI has been a hot-and-cold topic for decades, with periods of overhyped promises interspersed with periods of cynical rejection after failure to deliver on all of those promises. No wonder plenty of security leaders are wary. Yet, despite the wariness, AI is helping to improve cybersecurity today and will increasingly provide substantial security benefits -- and challenges.

Continue reading →

According to the CBI, UK job vacancies are reaching record highs, currently at 147 percent of the February 2020 average. In those three years, an estimated half a million people of working age have left the UK labor market, and more than three-quarters of UK businesses say that access to labor is threatening UK competitiveness.

As well as the shrinking recruitment pool, there is also a shortage of people with the right skillset. In particular, the digital skills gap has been a long-standing problem for UK businesses. A survey conducted in Q4 2022 underscored that impact, with 81 percent of UK managing directors saying a lack of digital skills is negatively affecting their company.

Continue reading →

Digital money, digital currency, most popularly known as cryptocurrency, has seen its rise to fame over recent years. Despite its popularity, many remain skeptical of cryptocurrency and its impact on society.

According to the World Economic Forum, cryptocurrency helps continue, stabilize, and substitute existing money. However, cryptocurrencies operate totally differently than legal tender, and the authorities are concerned about a non-existent monetary policy for this digital money. This article will discuss digital money, its impact, and all the legal implications of cryptocurrency transactions.

Continue reading →