Articles about Security

The latest Security Maturity Report, published today by ClubCISO, shows 76 percent of CISOs reported no material breaches over the past year, up from 68 percent in 2022.

Despite the difficult economic climate, heightened global tensions and the onset of new technology making cybercrime easier, 60 percent of those surveyed say that no material cyber security incident had occurred in their organization over the past 12 months.

Continue reading →

The annual Gartner Security and Risk Management Summit is always fertile ground for discovering the latest trends in cyber security, with this year being no exception. The 2023 event was held in early June, and central themes of this year's summit were the increasing complexity of managing cybersecurity adversaries, the increase in data breaches, and the heightened risk identity poses in an ever-evolving digital landscape.

One of the most significant takeaways from this year's summit is the role of Privileged Access Management (PAM) within the Cybersecurity Mesh.  The Cybersecurity Mesh distributed architectural approach to scalable, flexible, and reliable cybersecurity control. The Cybersecurity Mesh allows the security perimeter to be defined around the identity of a person or thing, highlighting the critical role PAM plays in modern cybersecurity strategies. The shift to remote work, accelerated by the global pandemic, and the subsequent rise in cloud-based infrastructures, have further emphasized the importance of the shift from infrastructure-based perimeters to identity perimeters.

Continue reading →

Good news, fellow Linux nerds! After many months of development, the Debian project has finally released the latest stable release of its popular Linux-based operating system. Debian 12, codenamed "Bookworm," marks a significant milestone in the ongoing battle against proprietary operating systems, particularly Windows 11. Debian 12 offers a legitimate alternative that truly empowers users.

One of the standout features of Debian 12 is its commitment to long-term support. Thanks to the joint efforts of the Debian Security team and the Debian Long Term Support team, Bookworm will receive support for a generous five-year period. This ensures that users can rely on Debian 12 for their computing needs without the constant pressure to upgrade or migrate to newer versions.

Continue reading →

It seems that every week we hear of another cybersecurity breach. This year, organizations of all shapes and sizes have fallen victim to malicious crimes -- from Apple, T-Mobile and Uber, among many others -- and data breaches are costing U.S. businesses millions of dollars.

The emerging digital ecosystem has made every company a target, and as a result, organizations are investing in a range of cybersecurity measures to mitigate threats and enhance resiliency and recovery. As cybercriminals continue to evolve their tactics, it’s becoming increasingly challenging for organizations to keep up with the latest security measures. This highlights the need for ongoing cybersecurity investment and a proactive approach to threat detection and response. The question is, what are these measures, and is there a one-size-fits-all approach? Let’s explore.

Continue reading →

Ladies and gentlemen, hold onto your keyboards, because Surfshark is making waves in the world of online security. The highly acclaimed VPN app has officially landed on the Microsoft Store for Windows, and the internet community is buzzing with excitement.

Why did the folks at Surfshark decide to make this move? Well, it's all about accessibility, my friends. Surfshark is on a mission to make their product available to everyone, and what better way to achieve that than by offering their app on the Microsoft Store? Windows users can now easily experience the full power and potential of Surfshark's VPN services right at their fingertips.

Continue reading →

In the last 12 months, 90 percent of organizations have suffered an identity-related incident, an increase of six percent over the previous year.

A new report, based on an online survey of over 500 identity and security professionals, from The Identity Defined Security Alliance, shows that only 49 percent of respondents say that their leadership teams understand identity and security risks and proactively invest in protection before suffering an incident, while 29 percent only engage and support after an incident.

Continue reading →

Generative artificial intelligence (AI) systems have witnessed significant advancements in recent years, offering remarkable capabilities in a variety of domains.

Generative AI is a powerful tool that can be used for both good and bad. Threat actors have been employing the latest technology to harm businesses in various ways for decades, but organizations have and must continue to find ways to use this same technology to their advantage, and ultimately outsmart these digital thieves as AI is becoming more accessible and accepted.

Continue reading →

Moving to the cloud has always presented something of a challenge, but the pandemic made things even more difficult because of the need to manage more applications across a distributed workforce.

Add in the issue of shadow IT, and enterprises are increasingly struggling with SaaS sprawl. We spoke to BetterCloud CTO, Jamie Tischart to learn more about the problem and how to deal with it.

Continue reading →

In a world where technology and sustainability are becoming increasingly intertwined, Acer takes a significant step forward by introducing the Acer Connect Vero W6m, its first eco-friendly Wi-Fi 6E mesh router. This innovative networking solution not only offers impressive speeds and enhanced connectivity but also incorporates post-consumer recycled (PCR) materials in its construction. With a dedicated Eco mode for efficient energy consumption, Acer demonstrates its commitment to minimizing carbon footprint and fulfilling its environmental responsibility.

With Wi-Fi 6E Tri-Band AXE7800 throughput, the Acer Connect Vero W6m delivers speeds of up to 7.8 Gbps, ensuring fast and stable internet connections for all users. Furthermore, the Vero W6m can be paired with up to four units, providing impressive network ranges of up to 465m² on a dual mesh system and up to 930m² on a quad mesh system. These capabilities effectively eliminate dead spots, ensuring seamless coverage in larger areas.

Continue reading →

The latest spear phishing trends report from Barracuda Networks shows that 50 percent of organizations studied were victims of spear-phishing in 2022, with 24 percent having at least one email account compromised through account takeover.

The report draws on a data set that comprises 50 billion emails across 3.5 million mailboxes, including nearly 30 million spear-phishing emails, as well as a survey by Vanson Bourne of IT professionals from frontline to the most senior roles at 1,350 companies.

Continue reading →

Online security and privacy can be difficult to achieve in a household environment, with different people using a range of devices. Proton, the company behind a number of privacy-focused services like Proton Mail and Proton VPN, may have the answer with the launch of a new family plan.

Proton Family offers an all-in-one digital security and privacy solution designed for families. The plan offers up to six family members access to Proton's premium services and features, including end-to-end encryption for emails, calendars, file storage, password management, and VPN protection.

Continue reading →

Bug bounty programs have become a common way for companies to track down issues with software before they start to cause security concerns for users. While Google has various existing programs of this nature, the company has just launched the Mobile Vulnerability Rewards Program.

Google Mobile VRP is a bug bounty program that focuses on the company's own software. It lets security researchers and software detectives submit reports about Google's Android apps, earning financial rewards for discovering security flaws.

Continue reading →

Russia’s invasion of Ukraine in February 2022 signaled many things to the Western world, but perhaps one of the biggest warnings was how precarious energy security really was as oil and gas prices skyrocketed following the start of the war.

As Europe entered winter and the demand for energy increased, it highlighted just how vicious the cycle can be as cyber attacks on critical infrastructure and operation technology increased.

Continue reading →

The global market for commercial spyware is currently estimated at around $12 billion, which over the last 10 years has seen 80 countries purchase the technology. Spyware is used for a range of purposes, allowing operators to gain remote access to devices from across the world. Once a device becomes infected, the perpetrator gains complete control of the device, which can mean unfettered access to messages, audio calls, photos, and remote access to cameras and microphones.

What’s worrying is spyware is becoming accessible even to users lacking advanced tech skills. Cheaper, more rudimentary forms of spyware like stalkerware exist. Stalkerware can be particularly intrusive and abusive as it must be physically installed, meaning attackers need direct access to which ever device they try to infiltrate. In this article, we will expose the threat from digital spying and stalking, and how to maximize protection.

Continue reading →

The security of APIs remains a top cybersecurity concern this year, according to a new study, yet there is still a lack of dedicated API security for many companies.

Research from TraceableAI, carried out at this year's RSA conference, finds that though 69 percent of organizations claim to factor APIs into their cybersecurity strategy, 40 percent of companies do not have dedicated professionals or teams for API security.

Continue reading →