Editor's News

Analysis of vulnerabilities discovered by NCC Group researchers over the last nine years found that instances of common web-based vulnerabilities have largely refused to fall over during this time, with cross-site scripting (XSS) vulnerabilities appearing the most frequently.   The global cyber security and risk mitigation expert found that despite this type of vulnerability being understood across the industry for decades, XSS flaws, which enable attackers to inject malicious scripts into websites or victim browsers,...

Silicon Valley analytic software firm FICO today released its annual interactive map which reveals changes in card fraud across Europe. Based on data from Euromonitor International and UK Finance, the map shows which countries have made significant gains in the fight against payments card fraud in 2017. France and the UK achieved reductions of 6 and 8 percent, respectively, for the biggest reductions in net fraud losses. This is despite losses across the 19 countries...

The Information Commissioner's Office (ICO) has revealed a big rise in the number of self-reported personal data breach notifications in the first full month following the introduction of the new General Data Protection Regulation (GDPR). During a webinar for data controllers posted on the ICO website, Laura Middleton, head of the ICO's personal data breach reporting team revealed there were 1,792 personal data breaches notified to the ICO in June, following the introduction of the...

WatchGuard® Technologies  today unveiled AuthPoint – a cloud-based multi-factor authentication (MFA) solution designed for small and midsize businesses (SMBs). The view that MFA has always been out of reach for SMBs due to cost, complexity and management issues, is backed up by a new survey of IT managers and professionals conducted by independent market research firm CITE Research. The survey shows that 61 percent of respondents from companies with under 1,000 employees believe MFA services...

In recognition of the United Kingdom’s increasing economic dependence on internet-enabled capabilities, a number of established councils, chartered professional bodies, professional certification bodies, academics and industry representative groups have established a collaborative alliance to advance the development of the cyber security profession. With representation from a breadth of disciplines currently active in cyber security professional practice, including computing, engineering, physical security, CNI and focused cyber security bodies, the collaborative effort reflects constituent members’ common understanding...

CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the results of its global supply chain survey, Securing the Supply Chain, produced by independent research firm Vanson Bourne. The study surveyed 1,300 senior IT decision-makers and IT security professionals in the US, Canada, UK, Mexico, Australia, Germany, Japan, and Singapore across major industry sectors. The survey concludes that although nearly 80 percent of respondents believe software supply chain attacks have the potential to become...

Skybox® Security, a global leader in cybersecurity management, announced today the release of its mid-year update to the Vulnerability and Threat Trends Report which analyzes vulnerabilities, exploits and threats in play. The report, compiled by the team of security analysts at the Skybox® Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape. The mid-year update explores trends observed from January to June of 2018. One of the...

Positive Technologies specialists Leonid Krolle and Georgy Zaytsev have uncovered vulnerabilities in Dongguan Diqee 360 robotic vacuum cleaners. The security issues, found on Dongguan Diqee-branded vacuums, likely affect those made by the company and sold under other brands as well.  Leigh-Anne Galloway, Cyber Security Resilience lead,  described the causes and consequences: "The majority of owners of IoT devices would not consider their items a security risk, although they could constitute a major vulnerability, which is why this discovery is...

Amazon Prime Day took place this week, with the retailer claiming that the first 10 hours grew even faster than the first 10 hours on the same day in 2017, exceeding the £766m ($1bn) in sales globally. According to reports, spending jumped 89 percent in the first 12 hours of the event compared to the same period last year. Zscaler released its own data, which reveals the number of Amazon transactions taking place in the...

New research by data security company, Clearswift, has shown that year on year cyber security incidents from those within the organisation, as a percentage of all incidents, have fallen in the UK and Germany, two countries currently now under the ruling of GDPR. However, in the United States, a country outside of the direct jurisdiction, threats are on the rise.   The research surveyed 400 senior IT decision makers in organisations of more than 1,000...