Featured

The latest collection of expert opinions, news analysis and featured contributions from the IT security community

BEC scams

Email is not only one of the most important channels of communication in day-to-day business, but unfortunately also one of the biggest gateways for cyber attacks. According to the safety and network specialists Barracuda Networks, 91% of all attacks start with an email. Gateway solutions such as Barracuda Essentials therefore represent an important first line of defence against the dangers posed by malicious emails. Not only do such solutions reliably recognise spam and phishing emails, they...

Read more
Cybersecurity Robustness

Nominet has today announced the findings of its Cyber Confidence Report, which analysed almost 300 senior security practitioners in the UK and US, and found that CISOs were being put in compromising positions. Seventy-one percent said that their organisation uses the security posture of the organisation as a selling point, despite their lack of confidence in the security stack. When asked how confident they were in an organisation's final choice of security solutions, 34 percent...

Read more
Ben Lorica, Chief Data Scientist at O’Reilly

By Ben Lorica, Chief Data Scientist at O’Reilly More than a decade ago leading UK investigative journalist Nick Davies published Flat Earth News, an exposé of how the mass media had abdicated its responsibility to the truth. Newsroom pressure to publish more stories, faster than their competitors had, Davies argued, led to journalists becoming mere “churnalists”, rushing out articles so fast that they could never check on the truth of what they were reporting. Shocking...

Read more
phishing keyboard

The days of crude phishing attacks, which anyone with a little common sense could avoid falling victim to, are a thing of the past. Today’s cybercriminals are savvier than their predecessors, capable of producing spoof emails and websites convincing enough to fool even the most educated eye. While it’s easy to feel helpless in the wake of these advances, there are still steps that ordinary internet and email users can take to avoid falling victim to...

Read more
BEC scams

The processes around prescriptive security are distinct from those around traditional cyber security in a number of ways. Here, we’ll examine the differences using the example of a device belonging to the executive assistant of a CEO having been subject to a phishing attack, resulting in a virus. As every cyber security expert knows, phishing email campaigns are increasingly targeting smaller, more focussed groups and becoming more sophisticated and therefore more likely to succeed and...

Read more
Anatomy of an Advanced Persistent Threat

By Tarik Saleh, Senior Security Engineer at DomainTools Advanced Persistent Threats are long term patterns of network exploitation that go undetected for extended periods of time and are usually aimed at high profile targets such as governments, higher education institutions, political activists, and companies. They are often motivated by economic, political, and financial reasons, and the attacks tend to be highly targeted, resourceful, and risk tolerant.   The typical APT involves several phases:   Infiltration/Initial compromise:  This...

Read more
I think therefore IAM

“I think therefore I am.” - René Descartes This isn’t just a pompous philosophical proposition of autonomy, instead it is a timely piece of advice for ensuring corporate cybersecurity. Descartes really was ahead of his time! Identity and access management (IAM) plays an important part in securing your IT infrastructure by mitigating risk from both external cyberattack, and internal threat. Any company that thinks seriously about protecting sensitive information about their employees or customers should...

Read more
Page 3 of 21 1 2 3 4 21