Insight

Two-factor authentication is ubiquitous and it’s a really valuable tool to protect systems and data assets. But with increasing reliance on home working and remote access in the current pandemic, what mechanism should we choose? It’s very common these days for SMS messages to be used for two-factor authentication – many cloud service providers use this mechanism, government departments have adopted it, and it is also quite common in the banking industry. When shopping online...

The title of this article might seem contradictory, but it is not as conflicting as you might think. Sure, we all know that the General Data Protection Regulation (GDPR) prescribes us to protect personal data, wherever it may be. Production, development, testing, QA, training environments – data is stored everywhere. Most people assume that all of this data needs protection at all times, but actually that is not the case. Test data, for example, doesn’t...

Asia is a controversial region when it comes to civil liberties, in general, and Internet freedom, in particular. Even in countries like Japan and Singapore, which boast a high level of technological progress and mind-boggling Internet penetration rates, the web is an increasingly regulated environment. Residents of some Asian countries can be subject to severe penalties, including criminal prosecution, for expressing their views on social media and personal blogs. The same goes for news sites....

New research by Zscaler, analyzing 6.6 billion security threats, has discovered a 260% increase in attacks during the first nine months of 2020. Among the encrypted attacks was an increase of the amount of ransomware by 500%, with the most prominent variants being FileCrypt/FileCoder, followed by Sodinokibi, Maze and Ryuk. Here's what security experts had to say about these findings: Oleg Kolesnikov, VP of Threat Research at Securonix "Having more visibility into the SSL/TLS traffic definitely...

One of the greatest truths in cybersecurity is that defenders need to be right all the time, while cybercriminals only need to be right once. Attacks are increasingly sophisticated and ramified, simultaneously targeting a range of potential entry points with multiple tactics, techniques and procedures. One the other hand, security professionals are faced with a widening attack surface to monitor, each asset with its own specific tool, generating its own stream of alerts and notifications....

We all experience artificial intelligence (AI) and machine learning (ML) every day, whether through search engines, voice-controlled devices or simply taking a photograph on a smartphone. For certain areas of industry that rely on big data analysis, both are already proving their value, identifying patterns in data, or relationships between seemingly unrelated information and then defining algorithms that can automate decision making processes. In cybersecurity too, there are clearly some solutions that meet the accepted...

As the global pandemic has shifted life into the online space, cybercriminal groups have keenly exploited the digitisation of society’s interactions over the lockdown period. One particularly notorious group that security teams should be aware of is Magecart, a shadowy criminal syndicate responsible for many of the recent high-profile credit card skimming attacks. Who is Magecart? Magecart – whose name is derived from a portmanteau of Magento and shopping cart – is an online criminal...

Working with the largest organisations in government, finance and critical national infrastructure, we see good and bad every day. In a confusing hybrid war where APT groups launch attacks that could potentially turn out the lights, it is hard to remain impartial. The fact that a political act of devastation manifests as an innocuous looking line of code viewed over a cup of tea does nothing to detract from its destructive and vicious intent. For...

Small businesses are now on the front line in the fight against cyber crime. The vital position many SMEs have in supply chains means cybersecurity professionals should be doing everything to support small business leaders - for the benefit of everyone.   The number of UK businesses succumbing to cyber attacks has doubled in the last five years.   Around 1.5 million (or a quarter of all UK businesses) fell victim in 2019. This was...

It’s that time of year again. The air feels a bit crisper; the days are a bit shorter; and children around the world prepare to go trick or treating. Even as an adult, Halloween is probably my favourite holiday. I love seeing and thinking about monsters and things that lurk in the shadows… maybe – just maybe – that’s what drew me to a career in cybersecurity. As we ponder the horrors of the night,...