This week, the Labour Party reported a "sophisticated, large scale cyber attack" hitting its digital platforms. What is believed to have been a Distributed Denial of Service attack was blocked by the party's cybersecurity systems. The Labour Party reported the attack to the National Cyber Security Centre, and the party leader, Jeremy Corbyn, admitted to the Independent that the event made him "very nervous" about the upcoming elections. Here's what cybersecurity experts had to say...
Read more
Getting the working culture right for any business can be difficult but KnowBe4 seems to have found a winning formula to achieve this. We caught up with Erika Lance, SVP of People Operations at KnowBe4, who is seen as the brains behind much of this success, to hear how she was able to get such great results.
Read more
With Halloween fast approaching, it’s a great time to discuss some of our favourite things in life: the creation of chocolate peanut butter cups and what these can teach us about phishing. Hard to imagine a time when before the “age of the cup” because there are many that never got to know the delicious glory that accompanies the unification of chocolate and peanut butter. Prior to that time, people walked around in total ignorance...
Read more
By Tarik Saleh, Senior Security Engineer at DomainTools Advanced Persistent Threats are long term patterns of network exploitation that go undetected for extended periods of time and are usually aimed at high profile targets such as governments, higher education institutions, political activists, and companies. They are often motivated by economic, political, and financial reasons, and the attacks tend to be highly targeted, resourceful, and risk tolerant. The typical APT involves several phases: Infiltration/Initial compromise: This...
Read more
“I think therefore I am.” - René Descartes This isn’t just a pompous philosophical proposition of autonomy, instead it is a timely piece of advice for ensuring corporate cybersecurity. Descartes really was ahead of his time! Identity and access management (IAM) plays an important part in securing your IT infrastructure by mitigating risk from both external cyberattack, and internal threat. Any company that thinks seriously about protecting sensitive information about their employees or customers should...
Read more
One Identity, the identity-centered security specialist, has released new global research, conducted by Dimensional Research, revealing the significant prevalence and impact of cyberattacks that use stolen hashed administrator credentials, also referred to as Pass the Hash (PtH) attacks. Among the survey’s most noteworthy findings is that 95% of respondents say that PtH attacks have a direct business impact on their organisations. The study of more than 1,000 global IT professionals reinforces the crucial need for...
Read more
Mimecast (NASDAQ: MIME), a leading email and data security company, announced the availability of its latest Email Security Risk Assessment (ESRA). The quarterly assessment is an aggregated report of tests that measure the efficacy of widely used email security systems. This quarter’s ESRA report found a significant increase in Business Email Compromise (BEC) attacks, emails containing dangerous file types, malware attachments and spam being delivered to users’ inboxes from incumbent email security systems. BEC attacks, also referred to as email-based impersonation...
Read more
Written by John Czupak, CEO, ThreatQuotient There’s something big brewing in the world of security operations, but what exactly is it? We are regularly inundated with various descriptions of useful tools and capabilities (think Security Orchestration, Automation and Response (SOAR), Threat Intelligence Platforms (TIPs), Security Incident Response (SIR), Hunting and more). Unfortunately, many of us are equally confused about the fundamental capabilities of these technologies, and more pointedly, what problems they aim to solve. Perhaps...
Read more
We often question what drives the success behind enormous companies like Google and Amazon. A large part of the answer is machine learning. These companies have quickly adopted machine learning, finding smarter ways to apply it and changing the dynamic of how they work. With the extra analytical muscle that machine learning affords, they’re able to drive more intelligent and innovative projects which – let’s be honest – just work. The result of the dominance...
Read more
As the industry leader, only CyberArk has the technology expertise and experience to deliver innovative solutions that make it simple and easy for cloud-first organisations and those embracing digital transformation to consume, use and manage privileged access security solutions, especially in hybrid cloud environments. “Privileged access security is foundational to effective cybersecurity programmes. As our customers increasingly operate in SaaS and cloud-first environments, it’s critical for CyberArk to build upon our deep knowledge and understanding...
Read more
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!
