News

European Commission regulators have proposed changes to EU law that would force companies that transfer Bitcoin or other crypto-assets to collect details on the recipient and sender. The proposals would make crypto-assets more traceable, the EU Commission said, and would help stop money-laundering and the financing of terrorism. The package also includes the proposal for the creation of a new EU authority to fight money laundering. According to the BBC, the proposals could take two...

This week, cybersecurity provider Netskope released the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs' biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. The results revealed that some departing employees present disproportionately significant cloud security risks. In their last 30 days of employment, workers have been proven to be uploading three times more data than...

One Identity, an identity-centric security provider, has been named a Leader in the 2021 Gartner Magic Quadrant for Privileged Access Management (PAM) as the company continues to deliver on its next-generation PAM vision. One Identity helps businesses address the shortcomings of legacy security offerings that are fragmented, complex, manual and too narrow to meet today’s challenges, such as an increase in remote working. With 70 percent of breaches linked to privileged abuse, organisations need a streamlined...

Hackers are using weak and stolen credentials in a significant way to compromise business-critical environments. Stealing access to your environment using a known password for a user account is a much easier way to compromise systems than relying on other vulnerabilities. Therefore, using good password security and robust password policies is an excellent way for organizations to bolster their cybersecurity posture. What characteristics make up an effective password policy? Developing an effective reporting structure for...

A nationwide survey of 2,000 UK employees conducted by Censuswide on behalf of Armis, the unified asset visibility and security platform provider, analyses the new working culture and security of personal devices before the inevitable return to the office.  The results demonstrate a heightened cybersecurity threat as the majority of the UK workforce (61%) intend to return to the office with their personal devices, despite a quarter (25%) admitting to having insufficient policies in place...

By the time you have finished reading this sentence, an organisation somewhere in the world will have fallen victim to a ransomware attack and had at least some of its corporate data encrypted. Globally, on average, the criminals behind ransomware attacks hit a new organisation every 10 seconds, but less than five years ago, it was every 40. Recently, Colonial Pipeline, a major US fuel company made headlines after falling victim to such an attack...

OneLogin has announced the launch of its Delegated Administration offering, which enables organizations to adopt the Zero Trust principle of least privilege access. By empowering IT administrators to easily delegate access on a granular level, organizations can balance productivity requirements with the need to aggressively protect their organization against security threats. OneLogin’s Delegated Administration tool allows organizations to adopt the principle of least privilege access to enable their Zero Trust framework. Organizations can improve their...

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has revealed the results of its Q2 2021 top-clicked phishing report. There has been a significant rise in phishing email attacks related to HR topics, particularly regarding new policies that would affect all employees throughout organisations. Real phishing emails that were reported to IT departments related to security-minded users about password checks continue to remain popular. One subject area that has...

Passwords are the first line of defense when it comes to digital security. For most businesses, each employee is going to have at least one username and password that they need to remember. In many cases, there will be many. This is, of course, is in addition to all of their personal accounts and passwords which are sometimes used on the same device as their work accounts.   With this in mind, it should come as no surprise that somewhere between 20% and 50% of calls...

Researchers at Armis, the unified asset visibility and security platform provider, have disclosed the discovery of an authentication bypass vulnerability in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can lead to remote-code-execution (RCE). The vulnerability, dubbed Modipwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models from the Modicon series. Millions of devices use these PLCs and are now deemed to be at...