Editor's News

As emergency services, public health organisations, utilities and other critical organisations rush to enable as many remote workers as possible, best practices for keeping users secure have understandably become an ongoing challenge. Any organisation relies on privileged IT users to configure systems and perform vital functions so their enterprise stays up and running. If this privileged access is not controlled as it shifts to remote administration, organizations face heightened risk. Un-managed privileged access opens the...

The public nominations for the seventh annual European Cybersecurity Blogger Awards 2020 have been collated and finalists announced. To see the full list of nominees and cast your votes in each category, click here: https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Don't miss your chance to vote for your favourite bloggers, vlogger, podcasters or social media accounts in each of the 13 categories. The first round of public nominations is complete, and you now have the chance to vote for your...

Securonix, Inc. today announced the launch of the Securonix Analytics Sandbox capability, which provides an isolated test or QA environment within the production setup. This enables security operations teams to test, tune, and validate new use cases prior to pushing them to live production.   “Security operations teams are in a catch 22 - they must update use cases rapidly to stay ahead of evolving threats, but must do so in a way that does not...

Privacy Day, or Data Protection Day in Europe, was instituted to raise awareness on the importance of upholding data protection best practice. The recent institution of privacy regulations such as GDPR and CCPA made organisations reflect on how they store and use consumers' personal information across the board, marking a significant milestone in the way data is handled in the digital era. Here's what experts had to say: Corin Imai, Senior Security Advisor at DomainTools:...

Security research company Comparitech.com recently made a discovery of 250 million Microsoft records which were exposed on the web. The specific form that this data took was Customer Service and Support records (CSS), which includes customer email addresses, IP addresses and locations as well as descriptions of the CSS claims and cases, and the email addresses of Microsoft employees. The research team led by security researcher Bob Diachenko discovered five Elasticsearch servers where the information...

With 2FA and MFA being adopted across the board, cybercriminals have devised a way to circumvent this security measure with a simple technique. By leveraging the easy security questions that mobile providers ask users when they wish to swap operator but maintain their phone number, threat actors are able to impersonate unsuspecting victims by effectively stealing their mobile number. One study conducted by researchers at Princeton found that North American prepaid telecom companies, in most...

Tim Mackey, Principal Security Strategist for the Synopsys CyRC (Cybersecurity Research Centre): Politicians, be weary of digital assistants Cyber-attacks on 2020 candidates will become more brazen. While attacks on campaign websites have already occurred in past election cycles, targeted attacks on a candidate’s digital identity and personal devices will mount. With digital assistants operating in an “always listening” mode, an embarrassing “live mic” recording of a public figure will emerge. This recording may not be...

This week, the Labour Party reported a "sophisticated, large scale cyber attack" hitting its digital platforms. What is believed to have been a Distributed Denial of Service attack was blocked by the party's cybersecurity systems. The Labour Party reported the attack to the National Cyber Security Centre, and the party leader, Jeremy Corbyn, admitted to the Independent that the event made him "very nervous" about the upcoming elections. Here's what cybersecurity experts had to say...

One Identity, the identity-centered security specialist, has released new global research, conducted by Dimensional Research, revealing the significant prevalence and impact of cyberattacks that use stolen hashed administrator credentials, also referred to as Pass the Hash (PtH) attacks. Among the survey’s most noteworthy findings is that 95% of respondents say that PtH attacks have a direct business impact on their organisations. The study of more than 1,000 global IT professionals reinforces the crucial need for...

Navisite, a part of Spectrum Enterprise, the enterprise-focused arm of Charter Communications, Inc., and Alert Logic, the SIEMless Threat Management™ company, today announced the availability of an enhanced, fully integrated portfolio of Managed Threat Detection and Remediation services for enterprise cloud clients. Navisite is leveraging Alert Logic’s award-winning SIEMless Threat Management platform to expand security offerings for clients. Alert Logic’s platform is tightly integrated in Navisite’s managed security service, enabling automated threat monitoring and remediation,...