News

OneLogin has announced the launch of its Delegated Administration offering, which enables organizations to adopt the Zero Trust principle of least privilege access. By empowering IT administrators to easily delegate access on a granular level, organizations can balance productivity requirements with the need to aggressively protect their organization against security threats. OneLogin’s Delegated Administration tool allows organizations to adopt the principle of least privilege access to enable their Zero Trust framework. Organizations can improve their...

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has revealed the results of its Q2 2021 top-clicked phishing report. There has been a significant rise in phishing email attacks related to HR topics, particularly regarding new policies that would affect all employees throughout organisations. Real phishing emails that were reported to IT departments related to security-minded users about password checks continue to remain popular. One subject area that has...

Passwords are the first line of defense when it comes to digital security. For most businesses, each employee is going to have at least one username and password that they need to remember. In many cases, there will be many. This is, of course, is in addition to all of their personal accounts and passwords which are sometimes used on the same device as their work accounts.   With this in mind, it should come as no surprise that somewhere between 20% and 50% of calls...

Researchers at Armis, the unified asset visibility and security platform provider, have disclosed the discovery of an authentication bypass vulnerability in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can lead to remote-code-execution (RCE). The vulnerability, dubbed Modipwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models from the Modicon series. Millions of devices use these PLCs and are now deemed to be at...

Of the 73% of security professionals with responsibility for the security of public cloud who operate in a multi-cloud environment, 98% think these more complex environments pose greater security challenges, a survey conducted for Tripwire by Dimensional Research reveals.   Organizations have a wide range of reasons for going multi-cloud, including meeting varying business needs, running certain applications, distributing risk, taking advantage of cost savings, and to provide redundancy in the event of downtime. In the industrial space specifically,...

This week, news broke that the Financial Counduct Authority (FCA) has issued a warning to Binance, the world's biggest cryptocurrency exchange. The ruling stated that firm cannot conduct any "regulated activity" in the UK, while also advising people to be wary of adverts promising high returns on crypto investments. Binance said the FCA notice would have no "direct impact" on the services it provides from its website Binance.com. Binance's existing crypto exchange is not UK-based...

The liquid software company, JFrog has announced its intention to acquire Vdoo Connected Trust Ltd. (“Vdoo”). The company plans to accelerate its efforts to provide an industry-leading security offering to support DevOps users as they respond to the disruption in the market for continuous software delivery. As part of the JFrog Platform, Vdoo will accelerate JFrog’s vision of becoming the company behind all software updates and creating a world of Liquid Software by expanding its...

Europe’s Top Insurance Providers have been found to have security weaknesses within their web application architecture, according to the latest research by Outpost24. The 2021 Web Application Security for Insurers Report analysed the web applications of the top 10 European insurance providers, as listed by ADV Rating, and found that every insurer had some degree of vulnerability or security weakness. In fact, it was discovered that the top EU insurers run a total of 7,611 internet exposed web applications over 1,920 domains, with 3% of them considered suspicious (e.g. testing...

This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online. On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its systems were suffering an attack, but that the company was doing its best to remediate the damage. The message also...

Sony has reportedly faced a security breach which resulted in millions of PS3 IDs being leaked to the hackers. This is thought to be the reason behind lots of PS3 users reporting in the PSN forums that they were banned for no reason whatsoever, according to reporting from Sportskeeda. While there is not enough evidence to ratify the claim, it does not seem too far-fetched considering the circumstantial evidence at hand. There has been a...