This Week's Gurus

Owen Pendlebury, Global Board of Directors at OWASP Foundation     Threats to the application layer is not a new thing, but it has been becoming more and more prevalent over the past number of years. The rise in attacks stems from the increase in high-value data being stored in constantly changing environments. Akamai found the number of application attacks grew by 63% in 2017, while 73% of security incidents flagged by Alert Logic were...

Written by Rick McElroy, Security Strategist at Carbon Black Over the weekend, another cryptocurrency exchange was breached. This time it was “only” $40 million” in cryptocurrency. However, as a result cryptocurrencies overall lost more than $40 billion in value following the attack. That’s not a typo - a $40 million heist cost the market more than $40 billion dollars. Such is the nature of the new Wild West, where cryptocurrency is front and centre in...

Whilst data breaches can result in substantial fines that can hit company finances hard, they have many, often more immediate, impacts. Businesses that do not respond quickly and decisively at the first sign of a data breach will find themselves constantly struggling to play catch-up. This means that when the fine hits they are often in such a weakened state that they cannot recover. The brutal truth is that 66% of small to medium businesses...

It wasn’t too long ago when different banking malware competed for victims, often seeking out and uninstalling one another upon compromising machines. Now, in what may indicate a shift toward more collaboration among cybercrime groups, the operators of the “IcedID” and “TrickBot” banking Trojans appear to have partnered and are likely sharing profits, based on operation details. Flashpoint analysts recently examined samples that indicate computers infected with IcedID are also downloading TrickBot, a prolific piece of banking malware that analysts consider to...

By Ronald Sens, EMEA Director, A10 Networks Enterprises face a dilemma when it comes to defence against today’s modern DDoS attacks: do they trust the surgical precision of an on-premise DDoS protection solution or go with a DDoS cloud scrubbing solution? It’s a tough decision for IT managers to make, as whichever option chosen will be the companies way of protecting themselves from cyberattacks. But, why even choose between the two? When it comes to...

Written by Paul Darby, Regional Director - EMEA, Vidder When VPNs were first developed back in the 1990s, the idea was to extend the LAN to employees' home offices and hotels as they hit the road. This meant giving employees remote access to everything their company network had to offer—just as if they were working on the internal network. Then, when companies began outsourcing work and bringing ecosystem partners onto their networks, the remote access...

Tyler Moffitt, Senior Threat Research Analyst at Webroot Last year saw an unprecedented rise in the popularity of cryptocurrency, as the value of the currency soared across the market. In September 2017, CoinHive debuted a Javascript code to mine the cryptocurrency Monero, as an alternative means for website owners to generate revenue without using ads. Visitors to the site would opt into mining Monero using the power of their CPU. However, cybercriminals keen to monetise...

If recent cyber-attacks are anything to go by, cyber-criminals are capable of causing colossal damage to organisations of all sizes. With vital public services such as the NHS succumbing to attacks, it seems that nothing is off the table when it comes down to cyber-criminals deciding who to target. However, according to some reports, the C-suite isn’t sweating over the potential of an attack or the financial fallout if such an attack is successful.  ...

There are many threats to enterprise cyber security with most coming from external threat actors. One of the most overlooked threats that companies are not safe from is insider threats. Security professionals are constantly being warned about insider threats and in A10 Networks AIR report earlier this year almost half (48 percent) of IT leaders say they agree or strongly agree that their employees do not care about its security practices. With companies aware of...

We are now less than 48 hours away from the Europe's General Data Protection Regulation (GDPR) becoming enforceable on 25 May. And unless you’ve been living under a rock for the last two years, you don’t need me to tell you that this new regulation promises to put power back into the hands of consumers, giving them more control over how their data is used.   Yet with so little time left to become GDPR compliant, what...