Research

As a result of a demanding market, developers have often foregone security for speed with security teams typically tagged on at the very end of the development lifecycle. This, however, is an unsustainable, if not unacceptable stance, in today’s environment. The future requires organisations to integrate security from the beginning when the application is built. They need to be able to adapt efficiently to protect new architectures as well as consistently improve on performance. Those...

Entersekt has released results of its State of Online Shopping Report that examined the shopping habits of 1000 UK consumers since the start of the COVID-19 pandemic. Carried out by Censuswide and completed on the 6th November 2020, the study looked at consumers’ shopping behaviours, priorities when shopping online, how they make their decisions on where to shop online as well as their attitudes towards security and fraud.   The report gives retailers and Financial...

Edgescan's Senior Security Consultant Guram Javakhishvili has discovered several vulnerabilities across a number of popular applications. Some of these are not yet publicly available. As soon as the vendor implements the fixes, those issues will also be added to this list and article will be updated accordingly. CMS Made Simple 2.2.13 CMS Made Simple is a Content Management System that was first released in July 2004 as an open source General Public License (GPL) package....

The past few days has seen the resurgence of Emotet, a dangerous email threat vector that aims to steal sensitive and financial information. ZIX, the cybersecurity company that specialises in email security has uncovered a worrying trend that could lead to users falling victim to cybercriminals seeking to exploit the uncertainty of these precarious times by stealing money from unwitting and undersecured users. This instance of financial-stealing malware is appearing again after five months under...

Following on the success of last year’s global report, KnowBe4 has today released the findings of ‘The 2020 What Keeps You Up at Night Report”. This year, KnowBe4 delves into the issues that specifically trouble UK-based organisations and IT experts, including attack types, security initiatives as well as organisational constraints. An in-depth analysis examined just how prepared these organisations are in managing such cyber threats, risks and concerns.   The report compiled information gathered from...

You only have to read the news on this very website to find countless stories of instances where companies have inadvertently left a database exposed on the web - it’s every security professional’s worst nightmare.   Researchers at Comparitech, who will often be the source of finding these misconfigured databases to alert the unsuspecting company, decided to set up a honeypot experiment to see just how little time it would take before such a database...

Nearly half (48%) of the UK public surveyed about the NHSX COVID-19 tracing app do not trust the UK government to keep their information safe from hackers. This is according to a study carried out by Censuswide on behalf of Anomali, a leader in intelligence-driven cybersecurity solutions. The nation-wide survey, released today, examined consumer attitudes to the proposed tracing app, particularly their confidence and wider trust in the government to appropriately and justly handle the data collected for the scheme.   Other major findings from the report include:  Around 43% of respondents were...

A brand-new Insider Threat Report authored by Shareth Ben, director of insider threat and cyber threat analytics at Securonix has found that employees deemed “flight risks” are linked to around 60% of the insider threat incidents detected. Ben explained in the report that flight risks are those employees about to terminate employment with the company for various reasons and can be determined by Securonix’s advanced user behaviour analytics. The Securonix Threat Research Team analysed hundreds...

As organisations rapidly adapt to a virtual business model and remote workforce, as a result of COVID-19, it has become even more challenging to identify and mitigate cyber threats. Therefore, the survival of a business, and its wider industry, could depends on its overall cybersecurity maturity and alignment to security best practises.   AT&T Cybersecurity partnered with the Enterprise Strategy Group (ESG) in order to assess organisations’ postures across the five foundational cybersecurity functions of the NIST...

Verizon published today its yearly Data Breach Investigation Report, based on real-world data from 41,686 security incidents and 2,013 data breaches provided by 73 data sources, both public and private entities, spanning 86 countries worldwide. The report provides a most useful snapshot of the current state of the fight against cybercrime, and highlights not only the weaknesses in organisations' approach to security, but also the areas where cybercriminals seem to be focussing their efforts. IT...