Security News

Synopsys, Inc. has released its 2021 Open Source Security and Risk Analysis (OSSRA) report, which examines the result of more than 1,500 audits of commercial codebases. Produced by  the Synopsys Cybersecurity Research Center (CyRC) and performed by the Black Duck® Audit Services team, the report highlights trends in open source usage within commercial applications, while simultaneously providing insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of. It also presents the widespread risks posed by unmanaged open source, including security vulnerabilities, outdated or abandoned components, and license compliance issues.  Open source software provides the foundation for the vast majority of applications across all industries. Unfortunately, these industries, to varying degrees, are struggling to manage the associated risk. As a matter of fact,...

It has been revealed today that social media platform LinkedIn is the latest to suffer a website scraping attack at the hands of cyber criminals. Data belonging to over 500 million of its users has been posted online and is reportedly being sold to hackers. The news comes only days after it was revealed that over half a billion Facebook users had their data posted online following website scraping. Facebook has been downplaying the incident...

As 2020 concluded, it was widely accepted that remote working was here to stay. In fact, 60% of the UK workforce have transferred to a remote model during the first lockdown, and the trend will likely continue long after the pandemic as workers come to expect more flexibility from their employers. However, while this may prompt office workers around the world to celebrate the death of the morning commute, there is a darker side to remote working. According...

Hitachi Europe limited and My1Login have announced a Technology Partnership to deliver enhanced security solutions to address one of the cybersecurity industry’s most compelling challenges – passwords. The combined solution optimises security and convenience whilst enabling a significant ROI as a result of a number productivity and efficiency benefits. The two companies will deliver solutions utilising Hitachi’s VeinID Five product together with My1Login’s Identity and Access Management software to eliminate the need for passwords in...

A new artificial intelligence technique has been created to protect medical devices from malicious operating instructions in a cyberattack as well as other human and system errors. Tom Mahler, a researcher at Ben-Gurion University of the Negev, Israel, presented his research, “A Dual-Layer Architecture for the Protection of Medical Devices from Anomalous Instructions” on August 26 at the 2020 International Conference on Artificial Intelligence in Medicine (AIME 2020). Complex medical devices such as CT (computed...

Next-Gen SIEM provider, Securonix has announced availability of its SearchMore functionality that helps operations teams better detect and respond to threats that bypass preventative and detection controls. The company states that "SearchMore delivers the industry’s first Community-Powered Threat Hunting capability and provides the ability to search on real-time, streaming data, as well as long-term data." CEO Sachin Nayyar elaborated: “This is a huge step in cybersecurity monitoring. With a combination of cloud-native and big data...

Lindy Cameron, the first woman CEO of the National Cyber Security Centre – a public facing division of GCHQ and primary technical authority on cybersecurity - is replacing its first CEO, Ciaran Martin, when he steps down on 31 August. Cameron will then formally become CEO in October following a handover period. Cameron has excellent credentials for the role with more than twenty years’ experience in national security policy and crisis management. These include responsibility...

Following on the success of last year’s global report, KnowBe4 has today released the findings of ‘The 2020 What Keeps You Up at Night Report”. This year, KnowBe4 delves into the issues that specifically trouble UK-based organisations and IT experts, including attack types, security initiatives as well as organisational constraints. An in-depth analysis examined just how prepared these organisations are in managing such cyber threats, risks and concerns.   The report compiled information gathered from...

A brand-new Insider Threat Report authored by Shareth Ben, director of insider threat and cyber threat analytics at Securonix has found that employees deemed “flight risks” are linked to around 60% of the insider threat incidents detected. Ben explained in the report that flight risks are those employees about to terminate employment with the company for various reasons and can be determined by Securonix’s advanced user behaviour analytics. The Securonix Threat Research Team analysed hundreds...

In the span of a couple months, the world as we knew it was turned upside-down. As scientists across the globe conduct experiments in search of the COVID-19 vaccine, the labour market has found itself within its own experiment. That is, the experiment of remote working on a massive scale.   In an effort to slow down the spread of the virus, millions of employees around the world are being told to write their emails, compile their spreadsheets, and hold their meetings from the confines of their dining room...