Security
-
Blog
AI tools are growing in popularity at enterprises, but not all of them are approved by employers – and that’s a serious problem for IT and security leaders
Almost half of UK workers admit to using non-approved AI tools without their employer’s knowledge, according to new research. The use of shadow AI, described in the report as ‘bring your own AI’ (BYO-AI), is contributing to overall AI use, with more than two-thirds of employees now using AI tools regularly at work. According to data from Owl Labs’ annual…
Read More » -
Blog
UK Cyber Risks Are ‘Widely Underestimated,’ Warns Security Chief
In his first speech on Tuesday, the new head of the U.K.’s National Cyber Security Centre warned that the country’s cyber risks are “widely underestimated.” Richard Horne, who took the position in October, says that hostile activity has “increased in frequency, sophistication and intensity,” largely from foreign actors in Russia and China. He highlighted the ransomware attacks on the British…
Read More » -
Blog
Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security?
The head of security advocacy at Datadog, a cloud-based monitoring and analytics platform, has urged enterprises in Australia and the APAC region to accelerate phasing out long-lived credentials for popular hyperscale cloud services, warning that they remain a serious data breach risk. Speaking with TechRepublic, Andrew Krug highlighted findings from Datadog’s State of Cloud Security 2024 report, which identified long-lived…
Read More » -
Blog
The open source community relies on a loyal army of committed developers – but their security practices are putting the whole ecosystem at risk
Insufficient security on individual developer accounts maintaining some of the most popular packages poses a significant threat to the open source community and beyond, according to a report from the Linux Foundation. The Linux Foundation Census is the third report of its kind looking into the widespread use of free and open source software (FOSS), aggregating data from over 12…
Read More » -
Blog
If you want security, start with secure products – Computerworld
If you want security, start with security The report explains: “Organizations don’t need more security products; they need more secure products. That’s one of the key takeaways from our new global cyber security survey. The research reveals that incremental security fixes no longer work. In fact, the more security tools an organization throws at the problem, the worse it gets.” Supporting that argument,…
Read More » -
Blog
Data brokers may be banned from selling your social security number
In the wake of high-profile hacks affecting hundreds of millions of Americans, the Consumer Financial Protection Bureau (CFPB) is proposing a rule limiting data brokers’ ability to sell Americans’ sensitive personal and financial information. Under the proposed rule, data brokers that sell information about consumers’ income, credit history, credit score, or debt payments would be considered consumer reporting agencies. As…
Read More » -
Blog
Nucleus Security launches revamped partner program
Unified vulnerability management specialist Nucleus Security has reinforced its channel-first strategy with the launch of an expanded partner program. Building on its existing initiative, the revamped Nucleus Security Partner Program (NSPP) now features a tiered structure with corresponding requirements and benefits, as well as a brand-new certification program and partner portal. The firm has also expanded its channel team to…
Read More » -
Blog
A security researcher stumbled upon 600,000 sensitive files left in the open by data broker
A large database containing sensitive information collected by a data broker was left in a publicly accessible cloud container without basic protections, a security researcher has revealed. Jeremiah Fowler recently discovered a non-password protected database that held more than 600,000 records belonging to SL Data Services (Propertyrec). SL Data Services is a background check company that offers a range of…
Read More » -
Blog
Zello asks users to reset passwords after security incident
Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach. Zello is a mobile service with 140 million users that allows first responders, hospitality services, transportation, and family and friends to communicate via their mobile phones using a push-to-talk app. Over the past two weeks, numerous people…
Read More » -
Blog
10 steps to smarter Google account security – Computerworld
Google’s Inactive Account Manager is like a virtual estate planning tool for all of your account-associated data. JR Raphael / IDG Even if you’ve gone through this process before, it’s worth going back in and revisiting your preferences occasionally to confirm the info is all still complete and accurate — not only in the specific contacts you have set to…
Read More »