Category: IT SECURITY GURU

Have you heard of the term HTTP Request Smuggling? What about HTTP/2 Downgrading? Well, these are vulnerabilities that can be exploited by cybercriminals when there are issues between the front-end and back-end of websites. If left unresolved, these can result…

Read more →

Today, API security company Salt Security has announced that it has been accepted to the Amazon Web Services (AWS) Lambda Ready Program. Salt now supports and simplifies deployments to AWS Lambda, allowing customers to capture API traffic flowing through serverless environments…

Read more →

Today, password security pros, Keeper Security have released the key findings from its latest survey about the state of cybersecurity and the burgeoning threats that are keeping cyber professionals up at night. The survey of more than 800 IT security…

Read more →

Nick Graham, Chief Technology Officer at information security software business Hicomply discusses the recent surge in interest around artificial intelligence. He explains why his company is focused on developing AI tools that deliver benefits over media buzz. There’s been a…

Read more →

Research commissioned by Cohesity, a leader in AI-powered data security and management, reveals the majority of companies are paying ransoms and breaking their ‘do not pay’ policies. The research polled from over 900 IT and Security decision-makers, 301 from the…

Read more →

This week, the National Cyber Resilience Centre Group (NCRCG) – a strategic collaboration between the Home Office, policing, academic and National Ambassador partners – has welcomed AI and analytics leader, SAS, on board as a National Ambassador. In taking up…

Read more →

In the contemporary digital era, email remains one of the most predominant forms of business communication. With its unrivalled efficiency and ubiquity, email bridges gaps between organisations and their global workforce, facilitating seamless collaboration. However, this prevalence has also placed…

Read more →

For as long as digital systems have exerted control over physical machines and their output, the need, and associated questions in how to proportionately secure them have existed. Manufacturing, agriculture, critical national infrastructure, and healthcare to name but a few,…

Read more →

Over the last four years, The Most Inspiring Women in Cyber Awards have celebrated some of most inspirational women from across the cybersecurity industry. From CISOs to students, the awards aim to celebrate everyone, no matter what stage of their…

Read more →

According to new research from ISACA, two in every five (41%) privacy professionals in Europe state their budgets are underfunded and over half (56%) expect them to decrease this year. Anticipated drops in privacy budgets come despite half (53%) of organisations…

Read more →

According to new research from ISACA, two in every five (41%) privacy professionals in Europe state their budgets are underfunded and over half (56%) expect them to decrease this year. Anticipated drops in privacy budgets come despite half (53%) of organisations…

Read more →

With Data Privacy Day coming up, we spoke to cybersecurity industry experts about the latest data privacy trends… Allon Mureinik, senior manager, software engineering at the Synopsys Software Integrity Group: “In today’s world of social media and open-source development, sharing…

Read more →

With Data Privacy Day coming up, we spoke to cybersecurity industry experts about the latest data privacy trends… Alex Hazell, Head of Legal and Privacy for Acxiom EMEA, says: “In 2024, we can no longer discuss data privacy without talking…

Read more →

Today, the award-winning Nineteen Group, who runs a number of industry events and exhibitions such as the International Cyber Expo, has announced that it has acquired The Security Awareness Special Interest Group (SASIG), a networking and thought leadership forum for…

Read more →

While tried and true tactics like phishing and malware are here to stay, there are always new approaches to watch out for in the cybersecurity space. Experian’s 11th annual Data Breach Industry Forecast includes six predictions for 2024 that focuses a global lens…

Read more →

Yesterday, the security team at Cybernews announced what will likely prove to be the largest data breach of all time. In joint effort with security researcher Bob Dyachenko, the Cybernews team found an open instance on the web containing billions…

Read more →

Cato Networks, the leader in SASE, announced the expansion of the Cato SASE Cloud platform into threat detection and incident response with Cato XDR, the world’s first SASE-based, extended detection and response (XDR) solution. Available immediately, Cato XDR utilizes the functional and operational capabilities of the Cato…

Read more →

Cyber attacks against government agencies and public sector services increased by 40% in the second quarter of 2023 compared to the first, a new report by KnowBe4 has highlighted. The Cybercrime in the Public Sector report examines the most popular…

Read more →

Today, password pros Keeper Security have announced a partnership with St. Anna Children’s Cancer Research Institute (St. Anna CCRI), a renowned Austrian healthcare institution based in Vienna. St. Anna CCRI is a renowned paediatric cancer research institute. Keeper will provide…

Read more →

Password managers have become integral tools for individuals and businesses alike. They are primarily known for securely saving and managing login credentials so users don’t have to remember them all or write them down, where they could be compromised. However,…

Read more →

Almost 71 million email addresses linked to compromised accounts from the Naz.API dataset have been incorporated into the data breach notification service of Have I Been Pwned. The Naz.API dataset, consisting of 1 billion credentials, is an extensive compilation derived…

Read more →

Zero-trust and zero-knowledge pros, Keeper Security, have introduced support for hardware security keys as a single Two-Factor Authentication (2FA) method. Implementing user authentication with only a hardware security key enhances overall security by providing a robust physical second factor, mitigating…

Read more →

New research conducted in the UK and US reveals that over three-quarters (78%) of cybersecurity and IT professionals believe a traditional university education in cybersecurity is not doing enough to prepare graduates for the modern workforce. Meanwhile, nearly two-thirds (64%)…

Read more →

Today, API security company Salt Security has announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt Security API Protection Platform. Salt leapfrogs traditional posture management by providing the industry’s first API posture governance…

Read more →

The nominations for the 4th annual Most Inspiring Women in Cyber Awards, sponsored by BT and hosted by Eskenzi PR, have opened. The event, to be held on the 27th February 2024 at the BT Tower in London, will honour…

Read more →

Closed Door Security, a leading provider of attack-driven cyber security assessments, today announced its CEO and founder, William Wright, has just been awarded with a Chartership in Cyber Security, turning the company into Scotland’s most highly accredited cyber security firm.…

Read more →

For many years, the cryptocurrency industry has waited with bated breath for the U.S. Securities and Exchange Commission (SEC) to finally approve Bitcoin ETFs. Finally, on Wednesday the SEC granted this wish, announcing the approval for “a number of spot…

Read more →

Gotham Security, an Abacus Group company providing high-quality boutique cybersecurity services, has announced that its research team recently discovered two vulnerabilities in ConnectWise ScreenConnect, saving tens of thousands of enterprises from the possible consequences of a significant cyber-attack. ConnectWise ScreenConnect…

Read more →

Today. Keeper Security has announced Granular Sharing Enforcements for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organisations can ensure employees only have access…

Read more →

Cato Networks, the leader in SASE, announced that Kanwar Loyal has been named Vice President for the SASE leader’s Northern Europe and Middle East & Africa (MEA) regions. Loyal joins Cato from CrowdStrike, where he spent the past six years in…

Read more →

The DNA testing company 23andMe has had a rough few months – first reported in October that data had been breached – and now, the response to those breaches due to customers taking legal action against the company. In an…

Read more →

We know that burnout is a problem for many people across the cybersecurity industry. We also know that in order to be the most secure we can be, we have to support those who secure us, whether that’s through burnout…

Read more →

Mobile faxing is experiencing a significant surge in popularity, driven by both businesses and individuals seeking paperless alternatives. Unsurprisingly, many are now opting for mobile fax apps. If you’re an iPhone user on the lookout for a mobile fax app,…

Read more →

Swarming or DDoS attacks pose a threat to streamers. Multiple devices flooding your internet connection with traffic can cause slowdowns or crashes. A reliable VPN provider always maintains a DDoS-protected server. Your data goes through a secure server, making it…

Read more →

With Christmas fast approaching, many of us will be hoping to find some new tech under the tree. From innovative gadgets that spark creativity to interactive devices that bring families together, tech toys can add an extra layer of excitement…

Read more →

As 2023 draws to a close, it’s time for cybersecurity experts to gaze into their crystal balls and predict what the next year has set in store for the security industry. In the first part of our predictions round-up experts…

Read more →

Today, Zero Trust Privileged Access Management (PAM) platform cyberelements have launched their Managed Security Provider (MSP) Program enabling partners to increase revenues and deliver a pioneering Zero PAM platform that is set to transform how organisations secure access for standard…

Read more →

For attackers, Sun Tzu’s “The Art of War” has guidance on war strategy. For starters, “All warfare is based on deception. Hence, when able to attack, we must seem unable; when using our forces, we must seem inactive; when we…

Read more →

Have you ever wondered who keeps our online world safe from all the bad guys? The heroes who do this have a special kind of training – they have a Master’s degree in something called Cyber Security.  It’s like being…

Read more →

According to Gartner’s projections, by the close of 2024, more than 40% of enterprises are expected to have well-defined strategies for Secure Access Service Edge (SASE) adoption. This is a substantial leap from the mere 1% reported in 2018. Cato,…

Read more →

Today, BT and Netskope have announced a partnership to bring Netskope’s Security Service Edge (SSE) capabilities to BT’s global customers. The partnership follows a number of large customer implementations where the two companies have already collaborated to successfully meet the…

Read more →

Email is the most common attack vector for cybercriminals, in fact the overwhelming majority (94%) of malware-related security incidents are delivered via email. It’s no surprise that email security is at the forefront of many business leader’s minds. In any case,…

Read more →

Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model (BSIMM) report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across various industries such as cloud, financial services,…

Read more →

A new report by zero-trust and zero-knowledge cybersecurity software providers Keeper Security has found that over 80% of IT leaders (82%) want to move their on-premises Privilege Access Management (PAM) solution to the Cloud. The findings were outlined in a…

Read more →

Today, intelligence powered cybersecurity pros Centripetal have announced that their patented cybersecurity threat solution is available for the first time ever across the UK as a result of its strategic partnership with Tiger. Centripetal’s innovative technology is currently deployed by…

Read more →

Today marks the day when Google makes good on its new policy to reserve the right to delete inactive accounts after two years of inactivity. The company defines activity as “actions you take when you sign in or while you’re…

Read more →

According to a new Cyber Security Insights Report by S-RM, in 2023, the average cyber budgets grew to USD 27.10 million, up 3.1% from USD 26.30 million in 2022. S-RM’s research shows that senior IT professionals and their c-suites had…

Read more →

Jeremy Hunt, the Chancellor of the Exchequer for the UK, delivered his Autumn Statement of 2023 on November the 22nd to Parliament. In this statement, he outlined the government’s five economic priorities for the upcoming forecast period. These include reducing…

Read more →

According to research by the Chartered Institute of Information Security (CIISec), cybersecurity professionals report that the industry is “booming”, but 22% of staff report to work unsafe hours. This research, revealed in the Security Profession Survey 2022-2023, gives an insight…

Read more →

At the IT Security Guru we’re showcasing organisations that are passionate about making cybersecurity a healthier, more mindful industry. This week, Gemma Gilderdale, Head of People at Pentest People, spoke to the Gurus about Pentest People’s innovative wellbeing support, the future…

Read more →

Let’s talk about women – and money. Today (22nd November 2023) marks the day that women effectively stop being paid for the year. Stop being paid against their male counterparts for the same work that they do – for the…

Read more →

Employee violations of an organisation’s information security policies are as dangerous as external hacker attacks according to a recent study from Kaspersky. In the last two years, 26% of cyber incidents in businesses occurred due to employees intentionally violating security…

Read more →

Today, new research from Adarma has revealed that organisations believe that they are at significant risk of cyberattacks due to stressed and exhausted staff. The report, entitled “A False Sense of Cybersecurity: How Feeling Safe Can Sabotage Your Business,” highlights…

Read more →

Today, Cato Networks, announced its recognition as a Leader in both the Frost Radar™: Global SASE, 2023 by Frost & Sullivan and the Market Radar: SASE 2023 by Omdia. “Once again, Cato Networks and our cloud-native SASE platform have been…

Read more →

This week, Lookout, Inc., is warning employees and businesses that phishing attacks across enterprise and personal devices are expected to more than double this week, based on historical data. With more corporate data residing in the cloud today and an…

Read more →

New research by Outpost24 has revealed that malware developers are using sandbox evasion techniques to avoid exposing malicious behaviour inside a sandbox where malware is analysed by security researches. Outpost24’s threat intelligence team, KrakenLabs, discovered that malware developers are using trigonometry to…

Read more →

Cybersecurity professionals stand on the frontlines, ever-vigilant against an increasing tide of cyber threats. From protecting sensitive corporate data to safeguarding our personal information, the battle against cybercrime is ongoing. In today’s digital era, cybercriminals are becoming more sophisticated and…

Read more →

With the ever-growing threat of cyberattacks on the UK government and Critical National Infrastructure cyber safety matters more than ever. With the rising tide of ever-resent threat in mind, GovAssure was launched by the UK government in April 2023. It’s…

Read more →

Specops Software, an Outpost24 company, have released new research about bcrypt-passwords – and how easy (or not) they are to crack. This research follows previously released data on how long it takes attackers to brute force MD5 hashed user passwords with…

Read more →

Artificial intelligence (AI) technology functions in a manner that helps ease human life. Through AI-enabled systems, different industries have been able to minimize human error and automate repetitive processes and tasks while smoothly handling big data. Unlike humans, who are…

Read more →

Today, intelligence-powered cybersecurity pros Centripetal have announced a strategic partnership with Renaissance, the leading Irish value-added distributor in Ireland. This collaboration marks a significant milestone in bolstering Ireland’s cybersecurity landscape and underscores the commitment to combating the rising tide of…

Read more →

Security awareness and training company SoSafe has announced the launch of the next-generation of personalised learning. The news was revealed at their Human Firewall Conference earlier this week. This latest innovation aims to make secure behaviour second nature for humans. …

Read more →

Today, Synopsys has released its 2023 Software Vulnerability Snapshot report, showcasing a notable decline in vulnerabilities within target applications. The Synopsys Cybersecurity Research Center (CyRC) analysed the data, revealing a decrease from 97% in 2020 to 83% in 2022. This…

Read more →

Today, threat intelligence powered cybersecurity pros Centripetal have  launched their partner program to protect organisations around the world by operationalising threat intelligence to safeguard them from every known cyberthreat.  The Centripetal Global Partner Program gives organisations the opportunity to implement…

Read more →

During the Black Friday and Cyber Monday sales this year, Brits plan to spend an estimated £3 billion, with over half of UK adults (51%) planning to splash the cash over the holiday weekend. But it’s not just a lucrative…

Read more →

As I step out of our London office at lunchtime, I’m bombarded with establishments that promote ‘wellness’ in their description. From the £12 salad bar to the yoga and meditation studio, the nail salon to the library, I’m faced with…

Read more →

The fourth annual State of Data Security Report by Immuta highlights the current state of data security amid organisations’ rapid adoption of artificial intelligence (AI) and generative AI tools. The report found that most executives (88%) say that their employees…

Read more →

Cybersecurity training company CAPSLOCK and BAE Systems, a global leader in defence, aerospace and security solutions, have launched a new partnership, designed to provide learners with the knowledge and hands-on experience they need to join the UK’s growing cybersecurity sector.…

Read more →

Netskope have unveiled their Next Gen SASE Branch, a major step forward in infrastructure that uses Netskope’s award-winning Borderless SD-WAN to transform how organisations manage their most critical networking and security functions and optimise enterprise branches everywhere. In today’s digital…

Read more →

On November 8th, the Industrial and Commercial Bank of China (ICBC) was impacted by a ransomware attack that disrupted a subset of their Financial Services (FS) systems. ICBC is China’s largest bank with the Financial Services unit based in New…

Read more →

Outpost24 has made significant updates to its offering with the release of Threat Explorer, an advanced vulnerability intelligence and custom alerting tool for continuous threat monitoring. The new module, available as a part of the Threat Compass threat intelligence solution,…

Read more →

Electric Ireland, an Irish utility company, released an announcement confirming that 8,000 customer accounts containing personal and financial information may have been compromised.  Though the exact details of the breach are unknown, the statement explained that “Electric Ireland is aware…

Read more →

Salt Security, the API security company, has been named the winner of the API Security category in the 2023 CISO Choice Awards. Judged by a panel of distinguished CISOs at large organisations across the world, the CISO Choice Awards honour…

Read more →

On 17th November a record number of Year 8 schoolgirls, government cyber specialists and business leaders will gather at one the UK’s leading cyber hotspots, for what will be the largest ever cybersecurity workshop in the UK. Now in its…

Read more →

Keeper Security, a provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, has announced that Keeper Secrets Manager (KSM) can now be integrated with ServiceNow. This integration enables enterprises to manage and protect…

Read more →

Bitwarden has introduced a ground-breaking feature: passkey management. This innovation empowers every Bitwarden user to create, handle, and securely store passkeys within their vaults. With the Bitwarden web extension, users can effortlessly and securely access passkey-enabled websites. These synchronised passkeys…

Read more →

CyberArk has announced that Glasgow Caledonian University (GCU) has selected the CyberArk Identity Security Platform to power its mission-critical identity and access management modernisation initiatives and improve security for its more than 27,000 staff and students. The top-performing modern university…

Read more →

In the UK on November 5, we celebrate ‘Guy Fawkes Night’ or ‘Bonfire Night’ often with fireworks and bonfires. Yet, had Guy Fawkes and his conspirators succeeded with the Gunpowder Plot in 1605 to kill King James I and his…

Read more →

“Agility” has been quite a buzzword recently. You will likely find it on most companies’ 5-year plan slide decks. Yet, there is one area where the ability to adapt quickly and efficiently makes a lot of sense -cryptography. In an…

Read more →

Boeing, the American multinational corporation most known for the manufacturing of aircrafts, rockets, satellites, and missiles, has confirmed a cyber breach on their systems. Last week, the infamous and prolific ransomware gang, LockBit, announced that “a tremendous amount of sensitive…

Read more →

Today, Keeper Security has announced its new relationship with Ingram Micro, Inc. to distribute its products to value-added resellers and technology solutions providers in the United Kingdom, Germany, Belgium, Netherlands and Luxembourg. The relationship with Ingram Micro, a global leader…

Read more →

Today, Dragos Inc., cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments specialists, have announced the expansion of its combined capabilities in partnership with Rockwell Automation, the world’s largest company dedicated to industrial automation and digital transformation. With this expansion,…

Read more →

New research conducted by e2e-assure indicates that a significant proportion of mid-sized companies, approximately 59%, express diminished confidence in their ability to detect cyber threats. This contrasts with just over half of enterprises, where 52% share this concern. Ensuring robust…

Read more →

Version 1, a leading digital transformation partner and The National Museum of Computing (TNMOC), home to the world’s largest collection of working historic computers, today announced the brand new TNMOC Mate application, designed to transform the museum’s visitor experience for…

Read more →

Today, Lookout, Inc. announced enhancements to its Lookout Cloud Security Platform that are designed to help organisations better discover, assess, and protect their data as it moves across any network, from the endpoint to the cloud. These enhancements provide organisations…

Read more →

Halloween season is here, which means carving pumpkins, trick or treating, planning costumes, sneaking the kids’ candy and scary movies, of course. However, one of the scariest threats facing individuals and businesses alike this spooky season is phishing scams. Much…

Read more →

Ah, the Internet: a treasure trove of memes, cat videos, and—let’s be honest—some stuff you’d rather keep under wraps. Security is crucial, but let’s face it, a password like “Fluffy123” won’t fool anyone for long. So how do you beef…

Read more →

cyberelements, the Zero Trust Privileged Access Management (PAM) platform, today announces its strategic partnership with leading technology distributor, ABC Distribution heralding a new era in access security across Europe and beyond. cyberelements’ pioneering Zero PAM platform is set to transform…

Read more →

CREST and IASME are delighted to announce their partnership with the NCSC to help deliver its new Cyber Incident Exercising scheme. The NCSC (National Cyber Security Centre) has created the scheme to help organisations find high quality providers that can…

Read more →