Category: IT SECURITY GURU

New API Report Shows 400% Increase in Attackers

Today Salt Security have released the findings from their latest Salt Labs State of API Security Report, Q1 2023, which found that there has been a 400% increase in unique attackers (over 4800) in the last six months. The report…

New Research Examines Traffers and the Business of Stolen Credentials

Today, Outpost24 released a new report revealing the underground operation of Traffers, cybercriminal organisations reshaping the business of stolen credentials. The Rising Threat of Traffers report, compiled by Outpost24’s Threat Intelligence team, KrakenLabs, provides a deep dive into the credential…

Cymulate’s 2022 Cybersecurity Effectiveness Report reveals that organizations are leaving common attack paths exposed

Cymulate, the leader in cybersecurity risk validation and exposure management, today released the company’s “2022 Cybersecurity Effectiveness Report” which analyzed the results of over a million security posture validation assessments, including 1.7 million hours of offensive cybersecurity testing within Cymulate’s production environments. The report…

Fortune 500 Company Names Found in Compromised Password Data

New research released by Specops Software outlines the most common Fortune 500 company names that show up in compromised password data. The Specops research team analysed an 800 million password subset of the larger Breached Password Protection database to obtain these…

Ferrari Data Breach: The Industry has its say

Apparently, the team at Ferrari may not have been up to speed with the latest ways to ensure your security is top priority. It was announced on Monday via a statement uploaded to their website that Ferrari was “recently contacted…

How Emerging Trends in Virtual Reality Impact Cybersecurity

As information technology continues to evolve, more and more people are penetrating cyberspace. Most organizations, companies, individuals, and even governments are now doing their activities in the digital world. This allows them to enjoy great benefits such as instant access…

TikTok to be banned from UK Government Phones

The UK has announced a ban on TikTok on government phones, becoming the latest country to have banned the Chinese-owned video app over raised security concerns. The microscope has been on TikTok in recent months and has come under increased…

Guild Education controls API abuse with Salt Security

Salt Security, the API security company, is working with Guild Education, the leader in opportunity creation for America’s workforce, to implement the Salt Security API Protection Platform to secure its growing application programming interface (API) ecosystem. Guild relies on APIs…

Nine In 10 £5m+ Businesses Hit By Cyber Attacks

Almost nine in 10 UK businesses turning over more than £5 million annually have experienced a cyberattack, according to new research from Forbes Advisor. The study questioned senior decision makers across a range of UK small and medium-sized enterprises (SMEs), finding…

Why API Security is a Growing Concern for UK Companies

APIs are everywhere. They power the web applications that connect today’s digital world, and their use will only continue to grow as more organisations adopt digital transformation initiatives and shift towards cloud-based solutions.    This API sprawl presents major security…

WH Smith personnel details targeted in cyberattack

High street stationery and book retailer WH Smith disclosed it has been the target of a cyberattack affecting employee and personnel data. It stresses that customer accounts and databases were not affected by the attack as they are stored on…

The future of cyber insurance

Cyber insurers are losing money. Their loss ratios – total claims plus the insurer’s costs, divided by total premiums earned – are now consistently above 60%, which presents something of an existential threat to the insurance industry, making cyber risk…

Synopsys report reveals dramatic growth in open source use

Now in its 8th edition, the Synopsys “Open Source Security and Risk Analysis” (OSSRA) report launched earlier this week. The 2023 OSSRA report examines the results of more than 1,700 audits of commercial and proprietary codebases involved in merger and acquisition transactions…

CyberSmart Raises £12.75m in Series B Funding Round

CyberSmart has announced the completion of its Series B funding round, raising an additional £12.75 million following its initial Series A investment of over £8 million.  Oxx led the oversubscribed round, with participation from British Patient Capital, Legal & General Capital and Solano…

Salt Security Thrives in the Channel

Salt Security has increased signed partners and deal registrations as global enterprises accelerate adoption of dedicated API security to protect their critical digital innovation initiatives. The API security company announced it has experienced strong worldwide channel growth, expanded coverage globally…

Armis appoints Brian Gumbel as President

Armis, the asset visibility and security company that recently became cybersecurity’s newest centaur, has announced the promotion of Brian Gumbel to President with immediate effect. The company says Gumbel will provide enhanced go-to-market (GTM) strategic guidance across the entire business,…

Digital Transformation EXPO Manchester (DTX)

Digital Transformation EXPO Manchester (DTX) is the North’s biggest enterprise IT and technology event, covering the latest in cloud, infrastructure, data, DevOps and cyber security. This will be co-located with Unified Communications EXPO (UCX), the leading event on modern workplace…

Dragos Report Identifies Two New Threat Groups

Dragos have released the findings from their annual Year in Review report for 2022. The report covers the state of the industrial sectors and the threats against them. Significantly, the report disclosed the identification of two new threat groups: CHERNOVITE…

Dragos Report Identifies Two New Threat Groups

Dragos have released the findings from their annual Year in Review report for 2022. The report covers the state of the industrial sectors and the threats against them. Significantly, the report disclosed the identification of two new threat groups: CHERNOVITE…

UK second most targeted nation behind America for Ransomware

After closely monitoring the most active ransomware groups in 2022, the KrakenLabs team at Outpost24 are sharing their latest report that delves deep into the significant ransomware trends, threat groups, victim profiles, and motives behind these attacks from the past year.…

UK second most targeted nation behind America for Ransomware

After closely monitoring the most active ransomware groups in 2022, the KrakenLabs team at Outpost24 are sharing their latest report that delves deep into the significant ransomware trends, threat groups, victim profiles, and motives behind these attacks from the past year.…

$400,000 Fine for Stalkerware App Developer

A fine of over $400,000 has been handed to the developer of several stalkerware apps, alongside an order to modify the software. A consortium of 16 companies owned by Patrick Hinchy produced apps that snooped users, including DDI Utilities, PhoneSpector,…

Ransomware attack halts London trading

Ion Markets, a financial data group crucial to the financial plumbing underlying the derivatives trading industry, has fallen prey to the cybercrime group Lockbit.  The company has revealed that 42 clients have been affected by the attack, which has caused…

Ransomware attack halts London trading

Ion Markets, a financial data group crucial to the financial plumbing underlying the derivatives trading industry, has fallen prey to the cybercrime group Lockbit.  The company has revealed that 42 clients have been affected by the attack, which has caused…

JD Sports admits data breach

JD Sports has warned customers that bought items on its website, as well as those of Size?, Blacks and Millets, between November 2018 and October 2020 may have been impacted in the breach. The company has urged customers to be…

Acronis seals cyber protection partnership with Fulham FC

Acronis, a global and visionary cyber protection company, today announced a three-year partnership with London´s oldest professional football club, Fulham FC. EveryCloud.co.uk will support Acronis as its ‘Strategic #Cyberfit’ delivery partner providing its cutting-edge cyber protection solutions and cloud backup…

#MIWIC2022: Carole Embling, Metro Bank

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top…

Threat actors launch one malicious attack every minute

BlackBerry’s inaugural Quarterly Threat Intelligence Report highlights the volume and model of treats across a range of organisations and regions, including industry-specific attacks targeting the automotive and manufacturing, healthcare and financial sectors. In the 90 day period between September 1…

35,000 PayPal Accounts Hacked

A security notification released to PayPal customers this morning has revealed that up to 35,000 customers have fallen victim to a credential stuffing attack. Credential stuffing attacks involve bad actors systematically trying username and password combinations in order to break…

T-Mobile Data Breach: 37 million customers affected

Roughly 37 million T-Mobile customers have had their information stolen in a data breach, according to a statement published by the company late last night. Fortunately, T-Mobile has said that while hackers accessed names, addresses, and dates of birth, they…

Ransomware Revenue Down As More Victims Refuse to Pay

Researchers at Chainanalysis have released the ransomware section of their 2023 Crypto Crime report, revealing that ransomware payments fell from $766m in 2021 to $457m in 2022 Chainanalysis was quick to point out that this does not mean attacks are…

New Updates for Keeper Connection Manager

Keeper Security, the provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets and connections, has provided an update to its Keeper Connection Manager (KCM), which gives DevOps and IT teams instant access to RDP, SSH, database and Kubernetes endpoints…

Outpost 24’s honeypots register 42 million attacks

The Outpost24 research team have released the results of attack data gathered from a network of honeypots deployed to gather actionable threat intelligence. In total, 42 million attacks were registered between January 1st and September 30th 2022, with 20 honeypots…

2023 Predictions

2022 has been another huge year for cybersecurity. The teenage cybercriminal gang Lapsus$ wreaked havoc on some of the world’s largest corporations, the Russo-Ukrainian conflict brought the prospect of all-out cyber warfare terrifyingly close to fruition, and hackers stole an…

Data stolen after Hackers hit 14 UK schools

Hackers have launched a successful cyberattack against schools across the UK and has left confidential information related to pupils leaked online. In total, 14 schools have been impacted, with the sensitive data stolen including passport details, which were likely needed…