By Lucas Budman, CEO, TruU As old years end and new ones begin, it’s natural to look ahead at the promise and possibility that lie in front of us. What’s new? What’s near? What’s next? But in cybersecurity, we already know what to expect in 2022: more breaches. Why? Because loss or theft from data leaks has grown substantially year-over-year for so many consecutive years now we’d be fooling ourselves to think 2022 will be…
Read More
With an undergraduate degree in political science and time spent as a Peace Corps and AmeriCorps volunteer, Lain McGrath hardly envisioned a career in software engineering. Yet after onboarding at HR SaaS provider Gusto in a customer experience (CX) role, exposure to coding sparked McGrath’s interest in shifting professional tracks. The problem: She had no formal training and experience in computer science. What might be a hurdle for many did not stop McGrath or her…
Read More
Multi-cloud networking software (MCNS), which is available from industry stalwarts like Cisco and VMware, as well as a slew of startups, is designed to address the challenge of how to safely and efficiently connect networks and applications across multiple public cloud environments. Traditional approaches to network architecture and operations are untenable in today’s multi-cloud world, says Brian Casemore, vice president of research, datacenter and multi-cloud networking at IDC. And the cloud service providers have come…
Read More
Researchers have spotted what they believe is the first recorded instance of Android malware distributed by prolific state-sponsored Russian hacking group Turla. Also known as Venomous Bear among many other monikers, the APT group is linked to Russia’s Federal Security Service (FSB), a successor to the KGB. As such, it’s currently involved in operations targeting Ukrainian forces and pro-Ukrainian activists, many of whom have been encouraged to enlist in a volunteer “IT army” to DDoS…
Read More
Legal experts have expressed serious misgivings about aspects of the UK government’s proposed changes to data protection legislation, claiming it may risk ending streamlined data flows with EU countries. The long-awaited and much-trailed Data Protection and Digital Information Bill has been billed as the UK’s attempt to update its legal framework post-Brexit. However, the balance between improving on the GDPR and diverging too far away from it is key. If the latter happens, then the…
Read More
In an effort to minimize grant fraud, the Swedish government is establishing a new authority to consolidate all payments from several agencies and services, and CIOs and IT leaders are central to its mission and success. Due to an estimated $1.8 billion being paid out erroneously every year, the need for the government to act has become urgent, highlighting this payments channel and its robust oversight as an important weapon against organized crime. The payments…
Read More
The digital transformation of the Middle East’s retail sector in the last five to seven years has brought immense value in crafting more agile supply chains that accommodate demand. In a recent PwC study, retail CEOs in the region cited key factors to achieve this being their ability to manage faster delivery times, support easier product returns, and balance stock volumes. “It would be naïve to underestimate the pandemic’s influence on many companies’ digital transformation,”…
Read More
Consider these key attack vectors: Open source code Mostly commonly, developers copy open source code from shared public libraries like Github to get everyday components. Why waste valuable time writing code to take a message from one field to another when someone else has already done it? The ease of use is why 90% of modern applications leverage open source code. However, the unchecked nature of open source code can lead to crippling attacks like…
Read More
The use of legitimate Windows tools as part of malicious actors’ malware arsenal has become a common observation in cyber incursions in recent years. We’ve discussed such use in a previous article where PsExec, Windows Management Instrumentation (WMI), simple batch files or third-party tools such as PC Hunter and Process Hacker were used to disable endpoint security products, move laterally across networks, and exfiltrate information, among others. We have also extensively discussed legitimate tools that…
Read More
Technologies such as wireless, mobile apps and digital payments have given consumers more options than ever for purchasing products and services. This ongoing evolution in technology-based payment choices is both creating opportunities for and putting pressure on merchants to meet the expectations of these newly empowered digital consumers. Research by Cybersource, a Visa solution, shows that today’s consumers are 63% more likely to shop with merchants that offer their preferred payment options.[1] Unfortunately, the proliferation…
Read More
Introduction Cloud computing services have grown exponentially in