Cyber threats and attacks are a growing issue for businesses because the amount of vulnerabilities has increased. The volume of global malware has risen 58% annually, and the volume of spam has risen by more than one-third in the past 12 months. These issues have made it more difficult for employees to focus on what they need to do. Zero-day attacks in cyber security are one such challenge for security teams around the world.

The new Personal Data Protection Law (PDPL) expands cybersecurity duties imposed under the Personal Data Protection Interim Regulations (PDPIR) and the Essential Cybersecurity Controls (ECC).

Known to be one of the most useful popular and dangerous threats, Emotet, firstly seen in 2014, is a Malware-as-a-Service (MaaS), that used to operate as a banking trojan targeting banks in Germany, Austria and Switzerland. Since 2017, Emotet has done a shift into a loader and took parts in campaigns, setting up for Trickbot delivery, deployment of ransomware such as Conti and Ryuk, and other malwares such as QuakBot, Azorult, SilentNight and more.

In 2020, just under half the UK workforce worked from home at least some of the time, according to the Office of National Statistics. In the United States, a survey by Upwork found that over a quarter of professionals expect to work fully remotely within the next five years. Working from home has been propelled into the mainstream by the COVID-19 pandemic as well as the resulting lockdowns and restrictions on traveling to work.

Five worthy reads is a regular column on five noteworthy items we discovered while researching trending and timeless topics. In this week’s edition, let’s explore the role of HIPAA compliance in the cybersecurity era.

You don’t reuse passwords, so why are you reusing your usernames? Using a unique username does more than just protect your privacy, it also has important security benefits.

Over the last two weeks, many have had flashbacks to 2012 when Heartbleed was released and everyone scrambled to fix broadly used OpenSSL. Due to their nature, some applications and services are so prolific that when a vulnerability is identified it causes massive issues for vendors and customers alike. The latest of this kind of issue is the Log4j vulnerability that has been dominating the press.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Those of you of a certain age who frequented department stores during the 80’s and the emergence of home computing might remember the often used jape of writing a two line BASIC programme to fill the screen with text – often something silly. Such innocent times, and now though, we have this....

Executive Order 14028 on Improving the Nation’s Cybersecurity was released in May with nine sections outlining specific focus areas for security improvements. As we noted at the time, Netskope applauded the EO for how it placed significant emphasis on zero trust security adoption, mentioning it no fewer than 11 times, and insisting on proactive action.