Stegomalware is still a relatively unknown term but is becoming more widely leveraged in malware. So you need to know about this semi-low-tech, yet innovative tactic that is imperceptible to the human eye.

It all sounds like the stuff of Sherlock Holmes or “Mission Impossible”, but steganographic malware, or stegomalware for short, is a real thing that broadly describes a host of tactics used to hide data in plain sight.

Working in cybersecurity is one of the most challenging roles in the organisation. Not only are you tasked with keeping the business and its data safe and secure, but you must do so in the face of ever-increasing professionalism and sophistication on the part of cybercriminals.There are more threats than ever before, and the consequences of a data breach are more significant too. In recent Fortra...

Let the "madness" begin! The NCAA Basketball tournament is different for everyone. Some experience madness after a gut-wrenching triple overtime victory by their alma mater, while others after a buzzer-beater shot from half-court by a 16th-ranked Cinderella underdog that instantly knocks out one of your final four selections. However, to me there is nothing more maddening, in the delightful sense...

In early 2023, Microsoft launched Defender for Identity which aims to offer visibility by helping to identify threats and provide actionable reports on attacks. But M365 security is not completely adequate for the modern enterprise and must be augmented by other data security solutions.

How can organizations keep their employees safe from social engineering lures during this summer of sport? We look the tactics to watch out for and ways to minimize risk.

To mitigate the threat of data exfiltration, organizations deploy data loss prevention software tools at key egress points – email, web (cloud), and the endpoint. The security software provides visibility of the data being shared (who is sending what to whom) and allows controls to be put in place that prevent sensitive data from leaving the organization and malware from getting in.

The top five areas from the results of a survey of 100 senior business decision makers (in descending order of investment) and suggest ways organizations can best shore up defences in each.

The UK’s Information Commissioner’s Office published update guidance on encryption on 3rd March 2016, amidst concerns that there was a general lack of understanding of how and when to use encryption. It is the lack of appropriate technical measures, such as the use of encryption that has led to a significant number of fines issued in the UK since 2010. There is a risk of bigger fines with the introduction of the new General Data Protection Regulation. Organisations need to be prepared!

The motivations for APT attacks are many and varied. Nation-state sponsored, industrial espionage and targeted attacks are primarily designed not to cause disruption, but to steal information.

Office 365 is a powerful collaboration tool, but can organizations be sure it provides the level of DLP capabilities required in today’s ever-morphing threat environment? Discover the benefits of pairing Clearswift with your Office 365 deployment.

On Wednesday May 12, the Biden administration took a critical step towards addressing security issues that have come to light after several recent, high profile cyberattacks.

We hear a lot about encryption in this day in age, particularly around it being the panacea for compliance with data protection regulations. It’s true it can be a component of an information security and compliance strategy, but there are a variety of different encryption options available on the market today, so care needs to be taken with selecting the right solution to ensure it doesn’t turn into a nightmare resulting in non-compliance.

Traditional Data Loss Prevention (DLP) technology provides protection against the traditional threat of someone trying to send a file to an unauthorized individual, but it required a step change to enable Adaptive Data Loss Prevention with Deep Content Inspection (DCI) to address threats such as ransomware that is delivered embedded in innocuous-looking documents. Clearswift delivered our first version of Adaptive Redaction in 2013 and have continuously improved the technology in every release since then.

Optical Character Recognition (OCR) as a technology has been around for a long time. It inspects images for text and then decodes them. While the human eye is fantastic at recognizing text, be it upside down or at an angle, it is computationally intensive to do this by machine on a regular basis. However, new algorithms now exist to deal with skew (angled text) as well as being able to handle multiple languages. The latest versions of Clearswift’s email product portfolio – the SECURE Email Gateway (SEG), SECURE Exchange Gateway (SXG) and ARgon – have a new cost option for OCR to mitigate this risk.

GDPR is the most comprehensive data protection legislation to date and it's revolutionizing the information security landscape. The impending enforcement of the regulation is forcing organizations to understand, and transform, the way they collect, process and store data. One of the most challenging aspects of the legislation is the ‘right to be forgotten’ (RTBF), the ruling that dictates...

The media landscape today continues to share stories of the increased cyber vulnerabilities in mobile applications. While banks have had many years to develop and tailor their apps to respond to various security issues, with increased security around detecting fraudulent use, trading apps from smaller businesses have flown under the radar and missed out on improved security. Although cyber...

Following the recent WannaCry attack that affected so many organizations, both public and private, across the globe, many firms are now taking steps to protect themselves from potential threats in the future. One establishment in the UK that the WannaCry attack had ramifications for was the NHS. The incident meant multiple hospitals across England and Scotland had to cancel procedures after vital...