Month: August 2024
Enterprise SaaS apps are still a major security risk
Despite growing awareness, the risks are still present and could seriously hurt businesses.
Organizations are growing increasingly aware of the dangers of using insecure enterprise Software-as-a-Service (SaaS) apps, however it isn’t stopping them from still using them ad-hoc, without a proper cybersecurity and data protection strategy.
As a result, these apps still present a major security risk to all users, a new paper published by AppOmni claims.
Based on a survey of 644 security decision makers at organizations with 2,500+ employees scattered across six countries, the report argues that only a third (32%) are confident in the security of their company’s or customers’ data stored in SaaS apps, down from 42% in 2023. This decrease highlights the growing awareness of the challenges that enterprise SaaS apps present in terms of data security.
Different perspectives
Further reinforcing the same point, almost all (90%) said their organizations have policies that allow only the use of sanctioned apps. But here is where it gets troubling – a third (34%) said these policies are not enforced, up 12% compared to last year. What’s more, only 27% are confident about the security levels of their sanctioned apps.
To make matters worse, a third (34%) don’t know how many SaaS apps are deployed in their organization. Half of those using Microsoft 365 believe they have less than 10 applications connected to the platform, while AppOmni’s data shows more than 1,000 connections – more than a hundredfold increase.
Finally, there are different views of responsibilities across organizations. Half (50%) of the respondents believe the responsibility for securing SaaS apps lies with the business owner or stakeholder, while just 15% said it’s the responsibility of the cybersecurity team.
Brendan O’ Connor, Chief Executive Officer of AppOmni, says there is a “clear disconnect” between security self-assessments and actual SaaS risks. “Now, we find that despite greater awareness and effort, things are getting worse. Just as there are constant headlines about breaches, the number of SaaS exploits has reached 31%, up five percentage points from last year. The details behind those statistics are even worse—despite increased budgets and initiatives, organizations need to do a far better job of securing SaaS deployments,” he concluded.
More from TechRadar Pro
SaaS identity security strategies to prevent cyber risk in the workplaceHere’s a list of the best firewall software around todayThese are the best endpoint security tools right now
FDA Expands Probe of Ecstasy-Based Drug Studies
ole_timer shares a report from Ars Technica, written by Beth Mole There’s more bad news for the company behind an experimental MDMA therapy for post-traumatic stress disorder, which the Food and Drug Administration roundly rejected earlier this month. According to a report from The Wall Street Journal, the FDA is now expanding an investigation into clinical trials behind the experimental psychedelic therapy — even though the agency has already rejected it. Agency investigators reportedly interviewed four additional people last week, asking questions regarding whether the trials underreported side effects.
People involved in the trial have previously alleged, among other things, that ill effects, such as suicidal thoughts, went undocumented, and trial participants were discouraged from reporting them to bolster the chances of FDA approval. Overall, the MDMA trials faced crushing criticism amid the FDA’s review, with outside experts and agency advisers calling out allegations of sexual misconduct at one trial site, as well as flaws in overall trial designs, multiple sources of biases, and claims that the company behind the therapy, Lykos, fostered a cult-like belief in psychedelics.
According to the Journal, the recent interviews were being conducted by the FDA’s Office of Regulatory Affairs, which oversees inspections, and a subdivision of that office called Biomedical Research Monitoring Program, which works to ensure the quality and integrity of data submitted to FDA. Notably, when the agency rejected MDMA, it advised Lykos to conduct a new trial. While the FDA’s rejection and expanded investigation are bad enough for Lykos, the company announced this month that it’s laying off 75 percent of its staff and overhauling its leadership. The moves were in response to the FDA’s rejections, the company said. Additionally, a scientific journal retracted three of the company’s MDMA studies, citing “protocol violations amounting to unethical conduct” in its trials, echoing claims raised amid the FDA review.
Read more of this story at Slashdot.
ole_timer shares a report from Ars Technica, written by Beth Mole There’s more bad news for the company behind an experimental MDMA therapy for post-traumatic stress disorder, which the Food and Drug Administration roundly rejected earlier this month. According to a report from The Wall Street Journal, the FDA is now expanding an investigation into clinical trials behind the experimental psychedelic therapy — even though the agency has already rejected it. Agency investigators reportedly interviewed four additional people last week, asking questions regarding whether the trials underreported side effects.
People involved in the trial have previously alleged, among other things, that ill effects, such as suicidal thoughts, went undocumented, and trial participants were discouraged from reporting them to bolster the chances of FDA approval. Overall, the MDMA trials faced crushing criticism amid the FDA’s review, with outside experts and agency advisers calling out allegations of sexual misconduct at one trial site, as well as flaws in overall trial designs, multiple sources of biases, and claims that the company behind the therapy, Lykos, fostered a cult-like belief in psychedelics.
According to the Journal, the recent interviews were being conducted by the FDA’s Office of Regulatory Affairs, which oversees inspections, and a subdivision of that office called Biomedical Research Monitoring Program, which works to ensure the quality and integrity of data submitted to FDA. Notably, when the agency rejected MDMA, it advised Lykos to conduct a new trial. While the FDA’s rejection and expanded investigation are bad enough for Lykos, the company announced this month that it’s laying off 75 percent of its staff and overhauling its leadership. The moves were in response to the FDA’s rejections, the company said. Additionally, a scientific journal retracted three of the company’s MDMA studies, citing “protocol violations amounting to unethical conduct” in its trials, echoing claims raised amid the FDA review.
Read more of this story at Slashdot.
Samsung Galaxy S25 Ultra tipped to be thinner and lighter than the iPhone 16 Pro Max and Pixel 9 Pro XL
We’ve got a little bit more (unconfirmed) information about the most expensive of Samsung’s 2025 flagship phones.
Google just unveiled the Pixel 9 Pro XL – and our Pixel 9 Pro XL review is now up for your perusal – and the iPhone 16 Pro Max is expected to be one of the Apple handsets unveiled next month. However, it seems the Samsung Galaxy S25 Ultra could beat them both in two key ways.
Specifically, it might be thinner and lighter than the top-end smartphones from Google and Apple. That’s according to well-known leaker Ice Universe, who says the Galaxy S25 Ultra will be “the thinnest and lightest of all Ultra flagship phones”.
We’re assuming “Ultra flagship phones” mean the top spec, most premium, most expensive handsets that manufacturers put out – including the Google phone that’s already out and the Apple phone that’ll be out soon.
The tipster doesn’t say anything else about how thin or light the Galaxy 25 Ultra might be, however. For reference, the Samsung Galaxy S24 Ultra measures 8.6mm front to back, and tips the scales at 233 grams. The Pixel 9 Pro XL from Google, by comparison, is 8.5mm thick, and weighs 221 grams.
The leaks so far
The Galaxy S24 Ultra launched at the start of this year (Image credit: Future)
Samsung is clearly going to have to do some clever component packing and handset design tricks to put together an Ultra phone that’s thinner and lighter than ever. We’ve also heard that the width of the S25 Ultra is going to be reduced to 77.6mm, down from 79mm on the Samsung Galaxy S24 Ultra.
Another previous leak has suggested the upcoming handset – probably arriving sometime in January 2025 – is going to have an asymmetrical frame design for a more comfortable hold, which could be where some of the weight reduction is coming from.
Of course, a thinner and lighter phone might also mean a smaller battery (and reduced battery life). However, the rumors are that a more efficient chipset will ensure the 2025 Galaxy Ultra phone offers better battery life than the 2024 version.
Another key upgrade could come in the camera department: back in May we heard that the Galaxy S25 Ultra might add an extra rear camera for a four-camera module. You can catch up on everything we know about the Galaxy S25 so far.
You might also like
The Samsung Galaxy S25 Ultra could get a name changeThese are the best Samsung phones you can buyAll of the Galaxy S25 phones are tipped to get extra RAM
Best CD Rates Today, Aug. 28, 2024: Time’s Running Out on APYs Up to 5.25%
Banks are slashing rates across CD terms, so now’s the time to act.
Banks are slashing rates across CD terms, so now’s the time to act.
Smartphone Battery Tips: How to Stretch the Charge on Your Older Device
If your current smartphone can’t make it through the day without needing a recharge, here are a few steps to make it last a little longer.
If your current smartphone can’t make it through the day without needing a recharge, here are a few steps to make it last a little longer.
X’s Grok bot now points to government website after election misinformation warnings
The Verge
X has updated its artificial intelligence chatbot Grok after five secretaries of state warned it was spreading election misinformation. The AI assistant will now say “For accurate and up-to-date information about the 2024 US Elections, please visit Vote.gov,” when users ask election-related questions.
The change was introduced after election officials from Minnesota, New Mexico, Michigan, Washington, and Pennsylvania sent a complaint letter to X owner Elon Musk earlier this month, highlighting that Grok had provided false information about the ballot deadlines in their states. Grok, which is developed by another Musk-owned company xAI, is only available to paying subscribers on the X social media platform — but the letter signed by the five secretaries of state said election misinformation from the chatbot has been shared to reach “millions of people” before it was corrected 10 days after the issue was discovered.
“We appreciate X’s action to improve their platform and hope they continue to make improvements that will ensure their users have access to accurate information from trusted sources in this critical election year,” the officials said in response to Grok’s updated message. “Elections are a team effort, and we need and welcome any partners who are committed to ensuring free, fair, secure, and accurate elections.”
The update doesn’t affect Grok’s recently added ability to spit out AI-generated images related to elections, which has already been used to populate the platform with misleading or incendiary depictions of politicians like Kamala Harris and former president Donald Trump. X also notably removed the ability for some users to report posts that contained electoral misinformation last September.
The Verge
X has updated its artificial intelligence chatbot Grok after five secretaries of state warned it was spreading election misinformation. The AI assistant will now say “For accurate and up-to-date information about the 2024 US Elections, please visit Vote.gov,” when users ask election-related questions.
The change was introduced after election officials from Minnesota, New Mexico, Michigan, Washington, and Pennsylvania sent a complaint letter to X owner Elon Musk earlier this month, highlighting that Grok had provided false information about the ballot deadlines in their states. Grok, which is developed by another Musk-owned company xAI, is only available to paying subscribers on the X social media platform — but the letter signed by the five secretaries of state said election misinformation from the chatbot has been shared to reach “millions of people” before it was corrected 10 days after the issue was discovered.
“We appreciate X’s action to improve their platform and hope they continue to make improvements that will ensure their users have access to accurate information from trusted sources in this critical election year,” the officials said in response to Grok’s updated message. “Elections are a team effort, and we need and welcome any partners who are committed to ensuring free, fair, secure, and accurate elections.”
The update doesn’t affect Grok’s recently added ability to spit out AI-generated images related to elections, which has already been used to populate the platform with misleading or incendiary depictions of politicians like Kamala Harris and former president Donald Trump. X also notably removed the ability for some users to report posts that contained electoral misinformation last September.