OK, so there may not be a pension scheme and a company car, but rookie fraudsters are taking home approximately $18,700 (£15,000) a month with 'cybercriminal CEOs' making up to three times as much as their counterparts in legitimate businesses. According to a new report from Arkose Labs.
The return on investment for launching cyber attacks or committing online fraud is larger than ever before. Some of the highest earning fraudsters are known to be making around $7.5 million (£6 million) a year according to even the most conservative estimates. This is almost three times the amount that FTSE 100 chief executives were paid in 2020, when they earned an average $3.4m (£2.7m).
We all know that quantum computing is going to offer a major boost in computing power. But that power also represents a threat to cryptographic systems, potentially putting the world's data at risk.
To address the issue QuSecure is launching an industry first end-to-end post-quantum cybersecurity (PQC) software-based solution designed to protect encrypted communications and data with quantum-resilience.
The number of DDoS attacks dropped 13 percent in 2021 compared to 2020, but remained well above pre-pandemic levels.
Research from Nexusguard also shows that while the average attack size fell by 50 percent over 2021, the maximum attack size nearly tripled, growing by a whopping 297 percent over the same period.
The latest Bad Bot Report from Imperva shows that bots are an increasingly significant part of the web, accounting for over 42 percent of traffic overall.
More concerning still is that bad bots accounted for a record-setting 27.7 percent of all global website traffic in 2021, up from 25.6 percent in 2020. The three most common bot attacks are account takeover, content or price scraping, and scalping to obtain limited-availability items.
The first quarter of 2022 has seen a 7.6 percent increase in the number of vulnerabilities tied to ransomware, with 22 new ones discovered.
The latest Ransomware Index from Ivanti, conducted with Cyber Security Works, shows that of those 22, 19 are connected to Conti -- a prolific ransomware group that pledged support for the Russian government following the invasion of Ukraine.
Enterprise Security Information and Event Management (SIEM) tools are detecting fewer than five of the top 14 MITRE ATT&CK techniques employed by adversaries in the wild, according to a new report.
Analysis by AI-powered detection engineering company CardinalOps also shows SIEMs are missing detections for 80 percent of the complete list of 190+ ATT&CK techniques.
Three out of five organizations experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months, according to a new study.
Research from email security company Tessian and the Ponemon Institute shows 65 percent of over 600 IT security practitioners surveyed see email as the riskiest channel, followed by 62 percent for cloud file sharing and 57 percent for instant messaging.
There was already a shortage of cyber skills before the COVID-19 pandemic hit, and since then we've had a perfect storm of home working and the Great Resignation to make things worse still.
But is there an unexploited resource out there that could help fill the skills gap? Sonny Sandelius, assistant director of workforce programs at cyber security training skills company SANS believes there could be in the form of an army of the hobbyists and DIYers.
Edge messaging infrastructure is critical to the data delivery that powers the experiences consumers expect, such as live chat, order delivery tracking, and document collaboration.
But a new report from edge messaging platform Ably reveals that 65 percent of organizations experienced an outage or significant downtime in the last 12-18 months with the edge messaging infrastructure they had built in-house.
As the number of breaches shows no sign of reducing, cybersecurity and development professionals are feeling the pressure to maintain their organizations’ security postures.
New research from Invicti Security finds DevSecOps professionals spend more than four hours each workday addressing security issues that never should have happened in the first place.
How do you know if you're being targeted by an agent of a foreign power? It used to be easy, as soon as he ordered red wine with his fish* you knew he wasn't the right sort of chap.
Nowadays when nation states are more likely to befriend you on social media in order to try to steal sensitive data you can no longer rely on the wine list to help you spot a bad guy.
A new study finds that 26 percent of UK respondents admit to not using strong and unique passwords for their various work applications.
Worse still, the report, from MFA provider Beyond Identity, shows 11 percent never change their work password, while almost a quarter (24 percent) maintain the same personal passwords.
Smartphones have made a significant change to the way we live our lives, giving us access to information on the go and keeping us in touch wherever we are.
But the benefits they offer are only part of the story. An alarming new study from non-profit research organization Sapien Labs suggests that a decline in the mental health of younger generations has occurred alongside smartphone use and an increase in social isolation.
An increasing volume of regulations surrounding the security and privacy of data have been implemented in recent years. This represents a challenge for businesses that need to ensure they remain compliant.
The challenge has become even greater due to the pandemic and the consequent shift in working patterns. So how can enterprises ensure that they remain compliant and don't fall foul of the rules?
White House officials, The Linux Foundation, OpenSSF and 37 private sector tech companies have announced a 10-point open source and software supply chain mobilization plan and $150 million of funding over two years.
At a summit meeting yesterday several participating organizations came together to collectively pledge an initial tranche of funding towards implementation of the plan. Those companies are Amazon, Ericsson, Google, Intel, Microsoft, and VMWare, pledging over $30M.