A new report based on publicly available resources finds a 25 percent increase in ransomware victims from Q4 2022 and a 27 percent increase compared to Q1 of the same year.

The study from GuidePoint Security's Research and Intelligence Team (GRIT) tracked 849 total publicly posted ransomware victims claimed by 29 different threat groups in the first quarter of this year.

Continue reading →

A record 26,448 software security flaws were reported by CISA last year, with the number of critical vulnerabilities (CVEs) up 59 percent from 2021 at 4,135.

The 2023 Annual Threat Intelligence Report, from the Deepwatch Adversary Tactics and Intelligence (ATI) team, also shows that the conflict between Ukraine and Russia has unleashed a flurry of amateur and state-sponsored attacks and breaches on organizations and critical infrastructure.

Continue reading →

Enterprise browser specialist Talon Cyber Security has announced that it has integrated its secure enterprise browser with the Microsoft Azure OpenAI Service to provide enterprise-grade ChatGPT access to customers.

This allows organizations to maintain data protection, keeping data put into ChatGPT within their perimeter and preventing it from transferring to third-party services. When using ChatGPT in Azure OpenAI Service, the organization uses its own Azure resources, so sensitive data is not delivered to other locations, improving data security and reducing risk.

Continue reading →

Thanks to increased cloud and container use there's a growing demand for machine identities, but delivering and managing those identities can present problems.

Machine ID specialist Venafi is launching a new tool called Firefly that enables security teams to easily and securely meet developer-driven machine identity management requirements for cloud native workloads by issuing machine identities, such as TLS and SPIFFE, locally and quickly across any environment.

Continue reading →

Issues with server configuration remain a major problem. Researchers at Censys have identified over 8,000 hosts on the internet misconfigured to expose open directories.

These directories contain potentially sensitive data, such as database information, backup files, passwords, Excel worksheets, environment variables, and even some SSL and SSH private keys. Exposure of these types of data in such an accessible manner can offer threat actors an easy way into an organization's network.

Continue reading →

In 2020 alone, 61 percent of businesses migrated their workloads to the cloud, with 48 percent actively choosing to store their most important data in the cloud.

But because cloud storage is out of sight it can sometimes be difficult to understand just how much data there is stored out there.

Continue reading →

Businesses are engaged in a constant cat-and-mouse game with hackers, attackers, and bad actors in order to stay secure.

Dominic Lombardi, VP of security and trust at Kandji believes that in order to stay ahead it's necessary to master basic IT and security hygiene, update and communicate your risk register, and work steadily toward a zero-trust security model. We spoke to him to discover more.

Continue reading →

The financial impact of a ransomware attack can cost businesses up to 30 percent of their operating income, with smaller enterprises hit proportionally harder.

A new report from ThreatConnect looks at the financial impact of ransomware attacks on small ($500M), medium ($1.5B) and large ($15B) organizations within healthcare, manufacturing, and utilities.

Continue reading →

In a drive for network transformation, 98 percent of enterprise IT leaders say they plan to increase their dependence and investment in cloud services.

The latest Enterprise Network Transformation report from SASE solutions company Aryaka finds that although an uncertain economy is impacting network and security team investments CIOs, CISOs and IT leaders are doubling down on investment in the cloud.

Continue reading →

Despite relatively low awareness of passwordless technology, 65 percent of North American consumers report they’d be open to using new technology that makes their lives simpler.

A new report from 1Password shows that 80 percent say they care about their online privacy and actively take measures to protect it. But it's clear that they also believe we can do better than passwords for both security and ease of use.

Continue reading →

A malware toolkit dubbed 'Decoy Dog' has command-and-control (C2) propagated to a Russian IP and is selectively targeting organizations worldwide -- and going undetected.

The Infoblox Threat Intelligence Group is the first to discover Decoy Dog and the company is collaborating with other companies in the security industry, as well as customers, to identify and disrupt this activity.

Continue reading →

Popular online platforms such as Netflix, Facebook, and Steam are being used to spread cyber attacks as criminals focus on consumers' favorite online activities.

The latest consumer threat guide from F-Secure finds the most imitated social media platform used to spread phishing threats in 2022 was Facebook at 62 percent. Steam, the largest distribution platform for PC games, was the most popular gaming platform to spoof at 37 percent.

Continue reading →

A new enterprise-grade, native cloud storage solution aims to deliver increased speed, affordability and security thanks to its use of decentralized Web3 technology.

Impossible Cloud supports almost unlimited capacity, and its Object Storage solution offers a scalable, cost-efficient alternative for organizations that require reliable and secure storage.

Continue reading →

Recent supply chain attacks such as SolarWinds, Log4j and 3CX have highlighted the need to protect the software supply chain as well as the potential consequences of failing to properly assess the integrity of software.

A new report from software supply chain security management company Lineaje looks at the composition of open-source software and assesses the risks associated with its usage.

Continue reading →

The trend towards hybrid work has meant that face-to-face meetings have been widely supplanted by collaboration tools like Zoom, Teams and Slack.

With the advent of the metaverse, virtual interaction is set to become even more common. We spoke to Martin Bodley, director of emerging business at Bose Work to find out more about how this new world might look and how it can draw on expertise gained from video games.

Continue reading →