Enterprises under growing pressure to demonstrate readiness for cyber threats


A new study commissioned by Immersive Labs shows 96 percent of cyber leaders believe effectively communicating cyber-readiness to senior leadership and boards will be crucial in 2025, driven by regulatory compliance requirements and an increase in attacks.
The survey conducted by Sapio Research reveals that 49 percent of those surveyed report having experienced a cyberattack in the past year.
Free online tool shines a light on the global threat landscape


Cyber threats are becoming more complex and it can be difficult for defenders to see the big picture and make decisions accordingly.
Now though help is at hand as ImmuniWeb is launching a free online tool making historical data on the security of internet-accessible resources available to the global cybersecurity community, educational institutions, government agencies, and even individual researchers.
New expert community seeks to address identity vulnerabilities


Most cybersecurity incidents start with some sort of identity compromise, whether that identity is human or machine.
In order to help organizations gain visibility into their identity security posture Anetac is setting up a community to serve as a collaborative space where cybersecurity leaders, practitioners, and researchers can learn and engage with experts on identity vulnerabilities related to human and non-human identities.
Google launches new initiative for sharing scam details


Google has announced a new partnership with the Global Anti-Scam Alliance (GASA) and the DNS Research Federation (DNS RF) to launch Global Signal Exchange (GSE), a new project with the ambition to be a global clearinghouse for online scams and fraud bad actor signals.
This collaboration combines the strengths of each partner: GASA's extensive network of stakeholders, the DNS Research Federation's robust data platform with already over 40 million signals, and Google's experience in combating scams and fraud.
How to overcome today's intelligence challenges to uncover the threats that matter [Q&A]


Threat intelligence is critical to protection efforts, but businesses often struggle with effective management and correlation of this data to help prioritize their efforts.
We spoke to Richard Struse, chief technology officer and co-founder of Tidal Cyber, to discuss the challenges presented when organizations scramble to update systems that aren’t actually vulnerable or stop threats that would essentially have no impact on their business.
Why enterprises need real-time visibility of their invisible threats


It's not what you know, it's what you don’t know that bites you. Cyber attacks, internal rogue employees, and general operational missteps are a constant at enterprises. The cost, both financially and human operationally, impacts morale and budgets.
Many enterprises think they have what they need to defend their attack surfaces, except for one thing: a clear view of ALL the assets that make up that attack surface -- devices, users, applications and vulnerabilities. Too many security teams are trying to protect expanding and increasingly complex infrastructures without knowing all their risk exposures.
How threat intelligence can improve vulnerability management outcomes


It might surprise you to know that more than 70 new vulnerabilities are published every day. And despite their risk-reducing value in helping SOC teams address these, vulnerability management solutions have drawbacks. Often, they only provide a snapshot of an organization’s vulnerabilities at a point in time. In fact, owing to their nature, vulnerabilities identified today may not exist tomorrow, or they may appear and disappear intermittently. This leaves security teams scrambling to understand not only what the risk is, but how it affects them and where they should start first with any remediation.
Often vulnerability management solutions struggle to support SOC teams effectively, meaning they face an uphill battle with fragmented tools and data silos. This in turn creates major challenges around alert fatigue and overloaded SOC teams who, despite all the tools available to them, end up undertaking manual investigations to determine the best response.
Cybercriminals use identities to target enterprises


A new report from IBM X-Force Threat Intelligence highlights an emerging global identity crisis as cybercriminals double down on exploiting user identities to compromise enterprises worldwide.
The 2024 X-Force Threat Intelligence Index report records a 71 percent spike in cyberattacks caused by exploiting identity as using valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.
Leveraging threat intelligence for regulatory compliance


The US Government recently announced that state-sponsored Chinese cyber group Volt Typhoon has compromised multiple critical infrastructure organizations’ IT networks in the US and is preparing “disruptive or destructive cyber attacks” against communications, energy, transport, water and waste water systems.
The announcement, which was supported by national cybersecurity agencies in Australia, Canada, UK, and New Zealand, is a sobering reminder that modern life relies on digital networks. From healthcare, banking, and socializing, to energy, water, local and national government -- everything has a digital aspect. But while digitization has delivered great leaps forward in convenience, speed, and efficiency, it has also introduced risk. Malicious forces wanting to disrupt economies, governments, and people, know that targeting digital networks is the quickest route to maximum cross-border disruption.
Get 'Cyber Threat Intelligence' (worth $87) for FREE


Cyber Threat Intelligence introduces the history, terminology, and techniques to be applied within cyber security, offering an overview of the current state of cyberattacks and stimulating readers to consider their own issues from a threat intelligence point of view. The author takes a systematic, system-agnostic, and holistic view to generating, collecting, and applying threat intelligence.
The text covers the threat environment, malicious attacks, collecting, generating, and applying intelligence and attribution, as well as legal and ethical considerations.
Why every company should include threat intelligence in their cybersecurity strategy


In the fast-evolving digital landscape, the prevalence of cyber threats has become a stark reality for businesses and individuals. While essential, conventional cybersecurity measures are often reactive and inadequate against sophisticated attacks. This is where Cyber Threat Intelligence (CTI) emerges as a proactive and complementary approach to cybersecurity.
Utilizing CTI helps organizations to protect their systems from potential hazards. It provides a way to cut through the noise and focus on threats relevant to that specific company and industry. However, CTI is more than just a product. It's a program that needs to be evaluated constantly to ensure the correct tools, processes, and people are being leveraged as threats evolve and the company changes over time.
Enterprises struggle with basic security hygiene


Both ransomware groups and APTs continue to exploit vulnerabilities in public-facing applications, particularly in security appliances, business email technologies and enterprise file transfer products.
The latest mid-year threat review from Rapid7, based on the company's threat analytics and underground intelligence data, shows almost 40 percent of incidents Rapid7 managed services teams saw in the first half of 2023 were the result of missing or lax enforcement of multi-factor authentication, particularly for VPNs and virtual desktop infrastructure.
Detection needs to improve to combat evolving malware


Critical infrastructure protection specialist OPSWAT has released its latest Threat Intelligence Trends survey looking at organizations to manage the current threat landscape and how to prepare for future challenges.
It finds that 62 percent of organizations recognize the need for additional investments in tools and processes to enhance their threat intelligence capabilities. Only 22 percent have fully matured threat intelligence programs in place though, with most indicating that they are only in the early stages or need to make additional investments in tools and processes.
Public ransomware victims increase 100 percent year-on-year


A new report from GuidePoint Security shows a startling 100 percent increase in publicly posted ransomware victims from Q2 2022 to the last quarter.
The study from the GuidePoint Research and Intelligence Team (GRIT) also shows a 38 percent increase in public victims compared to Q1 of this year.
Securing supply chains: Navigating risks in the evolving threat landscape


Across the interconnected global economy, complex supply chains ensure the seamless flow of goods and services across every industry. However, as cyber threats continue to evolve, organizations throughout this ecosystem are, often unknowingly, being exposed to more and more security risks as a direct result of being part of the chain. This creates a range of critical challenges for organizations whose very existence is dependent on the reliability and integrity of their supply chains at all their various levels.
Understanding the various stages of contemporary supply chains -- from material sourcing to manufacturing, transportation, warehousing, and distribution -- is essential for identifying potential vulnerabilities, with each stage susceptible to different types of risks.
Recent Headlines
Most Commented Stories
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
Regional iGaming Content
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.