Articles about cybersecurity

The latest State of Pentesting report from Pentera reveals that over 50 percent of enterprise CISOs now report using software-based pentesting to support their in-house testing practices.

Based on research conducted by Global Surveyz, the report notes that 50 percent of CISOs now identify software-based testing as a primary method for uncovering exploitable security gaps within their organizations.

Continue reading →

New analysis by Comparitech shows that government entities remain a frequent target for ransomware gangs.

Of the 39 confirmed attacks -- where the organization publicly acknowledges what's happened -- in April, 21 were on businesses, nine on government entities, six on healthcare companies and three on educational institutions.

Continue reading →

As you'll already know, today is World Passkey Day and the FIDO Alliance has released an independent study of over 1,300 consumers across the US, UK, China, South Korea, and Japan to understand how passkey usage and consumer attitudes towards authentication have evolved.

The results are encouraging, they find 74 percent of consumers are aware of passkeys and 69 percent have enabled passkeys on at least one of their accounts.

Continue reading →

The first day of May has numerous competitors for its patronage. It's May Day, of course, and it's International Labor Day, and apparently it's Global Love Day. Since 2013 it's also been World Password Day -- created by Intel to highlight concerns around digital security.

As of last year though there's been further competition from the upstart World Passkey Day. So are we finally seeing a serious challenge to the dominance of passwords as an authentication method?

Continue reading →

Organizations are often using 50 or more different security tools and, even with the help of AI, they need to manually interact with each when investigating cybersecurity incidents.

A new SaaS security Model Context Protocol (MCP) server launched by AppOmni at this week's RSA Conference is designed to let security teams spend less time investigating incidents and more time taking action to fix them.

Continue reading →

A new AI security report from Check Point Software shows how cybercriminals are co-opting generative AI and large language models (LLMs) in order to damage trust in digital identity.

At the heart of these developments is AI's ability to convincingly impersonate and manipulate digital identities, dissolving the boundary between authentic and fake.

Continue reading →

According to a new study, 79 percent of respondents say their organization is making changes to its cybersecurity budget. Of these, 71 percent say their security budgets are increasing, with the average budget at $24 million.

However, the report from Optiv, with research by the Ponemon Institute, also shows 66 percent of the more than 600 respondents report cybersecurity incidents have increased in the past year, up from 61 percent in 2024.

Continue reading →

Although 63 percent of organizations claim their architecture is integrated throughout development (from design to deployment and beyond), a new study shows more than half (56 percent) have documentation that doesn't match the architecture in production.

The research from vFunction shows the impact of this architecture disconnect has potentially resulted in project delays (53 percent), security or compliance challenges (50 percent), scalability limitations (46 percent), and reduced engineering team productivity (28 percent).

Continue reading →

A new survey of nearly 1,500 IT, engineering, and cybersecurity professionals worldwide reveals that 69 percent say maintaining data security and compliance is a top data management obstacle.

Not far behind is managing data volume and growth, cited by 67 percent. The research from Splunk shows 62 percent of respondents claim that difficulties with data management resulted in compliance failures.

Continue reading →

New research highlights the growing threat of identity-based attacks and looks at organizations ability to defend against them.

The study from Huntress shows 67 percent of organizations reported an increase in identity-based incidents over the past three years, with these attacks comprising more than 40 percent of security incidents for 35 percent of organizations in the past year alone.

Continue reading →

When used legitimately, HTML attachments in emails enable organizations to share content, such as newsletters or invitations, that display properly when opened in an email client or web browser.

But a new report from Barracuda reveals that 23 percent of HTML attachments are malicious, making them the most weaponized text file type. Overall more than three-quarters of the malicious files detected overall were HTML, and 24 percent of email messages overall are now unwanted or malicious spam.

Continue reading →

Mobile threats are no longer an emerging issue, they're here, rapidly evolving, and targeting the devices organizations depend on every day.

As employees use smartphones, laptops, and tablets to access sensitive data and systems, a new report from Zimperium zLabs shows attackers are increasingly exploiting these endpoints through mobile-first strategies that bypass traditional security defenses.

Continue reading →

A new report from managed security services company LevelBlue reveals that organizations are forging ahead with AI innovations despite increased security concerns.

The report shows AI-powered attacks, such as deepfakes and synthetic identity attacks, are expected to rise in 2025, but many remain unprepared. The report finds that only 29 percent of executives say they are prepared for AI-powered threats, despite nearly half (42 percent) believing they will happen.

Continue reading →

A new survey of 1,000 businesses across the UK, UK, Europe and the Asia-Pacific region reveals a worrying disconnect between organizations' perceived readiness and actual performance in cyber crisis response.

The study for Semperis, with research from Censuswide, finds 90 percent of enterprises surveyed struggle with serious blockers to effective cyber response. Top issues include cross-team communication gaps (48 percent), out-of-date response plans (45 percent) and unclear roles and responsibilities (41 percent).

Continue reading →

As artificial intelligence (AI) continues to reshape industries, data privacy and security concerns are escalating. The rapid growth of AI applications presents new challenges for companies in safeguarding sensitive information.

Emerging advanced AI models like Deepseek, developed outside the US, underscore the risks of handling critical data. We spoke to Amar Kanagaraj, CEO of Protecto -- a data guardrail company focused on AI security and privacy -- to get his insights on the most pressing AI data protection challenges.

Continue reading →