Articles about cybersecurity

Small and medium-sized businesses (SMBs) are facing an escalating onslaught of cyberattacks as they evolve in both sophistication and speed. Among the most insidious threats are ransomware variants like QakBot and Black Basta, which operate in the shadows, often slipping past the radar of law enforcement and the media.

The consequences of these attacks can be devastating, leaving SMBs exposed and unprepared, with the potential to disrupt operations, damage reputations, and incur significant financial losses.

Continue reading →

A new report from Splunk shows 82 percent of CISOs now report directly to the CEO, up from 47 percent in 2023, and 83 percent participate in board meetings somewhat often or most of the time.

However, only 29 percent of CISOs say they receive the proper budget for cybersecurity initiatives and accomplishing their security goals, compared to 41 percent of board members who think their cybersecurity budgets are adequate.

Continue reading →

According to a new report from RegScale and The CISO Society, 94.2 percent of CISOs believe continuous controls monitoring (CCM) has the potential to significantly enhance both compliance and security outcomes.

As organizations struggle with manual workflows, data silos, and limited integrations, CCM provides an effective way to improve visibility, automate processes, and better align security and compliance efforts.

Continue reading →

Mobile and cloud security company Lookout is launching new Mobile Intelligence APIs integrating critical security data from mobile devices into the solutions already in use by enterprise security teams -- those like SIEM, SOAR, and XDR.

This is aimed at allowing security teams to identify cross-platform attacks, risky trends or abnormalities, and potential risks.

Continue reading →

The CrowdStrike outage of July 2024 has triggered a major rethink of tech supply chains, as businesses around the world look to build IT resilience and minimize risk.

New research from Adaptavist shows that in the wake of the incident, which affected 8.5 million devices worldwide, there's a decisive shift in vendor relationships and a loss of confidence in traditional single-vendor approaches, with only 16.25 percent of respondents expressing satisfaction with their current providers.

Continue reading →

The number of ransomware victims reached an all-time high with more than 1,600 in Q4 2024 alone according to the latest GuidePoint Research and Intelligence Team's (GRIT) annual Ransomware and Cyber Threat Report.

The number of attackers peaked too with a 40 percent year-on-year increase in active threat groups. GRIT identified more than 88 total active threat groups in 2024, including 40 newly observed adversaries.

Continue reading →

A new report from HP Wolf Security reveals that attackers are hiding malicious code in images on file hosting websites like archive.org, as well as using the same loader to install the final payload.

These techniques help attackers avoid detection, as image files appear benign when downloaded from well-known websites, bypassing network security like web proxies that rely on reputation.

Continue reading →

Almost every single organization, large or small, is acutely aware of the need to implement robust security measures. However, this is easier said than done. As the threat landscape continues to evolve, only heightened by tools such as AI, it can be difficult to stay ahead and ensure appropriate security measures are in place. There are a lot of security tools out there, and many organizations have tried to implement security measures and are now overwhelmed with an influx of information trying to figure out how best to manage it.

However, though it may not be the easiest task, it’s certainly one worth doing right. So, as we move into 2025, what are the main trends that organizations need to be aware of and how can they use this knowledge to stay protected?

Continue reading →

Cloud adoption is at the heart of digital transformation, providing organizations with the agility and flexibility they need to stay competitive in today's rapidly changing marketplace.

A new report from Fortinet looks at the latest trends, challenges, and strategies shaping cloud security, include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.

Continue reading →

A newly-released report from Swimlane shows that a worrying 68 percent of organizations say remediating a critical vulnerability takes them more than 24 hours.

The survey of 500 cybersecurity decision-makers across the US and UK reveals that 37 percent cite the top challenge in prioritization as a lack of context or accurate information. Similarly, 35 percent report this lack of context hampers their remediation efforts.

Continue reading →

While moving systems to the cloud delivers many benefits, it also leads to complex dynamic environments that can be a real challenge when it comes to keeping them secure.

With the launch of a new Large Language Model (LLM)-powered cloud detection engine, Sweet Security aims to cut through the noise and allow security teams to tackle these environments with greater precision and confidence.

Continue reading →

SIEM (security information and event management) is currently one of the cybersecurity field’s most active markets. It holds the promise of making sense of the disparate data sources across enterprise environments to detect and respond to malicious activity.

Over the past year, we’ve witnessed a wave of innovation, mergers and acquisitions and consolidation in this area, largely driven by AI advancements and the push toward the AI-native security operations center (SOC). But there's also a 'data paradox' involved in balancing cost with importing and storing as much data as possible.

Continue reading →

New research from the eSentire Threat Response Unit (TRU) shows a shift towards browser-based threats last year as more traditional email malware declines.

Moving onto 2025 the report predicts an increase in politically motivated cyberattacks, with adversaries disrupting the physical infrastructure of the Internet to disrupt internet access. It also expects we’ll see continued growth in ransomware attacks against all industries, abuse of certificate authority, and further increase in browser-based threats to deploy malware.

Continue reading →

The majority of CISOs are taking on responsibilities beyond cybersecurity, including business risk, IT oversight, and digital transformation. Three percent of CISOs attribute their raise to taking on larger scope, while others see it reflected in merit increases.

New research from IANS Research and Artico Search surveyed over more than 830 CISOs and other security leaders to understand the key trends and challenges reshaping CISO role.

Continue reading →

Smaller businesses are just as vulnerable to cybersecurity issues as larger ones, more so in some cases as they have fewer resources to devote to protection.

New research from UK cloud services firm Six Degrees looks at the concerns of UK SMEs. It finds 35 percent cite AI-related threats as their top concern, outranking malware (25 percent), scams and other fraud (25 percent), phishing (25 percent), and ransomware (23 percent).

Continue reading →