Articles about cybersecurity

Nearly half of businesses admit they are only partially confident in their ability to detect deepfakes, leaving them vulnerable to escalating fraud risks according to a new report.

The report from identity solutions company Regula shows 59 percent of businesses consider video deepfakes a serious threat, while 58 percent feel the same about audio deepfakes.

Continue reading →

New data from Abnormal Security shows that between September 2023 and September 2024, phishing, business email compromise, and vendor email compromise attacks on manufacturers increased significantly.

The number of monthly attacks phishing attacks has grown nearly 83 percent between September 2023 and September 2024. Business email compromise attacks are up 56 percent too.

Continue reading →

A new report from cyber insurance provider Cowbell shows that supply chain attacks have increased by an astounding 431 percent since 2021.

It also shows that large enterprises (those with greater than $50 million revenue) are 2.5 times more likely to encounter cyber incidents. Manufacturing is the most vulnerable sector, driven by its reliance on automation and exposure to intellectual property threats.

Continue reading →

The rise of remote and hybrid work has increased the risk of PCs being compromised by attackers with brief physical access, underscoring the need for protection and visibility into the integrity of devices throughout their lifetimes.

To combat this, HP is launching a new HP Enterprise Security Edition, a unique suite of capabilities designed to enhance the physical security of PC endpoints.

Continue reading →

A new survey, from infrastructure management provider Pulumi, reveals that 58 percent of organizations feel their cloud security is inadequate, underscoring the critical need for enhanced security measures in cloud environments.

This echoes research from other sources which show a 75 percent increase in cloud intrusions from 2022 to 2023, and 44 percent of organizations having faced a cloud data breach -- 14 percent reporting one in the past year.

Continue reading →

Cyberattackers are targeting holidays and weekends to cause maximum disruption, yet many businesses remain underprepared outside of standard working hours.

A new report from Semperis, based on a survey of almost 1,000 cybersecurity professionals, shows that 86 percent of surveyed organizations in the US, UK, France and Germany that were attacked were targeted during a holiday or weekend.

Continue reading →

New data from Cofense shows one malicious email bypassing customers' Secure Email Gateways (SEGs) every 45 seconds -- up from every 57 seconds in 2023.

The report also highlights the rapid rise in Remote Access Trojans (RATs) and the evolution of credential phishing techniques that exploit trusted platforms. Remcos RAT emerged as the predominant malware, using methods to bypass SEGs with ease.

Continue reading →

Most developers (85 percent) and security teams (75 percent) have security concerns over relying on GenAI to develop software.

A report from Legit Security, based on a survey of over 400 security professionals and software developers across North America, finds 96 percent of security and software development professionals report that their companies use GenAI-based solutions for building or delivering applications.

Continue reading →

In 2024, businesses have reported taking an average of 7.3 months to recover from cybersecurity breaches -- 25 percent longer than expected and over a month past the anticipated timeline of 5.9 months.

This is among the findings of the latest Global Security Research Report from Fastly which also shows that recovery times are even worse for companies that planned on cutting back cybersecurity spending. They faced an average of 68 incidents each -- 70 percent above the average -- and their recovery times stretched to 10.9 months.

Continue reading →

Most organizations now recognize that some form of cybersecurity breach is a matter of when rather than if. So why not just assume that the site has been breached in the first place?

That’s exactly what Tide Foundation has done with its new platform. TideCloak is an identity, immunity, and access management system that starts with a 'breach assumed' approach.

Continue reading →

A new survey of over 1,700 senior decision makers and influencers in leadership, technology and security roles across Europe finds that 48 percent manage their security operations in house compared to 52 percent who use a third party.

The study from Logpoint finds more than a quarter (28 percent) of UK businesses intend to outsource security over the course of the next two years.

Continue reading →

A new report finds that 75 percent of the 100 most visited websites in the US and Europe are not compliant with current privacy regulations.

The study from privacy solution provider Privado.ai shows despite stricter privacy enforcement in Europe a surprising 74 percent of top websites do not honor opt-in consent as required by Europe's General Data Protection Regulation (GDPR).

Continue reading →

When it comes to protecting sensitive information like financial data, personal information, and intellectual property, encryption has become a must. By scrambling data through the use of algorithms, only those with access to decryption keys are able to read what's being secured.

Encrypted traffic has fulfilled its intended mission: to lock down data. But, could it simultaneously be helping bad actors slip by undetected? And could encrypted traffic actually make it harder for network defenders to spot threats before it's too late?

Continue reading →

A new report finds 61 percent of organizations have suffered a security breach in the past year because their policies, governance, and controls failed or were not working effectively. This is costing US businesses $30bn and UK businesses £10bn per year.

The study from security posture management firm Panaseer surveyed 400 security decision makers across the US and UK and found 72 percent have taken out indemnity insurance in response to growing personal liability, whilst 15 percent have considered leaving the industry.

Continue reading →

As organizations increasingly adopt AI capabilities, the most common and dangerous attacks often go undetected by static code scanning or traditional security methods.

The only effective way to stop common AI attacks, such as prompt injection and zero-day vulnerabilities, is through active runtime detection and defense. Operant AI is launching a new 3D Runtime Defense Suite aimed at protecting live cloud applications, including AI models and APIs in their native environments.

Continue reading →