Articles about cybersecurity

Biometric access control, video surveillance, and intrusion alarms enhance on-site protection by promptly addressing unauthorized access -- these advanced systems monitor who enters your facilities and allow for real-time responses to incidents.

Meanwhile, cybersecurity remains a key aspect of business demanding great attention. The emergence of generative AI and automation technologies can evaluate threats and make decisions significantly faster, heightening the effect of your defense mechanisms.

Continue reading →

Manufacturing and industrial products remain the most targeted sectors by cyber threat actors in the first half of 2024, with 377 confirmed reports of ransomware and database leak hits in the first half of the year.

A new report from managed detection and response specialist Critical Start is based on analysis of 3,438 high and critical alerts generated by 20 supported Endpoint Detection and Response (EDR) solutions, as well as 4,602 reports detailing ransomware and database leak activities across 24 industries in 126 countries.

Continue reading →

According to a new report, ransomware productivity has shown signs of leveling off in 2024, however, the frequency of attacks and ransom payments collected remains higher in the first half of 2024 compared to the same periods in 2022 and 2023.

The report from WithSecure suggests law enforcement actions, notably the take down of the Lockbit ransomware group in February 2024, have played a critical role in disrupting major ransomware operations.

Continue reading →

Although enterprises are adopting GenAI in a big way, only five percent of the 1,000 cybersecurity experts responding to a new survey have confidence in the security measures protecting their GenAI applications even as 90 percent are actively using or exploring its use.

The research from Lakera shows attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manipulate the applications, gain unauthorized access, steal confidential data and take unauthorized actions.

Continue reading →

A new report from data lakehouse company Starburst highlights the critical role of real-time hybrid data access and robust security in successful AI implementations.

Based on a survey of 300 IT professionals from diverse industries in the United States and Western Europe, carried out by TheCUBE Research, the report shows 90 percent of respondents believe their data management practices are either somewhat or very aligned with their AI innovation goals, highlighting the critical role of coherent data strategies.

Continue reading →

In the last year, the US has experienced a dramatic 63 percent increase in ransomware attacks, with the UK seeing an even greater rise of 67 percent.

The latest State of Ransomware report from Malwarebytes shows the share of attacks carried out by gangs outside the top 15 increased from 25 percent to 31 percent, indicating that ransomware is becoming more accessible to a broader range of cybercriminals.

Continue reading →

A new study shows 91 percent of organizations are concerned about the expanded exposure footprint across non-production environments (including software development, testing, and data analytics).

Once a production dataset is copied many times over into non-production environments, more workers have access to it and the data is no longer subject to the same strict security controls.

Continue reading →

I may not care for Las Vegas in the heat of August, yet I would come back as everything I need to learn and everyone I need to see face to face is at Black Hat.

Concentrated in one week, I meet customers, learn from their feedback, understand how they view the market, the security industry, what we are doing right and what we should change. With so much to talk about and so much to learn, you often leave the conference feeling like you have only just touched the surface. That being said, this year's discussions provided insights into the most critical sectors for the cybersecurity industry to remain resilient and continue to be ever evolving. If there are three things that were talked about, these are the most important to take away and bring back to your boardroom.

Continue reading →

Senior executives are prime targets for cybercriminals, with 72 percent of surveyed cybersecurity professionals in the US reporting that this group has been targeted by attacks in the past 18 months.

The study from GetApp also highlights the rising use of AI-generated deepfakes, which have been involved in 27 percent of the attacks.

Continue reading →

Organizations urgently need to modernize their application security practices so that they can support growth and mitigate risks according to a new report.

Thew study from Legit Security and TechTarget's Enterprise Strategy Group (ESG) finds nearly all organizations reporting difficulties in fixing vulnerabilities after applications are deployed, reinforcing the significance of incorporating security processes and tools in the build process.

Continue reading →

Microsoft Active Directory is used by a majority of the world’s organizations. But Cyberattacks and misconfigurations targeting AD have surged in recent years, leading to critical outages and data loss.

We spoke to Bob Bobel, CEO of Cayosoft, about how to address critical weaknesses in enterprise infrastructure associated with Microsoft Directory services.

Continue reading →

In the first half of 2024, web DDoS attacks surged globally 265 percent compared to the second half of 2023, according to the latest threat analysis report from Radware.

Organizations in EMEA were the primary target of web DDoS attacks between January and June of 2024, being subject to more than 90 percent of the attacks.

Continue reading →

Last year saw almost 100 zero-day attacks, putting a strain on security teams and becoming known as the 'Hot Zero-Day Summer.'

In response to these attacks, the first instinct of many organizations has been to turn to automation. But Marc Rubbinaccio, manager, compliance at Secureframe, doesn't believe that this is the right approach. We spoke to him to find out more.

Continue reading →

Google's Threat Analysis Group (TAG) has recently illuminated the ongoing cyber espionage activities of APT42, an Iranian government-backed group linked to Iran’s Islamic Revolutionary Guard Corps. This cyber collective has intensified its phishing campaigns against high-profile targets in Israel and the United States, particularly focusing on individuals connected to the upcoming U.S. presidential elections.

In detailed findings released by TAG, it was revealed that APT42 has been targeting current and former officials, diplomatic circles, political campaigns, and influential figures within academic and non-governmental organizations in both nations. The U.S. and Israel combined represent about 60 percent of APT42’s cyber operations in the last six months.

Continue reading →

With more business applications and data existing outside of the traditional network perimeter and across multiple clouds, organizations have a harder job than ever before to maintain security and reliability of critical services. This challenge is shared by the majority of IT leaders -- as 81 percent recently surveyed believe the increasing number of cloud applications is adding additional pressure on network performance.

This issue is heightened by the 44 percent of UK workers that now work remotely. Every new remote worker and device added to the organization's network, also expands its attack surface. In fact, 85 percent of IT leaders say remote and hybrid working has contributed to an increase in network security threats. Over two-thirds (69 percent) of UK organizations have experienced an increase in network security threats in the past 18 months.

Continue reading →