As we approach the peak holiday shopping season a new survey of nearly 400 IT security decision-makers and retail customers from identity specialist HYPR shows that 58 percent of retail organizations experienced at least one authentication-related breach and 65 percent were victims of identity fraud over the last 12 months.

Retailers have suffered losses of up to $6.27 million in the last year alone due to insecure authentication methods. By contrast financial institutions reported only $4.57 million lost during the same period.

Nearly half of businesses admit they are only partially confident in their ability to detect deepfakes, leaving them vulnerable to escalating fraud risks according to a new report.

The report from identity solutions company Regula shows 59 percent of businesses consider video deepfakes a serious threat, while 58 percent feel the same about audio deepfakes.

New data from Abnormal Security shows that between September 2023 and September 2024, phishing, business email compromise, and vendor email compromise attacks on manufacturers increased significantly.

The number of monthly attacks phishing attacks has grown nearly 83 percent between September 2023 and September 2024. Business email compromise attacks are up 56 percent too.

A new report from cyber insurance provider Cowbell shows that supply chain attacks have increased by an astounding 431 percent since 2021.

It also shows that large enterprises (those with greater than $50 million revenue) are 2.5 times more likely to encounter cyber incidents. Manufacturing is the most vulnerable sector, driven by its reliance on automation and exposure to intellectual property threats.

The rise of remote and hybrid work has increased the risk of PCs being compromised by attackers with brief physical access, underscoring the need for protection and visibility into the integrity of devices throughout their lifetimes.

To combat this, HP is launching a new HP Enterprise Security Edition, a unique suite of capabilities designed to enhance the physical security of PC endpoints.

A new survey, from infrastructure management provider Pulumi, reveals that 58 percent of organizations feel their cloud security is inadequate, underscoring the critical need for enhanced security measures in cloud environments.

This echoes research from other sources which show a 75 percent increase in cloud intrusions from 2022 to 2023, and 44 percent of organizations having faced a cloud data breach -- 14 percent reporting one in the past year.

Cyberattackers are targeting holidays and weekends to cause maximum disruption, yet many businesses remain underprepared outside of standard working hours.

A new report from Semperis, based on a survey of almost 1,000 cybersecurity professionals, shows that 86 percent of surveyed organizations in the US, UK, France and Germany that were attacked were targeted during a holiday or weekend.

New data from Cofense shows one malicious email bypassing customers' Secure Email Gateways (SEGs) every 45 seconds -- up from every 57 seconds in 2023.

The report also highlights the rapid rise in Remote Access Trojans (RATs) and the evolution of credential phishing techniques that exploit trusted platforms. Remcos RAT emerged as the predominant malware, using methods to bypass SEGs with ease.

Most developers (85 percent) and security teams (75 percent) have security concerns over relying on GenAI to develop software.

A report from Legit Security, based on a survey of over 400 security professionals and software developers across North America, finds 96 percent of security and software development professionals report that their companies use GenAI-based solutions for building or delivering applications.

In 2024, businesses have reported taking an average of 7.3 months to recover from cybersecurity breaches -- 25 percent longer than expected and over a month past the anticipated timeline of 5.9 months.

This is among the findings of the latest Global Security Research Report from Fastly which also shows that recovery times are even worse for companies that planned on cutting back cybersecurity spending. They faced an average of 68 incidents each -- 70 percent above the average -- and their recovery times stretched to 10.9 months.

Most organizations now recognize that some form of cybersecurity breach is a matter of when rather than if. So why not just assume that the site has been breached in the first place?

That’s exactly what Tide Foundation has done with its new platform. TideCloak is an identity, immunity, and access management system that starts with a 'breach assumed' approach.

A new survey of over 1,700 senior decision makers and influencers in leadership, technology and security roles across Europe finds that 48 percent manage their security operations in house compared to 52 percent who use a third party.

The study from Logpoint finds more than a quarter (28 percent) of UK businesses intend to outsource security over the course of the next two years.

A new report finds that 75 percent of the 100 most visited websites in the US and Europe are not compliant with current privacy regulations.

The study from privacy solution provider Privado.ai shows despite stricter privacy enforcement in Europe a surprising 74 percent of top websites do not honor opt-in consent as required by Europe's General Data Protection Regulation (GDPR).

When it comes to protecting sensitive information like financial data, personal information, and intellectual property, encryption has become a must. By scrambling data through the use of algorithms, only those with access to decryption keys are able to read what's being secured.

Encrypted traffic has fulfilled its intended mission: to lock down data. But, could it simultaneously be helping bad actors slip by undetected? And could encrypted traffic actually make it harder for network defenders to spot threats before it's too late?

A new report finds 61 percent of organizations have suffered a security breach in the past year because their policies, governance, and controls failed or were not working effectively. This is costing US businesses $30bn and UK businesses £10bn per year.

The study from security posture management firm Panaseer surveyed 400 security decision makers across the US and UK and found 72 percent have taken out indemnity insurance in response to growing personal liability, whilst 15 percent have considered leaving the industry.