Articles about cybersecurity

Although 63 percent of organizations claim their architecture is integrated throughout development (from design to deployment and beyond), a new study shows more than half (56 percent) have documentation that doesn't match the architecture in production.

The research from vFunction shows the impact of this architecture disconnect has potentially resulted in project delays (53 percent), security or compliance challenges (50 percent), scalability limitations (46 percent), and reduced engineering team productivity (28 percent).

Continue reading →

A new survey of nearly 1,500 IT, engineering, and cybersecurity professionals worldwide reveals that 69 percent say maintaining data security and compliance is a top data management obstacle.

Not far behind is managing data volume and growth, cited by 67 percent. The research from Splunk shows 62 percent of respondents claim that difficulties with data management resulted in compliance failures.

Continue reading →

New research highlights the growing threat of identity-based attacks and looks at organizations ability to defend against them.

The study from Huntress shows 67 percent of organizations reported an increase in identity-based incidents over the past three years, with these attacks comprising more than 40 percent of security incidents for 35 percent of organizations in the past year alone.

Continue reading →

When used legitimately, HTML attachments in emails enable organizations to share content, such as newsletters or invitations, that display properly when opened in an email client or web browser.

But a new report from Barracuda reveals that 23 percent of HTML attachments are malicious, making them the most weaponized text file type. Overall more than three-quarters of the malicious files detected overall were HTML, and 24 percent of email messages overall are now unwanted or malicious spam.

Continue reading →

Mobile threats are no longer an emerging issue, they're here, rapidly evolving, and targeting the devices organizations depend on every day.

As employees use smartphones, laptops, and tablets to access sensitive data and systems, a new report from Zimperium zLabs shows attackers are increasingly exploiting these endpoints through mobile-first strategies that bypass traditional security defenses.

Continue reading →

A new report from managed security services company LevelBlue reveals that organizations are forging ahead with AI innovations despite increased security concerns.

The report shows AI-powered attacks, such as deepfakes and synthetic identity attacks, are expected to rise in 2025, but many remain unprepared. The report finds that only 29 percent of executives say they are prepared for AI-powered threats, despite nearly half (42 percent) believing they will happen.

Continue reading →

A new survey of 1,000 businesses across the UK, UK, Europe and the Asia-Pacific region reveals a worrying disconnect between organizations' perceived readiness and actual performance in cyber crisis response.

The study for Semperis, with research from Censuswide, finds 90 percent of enterprises surveyed struggle with serious blockers to effective cyber response. Top issues include cross-team communication gaps (48 percent), out-of-date response plans (45 percent) and unclear roles and responsibilities (41 percent).

Continue reading →

As artificial intelligence (AI) continues to reshape industries, data privacy and security concerns are escalating. The rapid growth of AI applications presents new challenges for companies in safeguarding sensitive information.

Emerging advanced AI models like Deepseek, developed outside the US, underscore the risks of handling critical data. We spoke to Amar Kanagaraj, CEO of Protecto -- a data guardrail company focused on AI security and privacy -- to get his insights on the most pressing AI data protection challenges.

Continue reading →

Security teams know they need to test their main applications, but they often struggle to identify which other assets to cover. On average, organizations can miss testing nine out of 10 of their complex web apps.

Security testing platform Detectify is announcing the launch of its new Asset Classification and Scan Recommendations capabilities which enable organizations to easily identify and swiftly act on their complex web applications.

Continue reading →

Most Linux users assume their security tools will catch bad actors before damage is done -- but sadly, new research suggests that confidence may be misplaced. You see, ARMO, the company behind Kubescape, has uncovered what could be one of the biggest blind spots in Linux security today. The company has released a working rootkit called “Curing” that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market.

At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.

Continue reading →

A new report from API and AI security solutions company Wallarm finds that of around 4,700 security issues analyzed in Agentic AI projects, 49 percent were API-related, underscoring the inseparable nature of agent and API security.

The report also finds that over 1,000 issues in Agentic AI repositories remain unaddressed. 22 percent of reported security issues remain open too, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.

Continue reading →

Deepfake-driven social engineering attacks continue to gain momentum but technical solutions to the issue have so far been slow to emerge.

A recent study from IRONSCALES found that traditional Secure Email Gateways (SEGs) fail to stop an average of 67.5 phishing attacks per 100 mailboxes every month. The company is announcing the launch of a new product offering deepfake protection for enterprise email security.

Continue reading →

New research shows that 71.7 percent of workplace AI tools are high or critical risk, with 39.5 percent inadvertently exposing user interaction/training data and 34.4 percent exposing user data.

The analysis from Cyberhaven draws on the actual AI usage patterns of seven million workers, providing an unprecedented view into the adoption patterns and security implications of AI in the corporate environment.

Continue reading →

A new survey of 2,300 adults worldwide reveals that 79 percent of Gen Z believe reusing the same password across multiple accounts is risky, however, 72 percent still admit to doing so.

The study from Bitwarden ahead of next Thursday's World Password Day also shows 59 percent of Gen Z admit to reusing an existing password when updating an account with a company that has experienced a data breach, this is compared to just 23 percent of Boomers.

Continue reading →

As artificial intelligence finds its way into more and more areas there are concerns around accuracy, security, jobs and more.

Addressing these means organizations will need to fill some new roles. To find out what they are and what impact they will have we spoke to Aimei Wei, chief technical officer and co-founder of Stellar Cyber, to get her views on the AI hiring market.

Continue reading →