cybersecurity

Last year saw a 34.5 percent year-on-year increase in reported data breach incidents, with over 17 billion records compromised according to a new report from Flashpoint.

This trend looks set to continue as the first two months of 2024 alone saw a massive 429 percent spike in stolen or leaked personal data compared to the same period in the previous year.

The latest Cybersecurity Readiness Index from Cisco shows that 53 percent of the respondents report falling victim to a cyber incident this past year, and many leaders (73 percent) believe that they will be a victim of a cybersecurity incident in the next 12-24 months.

The report shows that the level of readiness is down on a year ago too. Only three percent of organizations around the globe have a mature enough security posture to protect against today’s threats (down 12 percent compared to last year).

A lot of time, attention, and investment is spent on creating strong perimeters and endpoint defenses to prevent malicious actors from gaining access to corporate networks.

While this is important, organizations also need a network security strategy -- because if attackers do infiltrate a network, the race is on to uncover the malicious activity and quickly resolve the incident.

Members of generation Z -- those born in the mid to late 1990s -- are more susceptible to fraud than other age groups and are also committing it at a higher rate.

The latest Digital Trust and Safety Index, released today by Sift, shows that 33 percent of Gen Z survey respondents know someone who has, or have personally, participated in payment fraud, compared to only 10 percent of Baby Boomers.

A rise in identity-based attacks can be laid at the door of a rapid increase in malware, according to a new report. Analysis by SpyCloud finds that 61 percent of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related.

Researchers also report that the average identity had a one in five chance of already being the victim of an infostealer infection. Infostealer malware enables criminals to collect vast amounts of information about the user and the device, including a user's session cookies, API keys and webhooks, crypto wallet addresses, and more.

A new report reveals that 67 percent of businesses routinely synchronize most of their users’ passwords from their on-premises directories to their cloud counterparts. This poses substantial security risks by creating a gateway for attackers to hack these environments from on-prem settings.

The report from Silverfort shows that in the rush to the cloud security gaps stemming from legacy infrastructure, misconfigurations, and insecure built-in features create pathways for attackers to access the cloud, significantly weakening a company's resilience to identity threats.

A new report shows that 95 percent of IT leaders say that cyberattacks are more sophisticated than ever and they are unprepared for this new wave of threat vectors.

The survey, of more than 800 IT and security leaders around the world, from Keeper Security reveals that firms are witnessing AI-powered attacks (51 percent), deepfake technology and supply chain attacks (both 36 percent), cloud jacking (35 percent), Internet of Things (IoT) attacks and 5G network exploits (both 34 percent), and fileless attacks (24 percent).

As widely available quantum computing draws closer, organizations need to consider the extent to which their supply chain presents risks and start building in post quantum readiness to their risk assessments.

To do this, it's critical for businesses to understand the origin and authenticity of all the components that are in the supply chain (both hardware and software). This is especially true for IoT devices, which rely on systems and subsystems created by multiple partners and vendors bringing their solutions together to make a fully functioning connected product/system.

A new report from Black Kite shows how third-party data breaches create critical weak spots in extended networks, potentially leaving businesses open to cyber attacks, which can have a negative ripple effect across the organization and its stakeholders.

The report is based on analysis of 81 vendor breaches impacting 251 companies in 2023. Unauthorized network access was the leading cause of breaches, accounting for over half (53 percent) of third-party breach incidents. This represents a 26 percent increase from 2022, with ransomware being the most common method of compromise.

Despite cybersecurity threats being on the rise, many small and medium businesses (SMBs) still lack basic security measures, according to AI security company Cyber Upgrade.

It's no secret that hackers target smaller businesses due to inadequate cybersecurity safeguards, as most underestimate the associated risks as well as lacking the resources of larger enterprises.

A new report from Thales reveals that 43 percent of enterprises failed a compliance audit last year, with those companies 10 times more likely to suffer a data breach.

Based on a survey of almost 3,000 IT and security professionals it also finds that 93 percent of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47 percent last year.

Today's IT security teams face several key challenges. Tasked with combating the rising volume and frequency of sophisticated cyber threats, they are bombarded with a tsunami of alerts generated by countless security tools that deliver little context or value-add insight.

Effectively processing and analyzing all this data to identify actionable threat intelligence requires considerable time and effort.

A new study from Proofpoint shows that 85 percent of organizations polled experienced at least one data loss incident in the past year. Even the country with the lowest percentage -- the UK -- still had 73 percent of respondents reporting at least one incident in the past 12 months.

What's particularly interesting though is that careless users, accounting for 70.6 percent, are much more likely to cause these incidents than compromised (48.1 percent) or misconfigured systems (45.3 percent).

Organizations are putting their critical operations at risk by enabling the widespread continuation of a 'blame game' culture between their IT teams and third-party service providers, according to a new report.

The survey from Dynatrace finds that 91 percent of organisations are still playing the blame game with IT service providers when problems occur. This increases the reliance on war-room-style meetings to identify and resolve the cause of problems, which extends the duration of incidents and creates tense workplace environments that heighten the risk of losing skilled talent.

The number of new posts on dark web forums about elections surged by 394 percent in 2023 compared to 2022, research released this week by cybersecurity firm NordVPN reveals. And in the first two months of 2024 alone, users have already published almost half as many posts.

With more than 60 countries holding national elections in 2024, representing over half of the world's population, this is a significant year in history for global democracy so it's unsurprising that there's an increase in interest.