A new survey from Viakoo shows that only 50 percent of IT leaders are confident in their Internet of Things security and that 55 percent of IoT cyber incidents could have been prevented with better security measures.

In addition 71 percent say they wish they had started their IoT security efforts differently in order to remediate issues faster.

A new report shows that 66 percent of organizations in the UK experienced at least one successful phishing attack in 2023 compared to 91 percent the previous year.

However, the study from Proofpoint shows the negative consequences of attacks have soared, with a 30 percent increase in reports of financial penalties, such as regulatory fines, and a 78 percent increase in reports of reputational damage.

Attacks targeting the business logic of APIs made up 27 percent of attacks in 2023, a growth of 10 percent since the previous year. Account takeover (ATO) attacks targeting APIs also increased from 35 percent in 2022 to 46 percent in 2023.

This is among the findings of a new report from Imperva which shows API traffic constituted over 71 percent of web traffic last year. While there are benefits of APIs in allowing seamless connectivity, enhancing online experiences, and driving innovation, their widespread adoption leads to new security challenges.

As consumers and businesses undergo a sea change shift towards mobile interfaces, embracing everything from retail to human resources management, the landscape of mobile security is experiencing a parallel transformation.

With this surge in reliance on mobile devices, threats have become more sophisticated, spanning network vulnerabilities, the proliferation of malware, and the craftiness of phishing schemes.

The market for AI in cybersecurity is expected to reach more than $133 billion by 2030 according to a new report from Techopedia.

There's both a positive and negative impact from AI use. Hackers using AI has fueled a huge rise in cybercrime, expected to reach a massive $9.22 trillion cost to internet users in 2024, with the vast majority (85 percent) of cybersecurity professionals blaming AI. This rise is for these key reasons: AI increases the speed and volume of attacks, it adapts to specific defenses, and it creates more sophisticated, personalized attacks.

Apple devices have historically had a reputation for being immune to malware, but a new report from Jamf reveals that it's tracked 300 malware families on macOS and found 21 new ones in 2023.

Jamf's latest Security 360 report examined a sample of 15 million desktop computers, tablets and smartphone devices they protect, across 90 countries and multiple platforms (macOS, iOS/iPad, Android and Windows).

With responses from more than 1,100 cybersecurity professionals, a new survey reveals that 88 percent of respondents believe that AI will significantly impact their jobs, now or in the near future.

The study from ISC2 shows 35 percent have already witnessed its effects. However, views on exactly what the implications of AI might be are mixed.

A new report from Cyolo and the Ponemon Institute reveals that third-party access to operational technology environments is significantly expanding the attack surface.

According to the study, 73 percent permit third-party access to OT environments, with an average of 77 third parties per organization granted such access.

The total number of common vulnerabilities and exposures (CVEs) is expected to increase by 25 percent in 2024 to 34,888 vulnerabilities, or roughly 2,900 per month.

This comes from a new report by 'active insurance' provider Coalition which uses honeypots to monitor for spikes to identify the biggest CVEs before they make news headlines -- thus providing companies with the opportunity to take action before an incident can occur.

Cloud intrusions increased by 75 percent overall last year as adversaries set their sights on the cloud through the use of valid credentials.

This is one of the findings of the 2024 CrowdStrike Global Threat Report released today. It notes an increase in interactive intrusions and hands-on-keyboard activity (60 percent) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.

The relationship between an organization's chief information officer (CIO) and chief information security officer (CISO) has traditionally been somewhat at odds, since CIO's job is built around sharing information and the CISO's job is to secure it. Plus, the CIO was normally higher in the organizational hierarchy, which could also cause some tension.

But the relationship has evolved in recent years, to the point where the two positions are often more on par with each other. And with security's growing importance to the business (and the boardroom), the two jobs often share the same goals and responsibilities.

A new report from Cofense based on data from its Phishing Detection Center identifies over 1.5 million malicious emails bypassing customers' secure email gateways (SEGs), a 37 percent increase in threats compared to 2022.

The report shows that SEGs struggle to keep pace with sophisticated phishing campaigns and that relying on 'good enough' email security is no longer an option for most enterprises.

With more and more businesses relying on SaaS solutions, securing the endpoint browser is vital. Often this involves enterprises imposing a particular browser on their users rather than allowing a choice.

In a new approach, Menlo Security is launching a complete enterprise browser solution that can turn any browser into a secure enterprise browser.

Phishing is the most common form of cyberattack as criminals seek to obtain credentials to access bank accounts or corporate networks.

Abnormal Security has analyzed which phishing attacks generate the highest click rate and categorized them based on the words included in the subject line.

Wyze customers experienced a service disruption last Friday morning due to an outage originating from their partner, Amazon Web Services (AWS). This incident temporarily disabled Wyze devices, preventing users from accessing live camera feeds and event recordings. The company has since apologized for the inconvenience this caused.

During efforts to restore camera functionality, a security issue emerged. Approximately 13,000 Wyze users inadvertently received thumbnails from cameras that were not their own, and 1,504 users interacted with these thumbnails. In some instances, users were able to view event videos from other accounts. Wyze has confirmed that all affected users have been notified and reassured that the majority of accounts remained unaffected.