Articles about cybersecurity

In recent months, the buzz surrounding AI technology has grown rapidly, due in large part to the release -- and subsequent zeitgeist moment -- of ChatGPT. A chatbot fueled by language modeling AI technology that is free to the public, ChatGPT has been the subject of seemingly endless discourse regarding its implications since its launch last November.

This type of AI technology is convincing and well… intelligent. It’s almost like a contemporary iteration on the concept of a search engine -- you can type in a prompt, and within moments you’ll receive a well-articulated, seemingly accurate response pulling from sources all over the web.

Continue reading →

A new report reveals the most impersonated brands in phishing attacks for the first half of 2023, with Facebook taking the top slot, followed by Microsoft.

The report from email security company Vade, shows Facebook accounted for 18 percent of all phishing URLs and Microsoft for 15 percent. Taken together these two accounted for more unique phishing URLs than the next top five brands combined (Crédit Agricole, SoftBank, Orange, PayPal and Apple).

Continue reading →

The cyber talent shortage is a greater concern for CISOs than ongoing economic uncertainty, according to the latest Information Security Maturity Report from ClubCISO and Telstra Purple.

Insufficient staff is named as the top (51 percent) concern for CISOs when asked which factors most affect their ability to deliver against their objectives.

Continue reading →

While 75 percent of organizations have made significant strides to upgrade their infrastructure in the past year and 78 percent have increased their security budgets, only two percent of industry experts are confident in their security strategies, according to a new report.

The study, from critical infrastructure protection specialist OPSWAT, also finds most organizations have embraced public cloud hosting for their web applications, with an overwhelming 97 percent already employing or planning to implement containerization.

Continue reading →

The latest 'In the Mind of a Hacker' report from Bugcrowd, which includes responses from 1,000 white hat hackers across 85 countries, finds 55 percent saying that generative AI can already outperform hackers or will be able to do so within the next five years.

But despite this, hackers aren't especially worried about being replaced, with 72 percent saying that generative AI will not be able to replicate the creativity of human hackers.

Continue reading →

While IT security leaders are concerned about attacks that use malware-exfiltrated authentication data, many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively prevent follow-on attacks.

Research from cybercrime analytics company SpyCloud shows 98 percent of over 300 mid-market and enterprise IT security professionals from the US and UK surveyed say better visibility into at-risk applications would significantly improve their security posture.

Continue reading →

The pandemic changed the way we work, with more people working from home and fewer in the office. That meant we became much more reliant on tools like Slack and Teams in order to keep in touch with colleagues.

Even though some people are now going back to the office, reliance on these collaboration tools remains high. The dark side of this trend is that cybercriminals have noticed and are increasingly using them as vectors for phishing attacks.

Continue reading →

Infrastructure is becoming more vulnerable to cyber threats. Therefore, everyone from tech enthusiasts to real estate professionals must pay attention to how blockchain and proptech advancements change the game to keep stakeholders, business owners and tenants safe and sound.

Blockchain is a part of the proptech umbrella, but it encompasses so much -- and blockchain enhances it all.

Continue reading →

User authorization for access to data is complicated. Knowing who has access to what information is often difficult because of complex role hierarchies, different authorization models used for different technologies, and the variety of data that may be accessible across technologies and clouds.

Ben Herzberg, chief scientist at data security platform Satori, believes there's often a blindspot around authorization, but that the issue doesn't have to be as complex as it can seem. We talked to him to learn more.

Continue reading →

AI has been in the news over the past several months, but not everyone is welcoming it excitedly. Many renowned tech personalities have expressed their concerns over the risks associated with it and there are valid fears about artificial intelligence doing more harm than good. For example, there have been reports of AI helping cybercriminals produce less detectable malware.

It is reassuring to know that cybersecurity is among the early adopters in harnessing the benefits of artificial intelligence. Cybersecurity firms have been developing ways to integrate AI into their detection, mitigation, and prevention capabilities. Next gen security information and event management (SIEM), in particular, is gaining traction as organizations try to keep up with the growing aggressiveness and complexity of cyber threats.

Continue reading →

Recent reports have shown that email is still the channel where enterprises are most vulnerable to attacks, in particular phishing.

But adding new browser-based layers of security protection can disrupt such killchains, for example by preventing phishing victims from accessing or engaging with spoofed sites. We spoke to Red Access co-founder and CTO Tal Dery to find out more.

Continue reading →

Whoever said 'crime doesn't pay' clearly did so before the advent of the internet. A new report shows that if cybercrime was a country it would be the third largest global economy, valued at $10.5 trillion by 2025. Some 33 billion records are estimated to be stolen in 2023 -- a huge increase of 175 percent from 2018.

The latest Cybercrime Statistics Report from Independent Advisor, shows that last year the cost to US businesses of an average cyberattack amounted to a huge $4.35 million. In addition, 83 percent of organisations got attacked more than once.

Continue reading →

A new report from cloud risk and detection specialist Rapid7 reveals that Japanese businesses have become a significant target for state-sponsored cyberattacks.

This increased vulnerability has been driven by a fragile global economy and increased political and diplomatic tensions. The Japanese automotive industry and financial services sectors are of particular interest to these actors due to their global reach.

Continue reading →

The increasing sophistication of cybercriminals significantly influences the rise in cybercrime, the frequent lack of sufficient cybersecurity measures, and the high profitability of cybercrime. Cybercriminals constantly refine their skills, developing advanced malware and phishing techniques to bypass security protocols. This progress often outpaces many businesses' and individuals' ability to safeguard their digital assets -- as a lack of resources, underestimation of risk, or insufficient awareness often results in inadequate cybersecurity measures. Further fueling this upward trend is the lucrative nature of cybercrime, with offenders able to amass significant profits from stolen money or data, often with a low risk of apprehension due to the anonymity of the internet and digital currencies. 

A recent BlackBerry Global Threat Intelligence Report observed up to 12 attacks per minute from December 2022 to February 2023, and the number of unique attacks using new malware samples skyrocketed by 50 percent -- from one per minute in the previous report to 1.5 per minute during this reporting period. The most common weapons were droppers, downloaders, remote access tools (RATs), and ransomware, with the most significant target being the healthcare industry.

Continue reading →

A new report shows a 1,400 percent increase in fileless or memory-based attacks, which exploit existing software, applications, and protocols to perform malicious activities against cloud-based systems.

The research from Aqua Security's Nautilus research team collected honeypot data over a six-month period and shows that more than 50 percent of the attacks focused on defense evasion.

Continue reading →