Articles about cybersecurity

Across the interconnected global economy, complex supply chains ensure the seamless flow of goods and services across every industry. However, as cyber threats continue to evolve, organizations throughout this ecosystem are, often unknowingly, being exposed to more and more security risks as a direct result of being part of the chain. This creates a range of critical challenges for organizations whose very existence is dependent on the reliability and integrity of their supply chains at all their various levels.

Understanding the various stages of contemporary supply chains -- from material sourcing to manufacturing, transportation, warehousing, and distribution -- is essential for identifying potential vulnerabilities, with each stage susceptible to different types of risks.

Continue reading →

Hacking tends to have something of a bad name, but there are many hackers who do good work, identifying flaws before they can be exploited in cyberattacks.

However, many of these people operate in the shadows for fear of being prosecuted for violating legislation. We talked to Laurie Mercer, director of sales engineering at security platform HackerOne, to discuss whether ethical hackers need to be more open about their activities in order to bring about change and how ethical hacking is making organizations safer.

Continue reading →

Poor data controls and the advent of new generative AI tools based on Large Language Models (LLMs) will lead to a spike in insider data breaches over the coming year, says cybersecurity company Imperva.

As LLM-powered chatbots have become more powerful, many organizations have implemented complete bans or restricted what data can be shared with them. However, since an overwhelming majority (82 percent) have no insider risk management strategy in place, they remain blind to instances of employees using generative AI to help them with tasks.

Continue reading →

The construction sector (with an average of 226 incidents annually) is the most targeted by cyber criminals closely followed by transport (167), wholesale trade (138), manufacturing (116) and retailers (105).

A new report from ReliaQuest, based on data from 35,000 incidents affecting its clients, shows the most detected attack technique is the attempted exploitation of exposed remote services, such as virtual private networks (VPNs) and remote desktop protocol (RDP).

Continue reading →

Cybercriminals are using AI-created malware that is adept at avoiding detection by traditional antivirus models, according to the latest report from Acronis.

The report also finds email attacks and ransomware cases have exploded relative to last year. Acronis-monitored endpoints are picking up valuable data about how cybercriminals operate and how some attacks have become more intelligent, sophisticated, and difficult to detect.

Continue reading →

A number of high-profile cyber-attacks in recent years have thrust cybersecurity back into the spotlight. In light of the HAFNIUM hack, cybersecurity has become a major focus for many businesses. Although the hack itself was not the result of human error, it was a wake-up call for organizations to make sure they were fully protected.

The UK's Department for DCMS’ Cyber Security Breaches Survey 2021 revealed that phishing is still the most common cause of cybersecurity breaches, accounting for 83 percent of all successful attacks.

Continue reading →

The growth in mobile device and app usage has created a growing attack surface, with 60 percent of global web traffic now coming from mobile devices. So it's not surprising that increasing numbers of cybercriminals and nation state actors want to exploit these areas of vulnerability.

The latest Global Mobile Threat Report from Zimperium finds that 80 percent of phishing sites now either specifically target mobile devices or are built to function on both mobile devices and desktops.

Continue reading →

Although alternative technologies continue to make inroads, most of us are still heavily reliant on passwords to secure our digital identities.

Proton, the company behind Proton Mail, Proton VPN and other products, launched a new, free password manager called -- you'll have guessed already -- Proton Pass in beta a couple of months ago.

Continue reading →

As generative AI tools continue to make the news there are growing concerns over safety and security as well as the accuracy of information produced.

Most people don't trust ChatGPT and have worries about its security and safety according to a new survey from Malwarebytes. The research shows that 81 percent are concerned about security and safety risks.

Continue reading →

New research from Nexusguard shows that last year DDoS attacks worldwide increased by 115.1 percent over the 2021 level.

Attackers have also continued to alter their threat vectors by targeting the application platforms, online databases, and cloud-based storage systems within Internet Service Providers (ISPs). This has resulted in a significantly greater impact globally as organizations continue to move more of their workloads to the cloud.

Continue reading →

Security information and event management systems (SIEMs) are missing detections for 76 percent of MITRE ATT&CK techniques that adversaries use to breach their environments, according to a new report.

Produced by CardinalOps, the study analyzes real-world data from production SIEMs -- including Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic -- covering more than 4,000 detection rules, nearly one million log sources, and hundreds of unique log source types.

Continue reading →

A new study of over 200 CISOs and senior security leaders at organizations with over 5,000 employees shows that 93 percent have suffered at least one cyberattack in the last year and all of them think the security landscape is worsening.

The research from Censys also shows that 53 percent identify the need to secure their organization's entire attack surface as their top priority.

Continue reading →

Leading organizations in all industries have accelerated their digital transformation and change management over the past three years, and for a good reason. According to Deloitte, meaningful digital transformation initiatives can unlock up to $1.25 trillion in market capital across Fortune 500 companies, with similarly positive results demonstrated for mid-range and small enterprises.

The key word here is "meaningful." But what constitutes beneficial change management processes versus directionless spending?

Continue reading →

A new study shows that 75 percent of consumers would switch their business to another company following a ransomware attack.

The survey, from backup appliance company Object First, also reveals that consumers are requesting increased protection from vendors that hold their data, with 55 percent favoring companies with comprehensive data protection measures such as reliable backup and recovery, password protection, and identity and access management strategies.

Continue reading →

Stolen identities continue to cause massive breaches, exposing 1.5 billion user records and costing businesses an average of $9.4 million per breach in 2022, according to a new report.

The ForgeRock 2023 Identity Breach Report shows that attackers continue to target credentials and use them as a stepping stone to infiltrate an organization across industries and geographies. What’s more and AI is making it more difficult for the average human to identify threats.

Continue reading →