cybersecurity

Ransomware is being deployed within one day of initial access in more than 50 percent of engagements, according to research from Secureworks Counter Threat Unit.

In the last 12 months the median dwell time identified in the annual Secureworks State of the Threat Report has fallen from 4.5 days to less than one day. In 10 percent of cases, ransomware was even deployed within five hours of initial access.

New research from Bitdefender reveals a rise in 'stream-jacking' attacks against high-profile accounts in order to spread fraudulent messages.

The attacks may involve a full account takeover or simply luring followers to a mimicked channel with the promise of rewards using various techniques including livestream pop-ups, QR codes, and malicious links.

In a study that echoes the findings we reported earlier today on employee security habits, research from the National Cybersecurity Alliance (NCA) and CybSafe finds that Gen Z is twice as likely as older generations to think cybersecurity isn't worth the effort.

The poll of over 6,000 individuals across the US, UK, Canada, Germany, France and New Zealand, examined key cybersecurity behaviours, attitudes and trends ahead of October's Cybersecurity Awareness Month.

This year has seen twice as many software supply chain attacks as 2019-2022 combined and one in eight open source downloads today pose known and avoidable risks.

The latest State of the Software Supply Chain Report from Sonatype, which logged 245,032 malicious packages in 2023, also shows that 96 percent of vulnerabilities are still avoidable.

A new report into hidden threats from Ivanti finds that one in three employees believe their actions do not impact their organization's security.

The research also shows that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).

UK businesses have experienced on average 30 cyber incidents over the last twelve months, marking a 25 percent increase compared to last year.

But a new report from iomart and Oxford Economics finds that 27 percent of organizations think their cyber security budget is inadequate to fully protect them from growing threats. This is despite spending more than £40,000 ($48,000) a year on cyber protection such as vulnerability assessments, penetration testing, and red team engagements.

The latest Phishing Threat Trends Report from Egress, based on data from its Egress Defend email security tool, reveals that nearly three-quarters of AI detectors can't tell if a phishing email has been written by a chatbot.

Because they utilize large language models (LLMs), the accuracy of most detector tools increases with longer sample sizes, often requiring a minimum of 250 characters to work. With 44.9 percent of phishing emails not meeting the 250-character limit, and a further 26.5 percent falling below 500, currently AI detectors either won't work reliably or won't work at all on 71.4 percent of attacks.

Thanks to remote working, businesses have become reliant on tools like Slack and Teams for workplace communication. But this new, unstructured data set introduces risk caused by the everyday conversations in which proprietary, harmful, or sensitive information is shared or deleted.

AI data platform Aware has released a new report based on proprietary research conducted using the AI-powered platform AwareIQ. It finds collaboration platforms are moving beyond chat and are now at the center of a new enterprise workflow, with 15.4 percent of messages originating from integrated third-party applications.

Artificial intelligence (AI) has been an evolving trend at the very center of cybersecurity in recent years. However, the release of a wave of new tools such as ChatGPT and Microsoft's Jasper chatbot have sparked fresh concerns about the potential for cybercriminals to leverage increasingly sophisticated technologies for nefarious purposes.

We spoke to Zach Fleming, principal architect at Integrity360, to explore whether AI can be used to create sophisticated malware and hacking tools capable of bringing down entire networks. We'll consider which concerns are valid by highlighting the current state of AI, and we'll explore how security teams can best combat the use of AI in cybercrime.

In the fast-evolving digital landscape, the prevalence of cyber threats has become a stark reality for businesses and individuals. While essential, conventional cybersecurity measures are often reactive and inadequate against sophisticated attacks. This is where Cyber Threat Intelligence (CTI) emerges as a proactive and complementary approach to cybersecurity.   

Utilizing CTI helps organizations to protect their systems from potential hazards. It provides a way to cut through the noise and focus on threats relevant to that specific company and industry. However, CTI is more than just a product. It's a program that needs to be evaluated constantly to ensure the correct tools, processes, and people are being leveraged as threats evolve and the company changes over time.    

When it comes to Linux-based operating systems, users don’t have to worry about security, right? Umm, no. Linux distributions are not infallible. For instance, according to a forum post, Canonical's Snap Store recently hit a big security snag when users discovered some new snaps that might contain harmful code. This scary moment shows how even trusted places like app stores can have problems that could hurt users.

Reacting quickly, the Snap Store team removed these bad snaps from the platform, making sure no one else could find or install them. But they didn't stop there.

Threat actors are early adopters. Cyber defense is brimming with uncertainties, but one dynamic you can be confident about is that threat actors will leverage everything available to exploit a target. In 2023, this means the rise of artificial intelligence-enabled attacks, from AI-generated social engineering scripts to powerful automation designed to find and exploit vulnerabilities and spread laterally through systems and networks.

Security teams, therefore need to be prepared to meet the challenge of cloud scale threats on both a technical level and an organizational level. It requires anticipating threats that exist beyond technical vulnerabilities, including, for example, social engineering and DDoS. This is part of the challenge of modern cyber security -- the attack surface comprises not just the entirety of IT infrastructure, its endpoints, and all the data it uses and stores, but also its users. It is too large to be effectively managed manually.

Environmental social and governance (ESG) policy sees businesses seek to implement ethical practices to safeguard, not just the business, but its ecosystem of partners and customers and the wider world.

We spoke to Tim Wallen, regional director for the UK, US and emerging markets at Logpoint, to discuss the reasons why cybersecurity needs to be incorporated into ESG reporting, and how this can be achieved.

The shift to remote and hybrid working models has magnified IT operational challenges for 75 percent of organizations.

A new study by Forrester Consulting for HP surveyed over 300 IT and security decision makers and finds the main challenges companies face when managing remote endpoints are ensuring data security (60 percent), keeping software on remote devices up to date (55 percent), and maximizing the accuracy of asset databases (55 percent).

Senior executives are 60 percent more likely to click on malicious links than their employees, making them a vulnerable target for hackers, according to a new report.

However, data from SoSafe also reveals that senior managers are more likely to report a suspicious email (20 percent) than employees (eight percent) are, which shows that security awareness among top management is rising.