Articles about cybersecurity

As cyber threats continue to evolve and grow, it is increasingly clear that a coordinated and comprehensive approach to cybersecurity is necessary. Governments around the world have recognized the need for national cybersecurity strategies to protect their citizens, businesses, and critical infrastructure. In this article, we will explore the importance of a national cybersecurity strategy from the perspective of a cyber threat intelligence team.

The increasing frequency and severity of cyberattacks have highlighted the importance of having a comprehensive national cybersecurity strategy. Cyberattacks can result in the loss of sensitive data, disruption of critical services, financial losses, reputational damage, and even loss of life. A national cybersecurity strategy is essential to protect against cyber threats, safeguard national security, and maintain economic stability. It provides a framework for coordinating and prioritizing efforts to address cyber threats, promotes information sharing and collaboration, and enables rapid response to incidents.

Continue reading →

Cybersecurity is usually viewed as something to be addressed via software. In recent years though we've seen a hardware element start to creep in -- Windows 11's requirement for TPM capability for example.

Can we expect to see more hardware-based security measures? And what benefits do these offer? We spoke to Ed Maste, senior director of technology at the FreeBSD Foundation (the non-profit organization supporting the open source FreeBSD operating system) to find out.

Continue reading →

With 70 percent of government workers reporting that they work virtually at least some of the time, a new survey shows some worrying trends.

The report from Ivanti finds five percent of government workers have fallen victim to a phishing attempt. However, 34 percent don't believe their actions impact their organization's ability to stay safe.

Continue reading →

The threat of business email compromise (BEC) is growing year on year and is projected to be twice as high as the threat of phishing in general.

According to a new report from cloud email security platform IRONSCALES, over 93 percent of organizations have experienced one or more of the BEC attack variants in the previous 12 months, with 62 percent facing three or more attack variants.

Continue reading →

Much of our modern communication relies on satellites, but the data sent between them and ground stations is vulnerable to theft, leaving satellite communications even more accessible than typical internet communications.

Post-quantum cybersecurity company QuSecure has announced that it's achieved an end-to-end quantum-resilient cryptographic communications satellite link.

Continue reading →

A new study from Specops Software finds that 88 percent of passwords used in successful attacks consisted of 12 characters or less, with the most common being just eight characters (24 percent).

The research, largely compiled through analysis of 800 million breached passwords, finds the most common base terms used in passwords are depressingly familiar: 'password', 'admin', 'welcome' and 'p@ssw0rd'.

Continue reading →

Switching to the cloud has left organizations in heavily regulated industries like healthcare and financial services with a greater attack surface, according to a new report.

Research published today by Blancco Technology Group, based on responses from 1,800 IT professionals in healthcare and finance, shows 65 percent of respondents say that the switch has also increased the volume of redundant, obsolete or trivial (ROT) data they collect.

Continue reading →

Threat protection company Vade has released its latest Phishers' Favorites report for 2022 which finds that financial services is the most impersonated industry, accounting for 34 percent of phishing pages as attackers continue to follow the money.

There are also seven finance brands in the top 20, with PayPal, MTB, Crédit Agricole, and La Banaque Postale all securing a spot in the top 10.

Continue reading →

The latest Annual Trends Report from Jamf, based on a sample of 500,000 devices protected by the company's technology, looks at the threats impacting devices used in the modern workplace and finds social engineering tops the list.

The combination of an increasingly distributed workforce with the relative ease with which bad actors can carry out phishing campaigns, leads to the leakage of user credentials. In 2022, 31 percent of organizations had at least one user fall victim to a phishing attack.

Continue reading →

Enterprises need real-time access to lots of data, but it's important that access to that data is properly controlled.

Radiant Logic is launching a new data intelligence offering that offers identity observability and visualization capabilities, all built on an extensible API-layer and available as a SaaS offering.

Continue reading →

The latest quarterly Consumer Cyber Safety Pulse Report from Norton looks at how cybercriminals can use artificial intelligence to create more realistic and sophisticated threats.

Tools like ChatGPT have captured people's attention recently and it seems cybercriminals have noticed them too. Its impressive ability to generate human-like text that adapts to different languages and audiences also makes it great for generating malicious threats.

Continue reading →

A new report finds that 50 percent of enterprises and 75 percent of mid-sized organizations have exposed public SaaS assets.

The report from security platform DoControl shows that large and medium companies have an average of 5.5 million and 1.5 million assets stored in SaaS applications respectively, illustrating the challenge IT and SecOps teams face daily in securing the intellectual property those assets contain.

Continue reading →

Known vulnerabilities for which patches have already been made available are the primary vehicle for cyberattacks, according to a report released today by Tenable.

The Tenable Research team analyzed cybersecurity events, vulnerabilities and trends throughout 2022, including 1,335 data breach incidents publicly disclosed between November 2021 and October 2022.

Continue reading →

A new survey of 300 CIOs, CISOs, and security executives from enterprises across Europe and the USA shows that 88 percent of organizations admit to being compromised by a cyber incident over the past two years.

The study from Pentera reveals that this is despite organizations having an average of almost 44 security solutions in place.

Continue reading →

Cybercrime actors are shifting away from ransomware to new, innovative techniques, according to the latest CrowdStrike Global Threat Report released today.

The report shows 71 percent of attacks detected in the last year were malware-free (up from 62 percent in 2021) and interactive intrusions (hands on keyboard activity) increased 50 percent in 2022. This shows how sophisticated human adversaries are increasingly looking to evade antivirus protection and outsmart machine-only defenses.

Continue reading →