cybersecurity

According to a new report, at least 20 percent of enterprise endpoints remain unpatched after the remediation is completed, meaning that a fifth of machines still have a significant number of legacy vulnerabilities that could be exploited at any time.

The study of over 800 IT professionals from Action1 Corporation finds 10 percent of organizations suffered a breach over the past 12 months, with 47 percent of breaches resulting from known security vulnerabilities.

Unless you’ve been on a retreat in some far-flung location with no internet access for the past few months, chances are you’re well aware of how much hype and fear there’s been around ChatGPT, the artificial intelligence (AI) chatbot developed by OpenAI. Maybe you’ve seen articles about academics and teachers worrying that it’ll make cheating easier than ever. On the other side of the coin, you might have seen the articles evangelizing all of ChatGPT’s potential applications.

Alternatively, you may have been tickled by some of the more esoteric examples of people using the tool. One user, for example, got it to write an instruction guide for removing peanut butter sandwiches from a VCR in the style of the King James Bible. Another asked it to write a song in the style of Nick Cave; the singer was less than enthused about the results.

With more and more organizations turning to the cloud and cloud-native application development, AppSec teams face a mounting challenge to keep pace with their development counterparts.

To address this, Backslash Security is launching a new solution to provide unified code and cloud-native security by correlating cloud context to code risk, backed by automated threat modeling, code risk prioritization, and simplified remediation across applications and teams.

A new survey of over a thousand CISOs from large enterprises in the US and UK, finds that 93 percent are concerned about dark web threats and 72 percent believe that intelligence on cybercriminals is critical to defending their organization.

The report from Searchlight Cyber looks at how CISOs are gathering data from the dark web to improve their security posture.

As organizations embrace cloud-native development, they are building new types of applications and microservices that are easier to scale and add more business value.

But the growing adoption of microservices has introduced new security risks because microservices and modern applications contain more 'pieces' that increase the attack surface.

Just 15 percent of organizations globally have the 'Mature' level of readiness needed to be resilient against today's modern cybersecurity risks, according to Cisco's first-ever Cybersecurity Readiness Index.

More than half (55 percent) of companies globally fall into the Beginner (eight percent) or Formative (47 percent) stages, meaning they are performing below average on cybersecurity readiness.

Ransomware and extortion actors are utilizing more aggressive tactics to pressure organizations, with harassment being involved 20 times more often than in 2021, according to a new report.

The study, from Palo Alto Networks' Unit 42 threat intelligence team, finds harassment is typically carried out via phone calls and emails targeting a specific individual, often in the C-suite, to pressure them into paying a ransom demand.

People have been predicting the end of the password for a very long time, yet they still remain key to securing access to many systems.

Maybe the end is edging just a bit closer though as ForgeRock announces Enterprise Connect Passwordless, a new passwordless authentication solution that eliminates the need for users to interact with passwords inside large organizations.

Cyberattacks are expected to reach historic levels this year, in both volume and sophistication, yet many organizations are reducing their 2023 cybersecurity budgets.

We spoke to Steve Benton, VP of threat research at intelligence-driven cybersecurity specialist Anomali, to discover how a different approach might offer strong protection without breaking the bank.

The default blocking of macros in MS Office is forcing threat actors to be more creative with their attack methods, according to the latest report from HP Wolf Security.

There have been increases in the levels of malware delivered in PDFs and zip files, as well as a rise in 'scan scams' using QR codes to trick users into opening links on mobile devices.

UK government departments are losing hundreds of devices each year according to Freedom of Information (FoI) requests submitted by encrypted drive manufacturer Apricorn.

The Home Office declared 469 lost and stolen devices between September 2021 and September 2022, with the Ministry of Defence not far behind with 467 mobiles, tablets and USB devices unaccounted for.

The Lockbit ransomware group claimed 129 victims in February, more than double the 50 that was reported in January.

The latest ransomware report from GuidePoint Security shows that another RaaS group, AlphV, also significantly increased its reported monthly victim count from 20 to 31.

There's been a fair bit of hype recently surrounding the potential for ChatGPT and similar tools to be used for creating phishing campaigns, eliminating the typos and other errors that are the giveaways of a scam.

However, new research from Hoxhunt suggests that AI might not be quite so good at going phishing after all.

A new study reveals that 61 percent of mid-sized businesses don't have dedicated cybersecurity experts in their organization.

The research from managed security platform Huntress also shows 24 percent of mid-sized businesses have suffered a cyber attack or are unsure if they have suffered a cyber attack in the past year.

Growing numbers of cyberattacks have highlighted the shortcomings of passwords and legacy multi-factor authentication systems.

Beyond Identity today launches Zero Trust Authentication, which has been developed in response to the failure of traditional authentication methods. It includes components such as Beyond Identity's risk scoring and continuous authentication capabilities to significantly enhance the level of protection offered.