Most people understand that retail becomes a target for cybercriminals during the holidays. But even businesses not related to the retail sector will often find the holidays their most vulnerable time of year. After all, many individuals (that is, employees) are focused on wrapping up projects before the holidays truly start or are looking ahead to the coming year with the added distraction that the holidays bring.
Businesses need to protect themselves from potential cybersecurity threats during the busy holiday season -- many of which will come in the form of the world’s most commonly used utility, email. In this post, we will take a look at some of the biggest on-premises and cloud email security threats your business faces this holiday season.
Data is a vital resource in the education sector and increasingly schools and colleges store information in digital form. Digital technology is also moving into the classroom, but of course all this comes with greater risk.
Yet according to new research from security rating service SecurityScorecard, across 17 industries in the US education comes second to last in terms of total cybersecurity.
The two fundamental building blocks in ensuring that your data is secure are physical infrastructure and network security. Understanding and protecting your information from threats and human error requires meticulously layered security protocols.
Last year, British Airways canceled over 400 flights and stranded 75,000 passengers because of an IT outage caused by an engineer who disconnected a power supply at a data center near London’s Heathrow airport. When it comes to data centers and networks, even minor human errors can have a major impact on businesses and their customers. With the exorbitant costs and human resources required to maintain an on-premise system, organizations should look to public cloud companies. These companies bring capital and expertise to the table to properly manage their data centers, which are better protected than those that most companies could put in place themselves.
A new study reveals that 60 percent of organizations globally have suffered two or more business-disrupting cyber events -- defined as cyberattacks causing data breaches or significant disruption and downtime to business operations, plant and operational equipment -- in the last 24 months.
It used to be easy to spot a phishing email, you just looked out for bad grammar and URLs that clearly didn't correspond to the organization being impersonated.
Recently though they've become harder to detect. According to the latest Global Threat Report from Comodo Cybersecurity, phishing really is getting better and it now represents one in every 100 emails received by enterprises.
Earlier this year we looked at Duo Security's research into Twitter bots which focused on fake followers. The company has now published some further research looking at amplification bots.
So what is an amplification bot? They exist to boost content through likes and retweets. Duo has produced an algorithm to identify these bots and was able to find more than 7,000 over a 24 hour period.
Many people will be receiving new tech gadgets over the Christmas period, including smartphones, gaming consoles, tablets, connected toys, and a whole range of apps to go with them.
But new research from from cybersecurity training organization the SANS Institute finds that while people are aware of the risks these devices can pose, they may not have the skills to properly protect them.
The company has revealed that a bug in the Google+ API exposed the data of 52.5 million users, and as a result it is expediting the shutdown. Previously due to close in August 2019, Google+ will now be killed off in April 2019.
Businesses are starting to recognize that it may be impossible to keep attackers completely out of their networks, so they are starting to look for ways of fighting them more efficiently.
One of the ways of doing this is to use decoys to lure attackers and allow the threat to be dealt with before it affects live systems. We spoke to Carolyn Crandall, chief deception officer at Attivo Networks to find out more about how this deception technology works and what it can do.
New research released by security awareness and email protection company Mimecast finds that more than two-thirds of employees admit to personal use of work devices during office hours.
Mimecast surveyed more than 1,000 people who use company-issued devices (such as mobile phones, desktop computers or laptops) in the workplace, in order to understand their behavior, but also their awareness of basic threats plaguing organizations.
Operational technology is critical in areas like energy, oil and gas, manufacturing, and transportation, but it's often be based on legacy systems which can be difficult to keep secure, with updates often needing to be carried out using USB devices.
The threat of attacks is very real though and the consequences especially disastrous, yet many control systems are running outdated software, leaving them vulnerable to attack.
Malware is constantly evolving in an attempt to steal data or make money for the people behind it. A new report by Malwarebytes Labs reveals the latest shift towards attacks that can avoid detection but also stay on a system to be reactivated later.
Using fileless malware is just one example among many attack methodologies currently evading traditional security defenses and maintaining persistence.
Risk management and cybersecurity specialist SureCloud has discovered that the popular VTech Storio Max children's tablet can easily be hacked, enabling criminals to take control of the devices and snoop on unsuspecting victims.
This can be done by simply adding an image or link to a website. When accessed by a child via the tablet's web browser, the exploit would attack the tablet and enable the attacker to take full control of the device.