Articles about Security

Today's 5G networks mostly rely on the infrastructure of previous-generation 4G LTE networks. The non-standalone architecture has proved a quick way to provide subscribers with 5G access, however, this also exposes both the next-generation network and 5G subscribers to the same threats as older networks.

A new white paper from Positive Technologies details how mobile network operators (MNOs) who have already begun upgrading to 5G networks can migrate from previous generation networks without exposing themselves and their subscribers to existing and new risks.

Continue reading →

Business Email Compromise (BEC) attacks are increasingly used by attackers as a way of targeting organizations. New research from Abnormal Security  indicates that these attacks have adapted to the pandemic, with Zoom becoming the most impersonated brand and COVID-themed attacks surging.

We spoke to Evan Reiser, CEO of Abnormal Security to find out more about what’s been happening and what trends we can expect to see as the year progresses.

Continue reading →

Organizations are suffering from a lack of visibility into their supply chain and 8 percent experienced a breach that originated from vulnerabilities in their vendor ecosystem in the past year.

A new report from cybersecurity services company BlueVoyant, based on research carried out by Opinion Matters, shows that only 22.5 percent of organizations monitor their entire supply chain and just 32 percent re-assess and report their vendor’s cyber risk position either six-monthly or annually.

Continue reading →

With cyberattacks increasing in volume and new types of incidents occurring, businesses need protection for everything from network intrusion to ransomware and all the things in between.

Many organizations are turning to cyber insurance to provide cover for dealing with incidents and their aftermath, but a recent report shows that many are put off by not understanding levels of exposure, amount of cover, and by cost.

Continue reading →

High volumes of attacks have targeted video game companies and players between 2018 and 2020, with an inevitable uptick in attack traffic that correlates with COVID-19-related lockdowns.

A new report from Akamai shows that game players themselves are subjected to a steady barrage of criminal activity, largely through credential stuffing and phishing attacks.

Continue reading →

Moving systems to the cloud offers many benefits for organizations, but it also opens up a new range of threats.

The Cloud Security Alliance has released a new report looking at case study analyses of recent attacks and data breaches to promote understanding of how attacks work and how they can be successfully mitigated.

Continue reading →

Cyberwarfare is a threat to their organization according to 71 percent of CISO, yet just over a fifth (22 percent) admit to not having a strategy in place to deal with this risk.

However, Bitdefender's latest global study shows that the threat is being taken seriously, with 51 percent and 48 percent respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.

Continue reading →

By 2021, it's estimated that more than four million job openings in cybersecurity will be unfilled. Cybersecurity career development platform Cybrary has conducted a skills gap survey of more than 800 security and IT professionals in order to understand growing skills gap.

Among key findings are that 68 percent of respondents say they have to invest their own free time -- either before and after work (48 percent) or at weekends (20 percent) -- to improve their cyber skills.

Continue reading →

Cybersecurity and Infrastructure Security Agency (CISA) has taken the extraordinary steps of issuing an emergency alert about a critical vulnerability in Windows.

CISA issued the warning to government departments, saying it "has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action". With Emergency Directive 20-04, the CISA requires agencies to install the August 2020 Security Update to mitigate against a vulnerability in Microsoft Windows Netlogon Remote Protocol.

Continue reading →

While the pandemic has driven a shift to remote working, a new report from cyber security vendor Netwrix shows that that 85 percent of CISOs admit they've sacrificed cybersecurity to enable it to happen.

One in four organizations feels that they are exposed to more risks than before the pandemic. Of these, 63 percent report an increase in the frequency of cyberattacks and 60 percent have found new security gaps as a result of the transition to remote work.

Continue reading →

A new report shows that India is increasing its cyber capabilities and becoming a growing cyber powerhouse with its cybersecurity market expected to rise from $1.97 billion in 2019 to over $3 billion by 2022.

But the study from threat intelligence platform IntSights also shows that the country has a growing cybercriminal underground. A young, tech-savvy population with limited access to careers in the domestic tech sector is at risk of being lured into cybercriminal activities to provide for their families.

Continue reading →

Accounts that have privileged access are a problem when it comes to data breaches, so securing them effectively is essential.

But things are complicated by the fact that where privileged access was once designated only for system administrators it has now been expanded to HR, finance, legal and many more parts of the organization, as well as to non-human users like machines and applications.

Continue reading →

The second quarter of 2020 has seen a massive 570 percent increase in 'bit-and-piece' DDoS attacks compared to the same period last year, according to the latest threat report from Nexusguard.

Bit-and-piece attacks target ASN-level communication service provider (CSP) networks by dispersing small pieces of junk traffic across a diverse pool of IP addresses across hundreds of IP prefixes.

Continue reading →

Ransomware is a persistent problem, with cybercriminals always looking for new ways to evade detection and infect systems. Attacks have increased 20 percent in the first half of this year.

Endpoint detection and response company Nyotron is launching a new, free online tool called Ransomwiz that allows allows security professionals to check their defenses by generating actual ransomware samples using a variety of real-world attack techniques.

Continue reading →

One of the side effects of the COVID-19 pandemic has been a marked reduction in the use of cash as people have shifted to using cashless and contactless payment methods.

This has put increased pressure on financial institutions to offer digital services, but it’s also shone a spotlight on the measures needed to prevent fraud and on initiatives to integrate cryptocurrency into everyday transactions.

Continue reading →