Articles about Security

The latest quarterly threat intelligence report from Kaspersky shows that many actors behind advanced persistent threats (APTs) have continued to diversify their toolsets, at times resorting to extremely tailored and persistent tools.

At the same time though others have reached their goals by the employment of well-known, time-tested attack methods.

Continue reading →

Security issues are frequently exposed by Google's Project Zero; just days ago, security researchers revealed details of an actively exploited Windows Kernel Cryptography Driver security flaw.

Now Project Zero has released details of a serious security flaw in another Microsoft venture -- GitHub. The bug relates to GitHub Actions' workflow commands and is described as being high severity. It was discovered back in July but, as per the standard 90-day disclosure period, details are only just now being made public.

Continue reading →

Digital transformation initiatives often involve closer relationships with other businesses, but these can expose a company to additional risk if the other party's security isn't up to scratch.

New research from CyberGRX, based on data collected from the third parties on its exchange, finds that company size correlates with the maturity of cybersecurity programs, more specifically, as companies get smaller, they have fewer controls in place and less mature programs.

Continue reading →

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has recently put out a warning concerning a surge in activity from the group behind the Emotet trojan.

Emotet has been around for some time and has mostly been associated with banking trojans, but this year’s upsurge in activity has seen it branch out into other areas.

Continue reading →

October has seen a 71 percent increase in ransomware attacks against the healthcare sector in the US compared to the previous month.

Elsewhere in the world, in EMEA, attacks increased by 36 percent and by 33 percent in the APAC region, according to research from Check Point.

Continue reading →

COVID-19 has caused many industries to experience an economic downturn, but cybersecurity isn't one of them.

Rather, cybersecurity is taking on newfound or heightened importance within many companies, as cybercriminals continue to exploit the global health crisis and associated business disruption to prey on unsuspecting work-from-home employees.

Continue reading →

A new study from SafeGuard Cyber seeks to understand how businesses rate their own security and compliance risks in the new digital reality.

Respondents were asked to effectively grade their adaptations to date, say what gaps still exist, and how they are planning for the future. 31 percent of respondents report their entire business process has changed and is still evolving, while 26 percent say they’ve rushed certain projects that were scheduled for later.

Continue reading →

Business email compromise (BEC) attacks have increased in six out of eight industries according to a new report from Abnormal Security.

The overall volume of BEC attacks increased 15 percent from Q2 to Q3, but the energy industry experienced a massive 93 percent rise.

Continue reading →

Overall malware levels have shown a 39 percent decline over the last quarter as attackers have switched to a more targeted approach.

The third quarter threat intelligence report from SonicWall Capture Labs records a 40 percent surge in global ransomware, a 19 percent increase in intrusion attempts and a 30 percent rise in IoT malware.

Continue reading →

A new survey of 600 enterprise IT security professionals from seven countries and 19 industries looks to generate an understanding on how the COVID-19 pandemic has affected the industry.

The study from CyberEdge reveals some surprising -- and less surprising -- insights into the changes that have taken place and the challenges they've presented.

Continue reading →

Digital transformation initiatives have meant IT and operational technology (OT) networks becoming more interconnected and the switch to remote working has only accelerated this.

In response to this trend, OT security specialist Claroty has updated its platform to offer remote incident management as a fully integrated capability that spans the entire incident lifecycle.

Continue reading →

According to a new study from F-Secure, 36 percent of Brits are willing to use someone else’s details to access streaming services if given the chance.

Also 42 percent of Brits share their login details to their favourite streaming services with between one and three other people and 70 percent feel no guilt when using someone else’s login for Netflix or Amazon.

Continue reading →

The COVID-19 pandemic has forced many more organizations to adopt remote working. This in turn has led to a boom in the use of tools like Teams and Zoom to help employees communicate.

Securing those tools though presents some serious challenges ensuring that, for example, they aren't used, inadvertently or on purpose, to leak sensitive information.

Continue reading →

While a vast majority of organizations have transitioned to remote work during the COVID-19 outbreak, only a third of IT security professionals described that transition as 'smooth' in a new survey.

The study from OneIdentity shows 62 percent of respondents say that cloud infrastructure is more important now than 12 months ago and 31 percent attribute this shift directly to COVID-19.

Continue reading →

While companies are getting better at protecting their customers’ personal and sensitive information, their focus on security training has declined in the last year according to a new report.

The study from information security service Shred-it shows that 83 percent of consumers say they prefer to do business with companies who prioritize protecting their physical and digital data, so the decline in training risks losing custom as well as security breaches.

Continue reading →