Cyber ransom demands up 200 percent in 2019
Requested amounts in ransomware attacks rose nearly 200 percent from 2018 to 2019, averaging $115,123 per attack last year.
A report from incident response, risk management and digital forensics firm Crypsis Group reveals that threat actors across a range of cyberattack types have significantly escalated their tactical approaches, becoming more targeted, conducting victim research and employing techniques that enable them to be more successful and extract higher payouts for their efforts.
Fake job applications used to steal banking credentials
During May, researchers at Check Point have seen a doubling in the number of malicious files sent by email claiming to be resumes or CVs from individuals, as hackers exploit the unemployment and remuneration schemes resulting from the COVID-19 pandemic.
In addition they have noted that seven percent of domains registered containing the word 'employment' are malicious. There has also been a 16 percent increase in malware attacks overall, compared to March and April.
Securing SaaS applications for a remote workforce [Q&A]
The current shift to remote working looks likely to have a long-term impact on the way businesses operate in future. But this raises issues over security and ensuring that misconfigurations don't lead to data being exposed.
How big is the risk and what are the key issues enterprises face? We spoke to Brendan O'Connor, CEO of cloud security specialist AppOmni to find out.
Data breaches cost US organizations $1.8 trillion over the last two years
Cybercriminals exposed more than five billion records in 2019, costing over $1.2 trillion to US organizations. Added to the 2.8 billion records that were exposed in 2018, this means breaches over the last two years have cost US organizations over $1.8 trillion.
This is one of the findings of the latest Consumer Identity Breach Report from ForgeRock, which shows a dramatic increase in the number of breaches.
Almost 80 percent of companies have had a cloud data breach in the past 18 months
A new survey finds that 79 percent of companies experienced at least one cloud data breach in the past 18 months, and close to half (43 percent) reported 10 or more breaches.
The study for cloud access risk security company Ermetic conducted by IDC covered 300 CISOs and finds that security misconfiguration (67 percent), lack of adequate visibility into access settings and activities (64 percent) and identity and access management (IAM) permission errors (61 percent) are the top concerns associated with cloud production environments.
Thycotic extends its privileged access management range
Privileged access management (PAM) specialist Thycotic is expanding its portfolio with the announcement of three new products.
It's launching Thycotic Remote Access Controller, Thycotic Cloud Access Controller and Thycotic Database Access Controller, following its acquisition of cloud security company Onion ID.
Enterprise mobile phishing up 37 percent in Q1 2020
According to the latest study from mobile security company Lookout, the first quarter of this year saw the enterprise mobile phishing encounter rate increase by 37.1 percent globally .
This includes regional increases of 66.3 percent in North America, 25.5 percent in EMEA and 27.7 percent in the Asia Pacific region.
How technology can help protect against identity fraud [Q&A]
The COVID-19 pandemic has led to a tide of cybercriminal activity seeking to exploit things like government payments.
We spoke to Michael Magrath, director, global regulations and standards at anti-fraud and digital identity solutions company OneSpan to find out how governments and enterprises can use technology to guard against the threat.
The secret life of discontinued apps
When a book goes out of print the publishers don't pop round and remove old copies from your shelves. Similarly, when an app is discontinued it can be taken off the app stores but continues to linger on users' devices.
Mobile security company Wandera has been taking a look at what happens to these with an analysis of six-months' worth of apps that were removed from the app stores, along with apps that were installed on customer devices prior to the six-month period and, subsequently, removed.
UK government launches fund to boost smart device security
It's estimated that there could be as many as 75 billion connected devices worldwide by 2025, but the increased popularity of 'smart' equipment comes with risk as many products currently on sale lack basic cybersecurity.
In response to this threat the UK's Department for Digital, Culture, Media and Sport is launching a £400,000 ($490,000) fund for innovators to design schemes to boost the security of internet-connected products.
Securing the remote workforce during COVID-19 and beyond [Q&A]
The COVID-19 global pandemic has created a cybercrime playground. From phishing scams to ransomware to social media attacks, COVID-19-focused malware campaigns are on the rise. In fact, according to research from Zscaler, there's been a 30,000 percent increase in coronavirus-related attacks.
We talked with Mike Kelley, CSO at Navisite, to discuss why the current crisis is causing such a dramatic spike in cybersecurity activity, as well as ways organizations can secure their remote workforce and protect their organization from cyberthreats both now and after the COVID-19 pandemic comes to an end.
Massive amounts of corporate data now stored on employee USB devices
There has been a 123 percent increase in the volume of data downloaded to USB devices by employees since working from home has become widespread due to coronavirus.
What's more, according to a report from SaaS data protection company Digital Guardian, 74 percent of that data is subject to organisation data governance policies.
Updated platform offers zero-trust management of multi-clouds
Multi-cloud environments tend to be harder to secure because teams and applications are much more distributed resulting in a larger attack surface.
A zero-trust approach deals with these threats but can introduce overheads that make it hard to manage. Morpheus Data is integrating VMware NSX-T and Unisys Stealth technology into its cloud automation framework to enable microsegmentation and dramatically simplify the implementation of zero-trust processes.
You need to take action if you want to avoid being cut off from Zoom
Zoom has been one of the most used, yet most lambasted, contestants in the video conferencing arena during coronavirus-driven lockdown times, and much of the focus has been on privacy and security issues.
Having acknowledged that it had work to do, the company promised to take steps to improve its service and has issued numerous updates to its app in recent months. The release of Zoom 5.0 in April was a major step, and you only have days to upgrade or risk being cut off from the service completely.
Turn off the security please, I'm the boss
The C-suite is the most likely group within an organization to ask for relaxed mobile security protocols (74 percent) -- despite also being highly targeted by cyberattacks according to a new study.
The report from zero-trust platform MobileIron finds that executives feel frustrated by mobile security protocols and often request to bypass them.
Recent Headlines
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.