Healthcare data breaches affected over 27 million people in the US last year, with the number of records breached having more than doubled compared to 2018. Indeed the total number of records breached has more than doubled each year, from 4.7M in 2017 to 11.5M in 2018, and to 27.5M in 2019.
Cloud security company Bitglass has released its latest healthcare breach report analyzing data from the US Department of Health and Human Services.
There's a growing trend towards data breaches caused by cloud misconfigurations, leading to 33.4 billion records being exposed in breaches in 2018 and 2019, amounting to nearly $5 trillion in costs to enterprises globally, according to a new report.
The study from cloud security and compliance specialist DivvyCloud finds the number of records exposed by misconfigurations rose by 80 percent from 2018 to 2019 and this trend is expected to persist.
Increased availability of sophisticated attack toolkits, along with threats aimed at embedded technologies in connected vehicles, manufacturing and mobile devices, and those taking advantage of misconfigurations in cloud computing deployments are all causing concern for business.
The 2020 Annual Threat Report from BlackBerry Cylance says the search to find and exploit vulnerabilities has seen a shift in the industries most targeted, particularly towards the automotive sector.
New research from cybersecurity company BullGuard reveals that one in three SMBs in the US and UK rely on free consumer cybersecurity tools and one in five has no endpoint protection at all.
The study also finds 43 percent of SMB owners have no cybersecurity defense plan in place -- leaving their most sensitive financial, customer and business data, and ultimately their companies, at significant risk.
In the year to November 2019, 75 percent of all credential abuse attacks against the financial services industry targeted APIs directly, according to a new report.
The research from Akamai observed 85,422,079,109 credential abuse attacks. Nearly 20 percent, or 16,557,875,875, of these were against host names that were clearly identified as API endpoints. Of these, 473,518,955 attacked organizations in the financial services industry.
Following a series of privacy-related controversies, smart doorbell maker Ring is making two-factor authentication (2FA) mandatory on all of its devices. In addition, the company is also giving users more control over personalized advertising.
Ring also says that it is temporarily pausing the use of most third-party analytics services in its apps and on its website. The company is working on giving users the ability to limit the sharing of data with third parties.
Concerns that quantum computing could place current encryption techniques at risk have been around for some time.
But now cybersecurity startup Active Cypher has built a password-hacking quantum computer to demonstrate that the dangers are very real.
January's Global Threat Index from Check Point Research shows that Emotet remains the top threat for the fourth month in a row. But it’s now being spread by a spam campaign exploiting people's worries about the coronavirus.
The emails appear to be reporting where Coronavirus is spreading, or offering more information about the virus, encouraging the victim to open the attachments or click the links which, if opened, attempt to download Emotet on their computer. Emotet is primarily used as a distributor of ransomware or other malicious campaigns.
Half of respondents to a new survey report that they have experienced a breach because one or more of their security tools wasn't working as expected.
The Security Operations Effectiveness survey from Keysight Technologies questioned over 300 individuals involved in enterprise security solutions and found that only just over half (57 percent) of security professionals are confident their current security solutions are working as intended.
For all of today's sophisticated technology, sometimes there's no substitute for the human touch when it comes to getting the job done and it seems this applies to fraud as much as legitimate business.
Online fraud prevention specialist Arkose Labs has released its latest Fraud and Abuse Report, which shows that human-driven attacks are up 90 percent in the last quarter of 2019 compared to the previous six months.
Microsoft has released a series of patches for a zero-day vulnerability in Internet Explorer that was being actively exploited.
The remote code execution flaw was discovered a few weeks ago, and while 0patch released a micropatch to fix the problem, Microsoft only suggested a workaround which ended up breaking printing for many people. But now patches have been made available for Windows 7, Windows 8.x, Windows 10, Windows Server 2008 and Windows Server 2012.
A new survey of more than 1,000 IT and IT security practitioners reveals that 51 percent now believe that automation will decrease headcount in the IT security function, an increase from 30 percent in last year's study.
The study by the Ponemon Institute, in partnership with DomainTools also finds concerns of employees about losing their jobs because of automation have increased to 37 percent over last year's 28 percent.
A steady stream of data breaches has led most consumers to worry about the online crimes that lead to identity theft and account takeovers.
A new report from F-Secure shows almost nine out of 10 consumers are at least somewhat worried about their bank accounts being hacked to steal money (89 percent), online shopping fraud (87 percent), and someone committing a crime with their identity (87 percent).
Enterprises are moving more of their workloads to the cloud in order to enhance their agility and responsiveness. But in the rush to develop new applications security can sometimes take a back seat.
Today Tufin is launching SecureCloud, a security policy automation service for enterprises that need to gain visibility and control over the security posture of their cloud-native and hybrid cloud environments.
Predictive email defense company Vade Secure has released a new report ranking the top 25 brands most impersonated in phishing attacks.
The report covering the final quarter of 2019 shows PayPal is the top brand impersonated by cybercriminals for the second quarter in a row, with Facebook taking the number two spot and Microsoft coming in third.