Personal details account for almost half of stolen data
Personal employee or customer data accounted for nearly half (45 percent) of all data stolen between July 2021 and June 2022 according to the latest report from Imperva.
Companies' source code and proprietary information accounted for a further 6.7 percent and 5.6 percent respectively. On a more positive note, the research finds that theft of credit card information and password details has dropped by 64 percent compared to 2021.
AI-generated texts could increase threat exposure
We reported last week on how ChatGPT could be used to offer hints on hacking websites. A new report released today by WithSecure highlights another potential use of AI to create harmful content.
Researchers used GPT-3 (Generative Pre-trained Transformer 3) -- language models that use machine learning to generate text -- to produce a variety of content deemed to be harmful.
The KB5022287 and KB5022303 updates feature important security fixes for Windows 11
Microsoft has released the KB5022287 update for Windows 11 21H2, as well as the KB5022303 update for Windows 11 22H2.
Both updates are mandatory and, like this month's updates for Windows 10, include fixes for Local Session Manager (LSM) and ODBC issues. There is also a fix for a blue screen 0xc000021a error and numerous security patches.
Microsoft releases security-boosting, bug-fixing KB5022282 and KB5022286 Windows 10 updates, the first of 2023
Less that two weeks into 2023, Microsoft has released the first cumulative updates of the year for Windows 10.
The KB5022282 and KB5022286 updates are available for Windows 10 versions 1809, 21H1, 21H2 and 22H2. Among the bugs addressed are an issue with the Local Session Manager (LSM) as well as fixing a Microsoft Open Database Connectivity (ODBC) problem.
Attacks and payments are down -- but don't write off ransomware yet
A quarter of US organizations were victims of ransomware attacks over the past 12 months, a steep 61 percent decline over the previous year when 64 percent fell victim.
In addition a new report from Delinea finds that the number of targeted companies who paid the ransom declined from 82 percent to 68 percent, which could be a sign that warnings and recommendations from the FBI to not pay ransoms are being heeded.
Microsoft ends Windows 7 extended support today -- install all updates now to fix all known issues... and gain Secure Boot support
If you have been keeping up with Windows news, you will probably be aware that today is the day that Microsoft finally ends support for Windows 7. This means that after today there will be no further updates, even for anyone paying for Extended Support Updates -- but 0patch is willing to help out.
Any company that does still have Windows 7 and is paying for ESU should install today's cumulative update, as well as any others that may have been missed. And there's a nice surprise: Microsoft has added support for Secure Boot to Windows 7, but has kept quiet about it.
0patch will keep releasing security updates for Microsoft Edge on Windows 7, Server 2008 and Server 2012
We've already written about Microsoft completely ending support -- even paid-for options -- for Windows 7 and Windows 8, and as part of this, the company will also stop releasing security update for its Edge browser on these platforms.
There are large numbers of both home users and businesses that are opting to stick with these operating systems, or have little choice for one reason for another. As far as Microsoft is concerned, Edge 109 is the last version of the browser that will be released for these OSes, and as of January there will be no more security update released. Thankfully, 0patch is here to save the day again, with the company announcing that it is "security-adopting" Microsoft Edge on Windows 7, Server 2008 and Server 2012.
How ChatGPT could become a hacker's friend
The ChatGPT artificial intelligence bot has been causing a bit of a buzz lately thanks to its ability to answer questions, ask follow ups and learn from its mistakes.
However, the research team at Cybernews has discovered that ChatGPT could be used to provide hackers with step-by-step instructions on how to hack websites.
Kubernetes as-a-service, security issues and skills shortages -- container predictions for 2023
Containers have become increasingly popular in recent years, they can be spun up quickly and offer developers the opportunity to deliver projects faster as well as gains in agility, portability and improved lifecycle management.
Here are what some industry experts think we'll see happening in the container market in 2023.
If you don't know what you're exposing, how can you protect it? [Q&A]
The move to the cloud has meant the days of external exposure being defined by the set of IP ranges in your firewall are gone. Today's attack surface is made up of many internet-facing assets with exposure being controlled at the domain level.
This means web applications have fast become an attractive target for attackers, particularly unknown and forgotten assets -- which are plentiful in modern environments. So how can businesses defend themselves?
LastPass accused of lying in security breach announcements
The reputation of LastPass has taken quite a battering over the past year, with the handling of security incidents doing nothing to improve things. Just last week the company gave an update about a security breach that took place back in August, revealing that it had been more serious than first suggested.
But now the updated announcement from LastPass has been ripped to shreds by security experts with one denouncing it as being "full of omissions, half-truths and outright lies".
More machine IDs, attacks on providers and AI verification -- identity management predictions for 2023
Although the death of the password has been predicted for many years, older technology still clings on when it comes to verifying identities.
But that's changing, particularly with the massive growth in the numbers of machine IDs. Here is what some industry experts think we'll see from the identity world in 2023.
Geopolitical threats, supply chain issues and phishing scams -- cybersecurity predictions for 2023
The cybersecurity world never stands still, with threats and the technology to combat them constantly evolving.
That makes predicting what might happen difficult, but we can still extrapolate current trends to get an indication of where things might be headed. Here are some expert predictions for cybersecurity in 2023.
Rebuilding trust between developers and security [Q&A]
The demands of modern business IT environments can often lead to friction between developers and security teams which can hamper the successful rollout of cloud security.
Developers want to deliver features as fast as possible and security teams want things to be as secure as possible, so there is constant conflict of interest. We spoke to David Hendri, CTO and co-founder of cloud security startup Solvo, to discover how to rebuild the trust between developers and security by creating a common language.
The missing piece in the MSP data security puzzle
In the dynamic world of Managed Service Providers (MSPs), it has become quite evident that the time has come for next generation Data Security Solutions, and that such a solution should be added to your technology stack.
For some time and becoming ever more frequent today, organizations and MSPs are facing major data security challenges that are likely to increase exponentially over the coming decade.
© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.