Articles about Security

The crypto and banking sectors both experienced a nearly two-fold increase in identity fraud in 2022, according to a new report from verification platform Sumsub.

The report also finds that over half of all fraud cases happened in just five countries: Bangladesh (22 percent), Pakistan (15.2 percent), Vietnam (8.1 percent), Nigeria (5.4 percent) and the USA (5.1 percent).

Continue reading →

Cyber extortion is impacting businesses of all sizes across the world, and 82 percent of observed are small businesses, an increase from 78 percent last year.

The latest Security Navigator report from Orange Cyberdefense shows a marked slow-down in cybercrime at the onset of the Ukraine war, but intensity soon increasing again.

Continue reading →

Dropbox has announced plans to acquire "key assets" from Boxcryptor in a move that will boost security for business users.

The acquisition will bring zero-knowledge end-to-end encryption to users signed up for business account. It is something that Dropbox undoubtedly hopes will help increase confidence in its cloud storage service.

Continue reading →

The Log4j or Log4Shell vulnerability first hit the news in December 2021 sending ripples through the cybersecurity world. So you might be forgiven for thinking that it's safe to assume it's no longer a threat. However, one year on it seems that this is a vulnerability that keeps on being, well… vulnerable.

New research from Tenable, based on data collected from over 500 million tests, shows that 72 percent of organizations remain vulnerable to Log4Shell as of October this year.

Continue reading →

New research from cloud platform Fastly shows that while enterprises are increasing their cybersecurity spending they're not making the most of their investments.

While 73 percent of organizations worldwide are increasing their cybersecurity spending to protect themselves against future risks, IT leaders are investing poorly with only 61 percent of their cybersecurity tools fully active or deployed.

Continue reading →

A new survey reveals that while CISOs are still experiencing challenges around visibility, intelligence and control, nearly half (47 percent) are proactively focused on digital transformation and cloud migration.

The study of 600 UK CISOs from BlueFort Security finds most have moved beyond the challenges of a widespread shift to remote working and are now focused on digital transformation and migration to the cloud, despite an uncertain world picture and bleak economic environment.

Continue reading →

The cybersecurity industry loves a good acronym and in recent times SASE and SSE have been among the ones to grab popular attention.

But in many cases a number of disparate technologies have been patched together to fulfill the promise of a unified solution for securing and accessing the service edge. Often this has occurred through company acquisitions.

Continue reading →

Regardless of how much money is spent on cybersecurity, the likelihood of getting hacked, is steadily increasing. The threat landscape is constantly evolving with new ransomware and extortion attacks being reported daily, in addition to adversarial nation states stealing personal information and intellectual property for nefarious purposes.

The reasons are manifold and complex. IT infrastructures are becoming increasingly more complicated, with new software development programs that introduce new vulnerabilities. Cyber criminals are becoming more sophisticated and better organized, with new advanced persistent threats (APTs) continually being discovered. Compounded by state-sponsored cyber espionage seeking anything that can be used for economic or political advantage.

Continue reading →

As one of the easiest attacks to launch and often devastatingly effective, a distributed denial of service (DDoS) attack is one of the most common threats in today’s cybersecurity landscape. In simple terms, a DDoS attack seeks to disrupt a target’s connectivity or user services by flooding its network with an overwhelming volume of fraudulent traffic, typically through a botnet.

The damage from a DDoS attack can be devastating. In one recent survey, 98 percent of respondents reported costs of more than $100,000 for each hour of downtime, while over one-third estimated costs in excess of $1 million. The average DDoS attack causes $218,000 in direct damage (around £179,601), in addition to any accompanying extortion, data theft, business disruption, or harm to the victim’s reputation and business and customer relationships. 

Continue reading →

New research from Vectra AI finds 70 percent of organizations have fallen victim to an attack that used encrypted traffic to avoid detection, and 45 percent admit they've been victims more than once.

It's concerning that 66 percent say they don't have visibility into all their encrypted traffic, leaving them highly vulnerable to further encrypted attacks.

Continue reading →

Building a security operations center (SOC) is a tall feat. With the global technology talent shortage estimated at 85 million workers by 2030, it is clear that talent is, and will continue to be, hard to find.

Organizations must learn to create a SOC in an adaptable way that makes scaling to meet varying demands of clients simple while addressing the cybersecurity talent shortage. Special considerations should be made regarding tool selection, proper staffing, organizational needs and performing a gap/risk analysis utilizing outside consultation when applicable. Let’s explore a few best practices.

Continue reading →

APIs allow products and services to communicate with each other and have become essential to digital transformation projects as they make it easy to open up application data and functionality to third-party developers and business partners, or to departments within the enterprise.

Where legacy systems are involved though it's often necessary to modernize the API infrastructure to ensure things work smoothly and this can lead to serious challenges, especially where security is concerned.

Continue reading →

With reports showing that 90 percent of organizations were impacted by ransomware over the past twelve months, policies ensuring that data is both safeguarded and recoverable have become a necessity rather than an option.

However, changes to the data security landscape in the intervening years since methods such as the 3-2-1 backup rule were first adopted means these approaches may no longer be fit for purpose when it comes to mitigating against data loss.

Continue reading →

Organizations are paying $1,197 per employee each year to address successful cyber incidents across email services, cloud collaboration apps or services, and web browsers.

This means that a 500-employee company spends on average $600,000 an year, according to a new survey for Perception Point, carried out by Osterman Research.

Continue reading →

There have been complaints recently about Microsoft using the Start menu to promote its own OneDrive service as well as suggesting websites, but another upcoming addition to Windows 11 is likely be rather better received.

Hidden among the numerous new features of Windows 11 build 25247, is an update to the network connectivity icon that appears in the notification area of the taskbar. It provides at-a-glance information about whether your VPN is active.

Continue reading →