Articles about Security

A new study from the Application Security Division of NTT Ltd reveals that 52 percent of applications in the healthcare industry have at least one serious vulnerability -- rating 'high' or 'critical' on the CVSS scale -- open throughout the year.

However, healthcare has performed 14 percent better than the industry average on remediating critical risks in the past three months. This represents a positive trend for healthcare, which historically performs below average based on a rolling 12-month analysis.

Continue reading →

Data exfiltration remains a significant threat and despite large investments in security tools, organizations are not confident they can stop it according to a new report.

The survey of 255 cybersecurity professionals, conducted by Osterman for data privacy and security company BlackFog, finds 62 percent lack confidence in the ability of their security tools to prevent data exfiltration.

Continue reading →

Ransomware attacks have surged recently and the disruption they can cause to the operation of a business can cost many times more than the ransom.

Education website Cyber Security Degrees has produced an infographic looking at the impact of ransomware and at how businesses can protect themselves.

Continue reading →

Most web traffic is now associated with users who are mobile, so it's no surprise that hackers are using this to their advantage by crafting attacks specific to mobile platforms.

Clearly this is paying off with as many as one in 10 users clicking on mobile phishing messages according to Apple enterprise management company Jamf's latest Phishing Trends report based on information, statistics and analysis of 500,000 protected devices across 90 countries.

Continue reading →

Research from commercial insurance provider Corvus reveals that the cost of ransomware to businesses remains high.

Ransomware claims that resulted in payments to fraudsters are down though, mostly due to improved backup processes and greater preparedness. In the third quarter of 2020, 44 percent of ransomware claims involved a successful payment, but that decreased to just 12 percent by Q3 of this year.

Continue reading →

A joint study by Onfido and Okta finds that businesses have just 10 minutes to set up new digital accounts or risk losing consumer trust.

This is true across sectors, 65 percent want to open a bank account in less than 10 minutes, 69 percent to book a car rental, 72 percent to open a telemedicine account and 77 percent to register a gaming account.

Continue reading →

A new report out today looks at the measures businesses are taking against bots and how successful they are -- and it doesn't offer good news.

The study from Kasada finds that 64 percent of organizations lost more than six percent or more of their revenue due to bot attacks, and 32 percent have lost 10 percent or more in the last year.

Continue reading →

A new study by Theta Lake of businesses in the financial services sector finds that 83 percent of respondents are turning off key productivity and usability features of collaboration platforms like Zoom, Microsoft Teams, and Webex.

This is due to their organizations' technical inability to adhere to relevant regulatory compliance and security requirements.

Continue reading →

Increased reliance on digital systems and remote workforces has drastically increased the attack surface threatening to compromise organizations.

Encrypting information is part of the solution but is still vulnerable if keys fall into the wrong hands. Now though Australian deep tech cybersecurity start-up Tide Foundation has come up with a decentralized solution that offers the promise of 'cyber herd immunity'.

Continue reading →

Taking proactive measures like updating and patching systems promptly and undertaking penetration testing improves the ability to withstand a targeted attack.

But when security teams are flooded with non-critical alerts 'vulnerability fatigue' can set in. We spoke to Amitai Ratzon, CEO of penetration testing specialist Pentera, to find out how enterprises can avoid this and improve their ransomware readiness.

Continue reading →

A news report shows that 71 percent of security leaders say their teams need access to threat intelligence, security operations data, incident response data, and vulnerability data.

Yet 65 percent of respondents find it very challenging to provide security teams with cohesive data access according to the study conducted by Forrester Consulting on behalf of Cyware.

Continue reading →

A new survey of more than 250 CISO reveals that more than half have been hit by ransomware in the past year, with 69 percent saying it is likely they'll be successfully attacked at least once in the next year.

Those who were successfully hit by ransomware are more inclined to pay up, with 65 percent actually doing so. However, full recovery of data occurred only 55 percent of the time. When asked about willingness to pay, 13 percent say they definitely would, but only 20 percent say they definitely wouldn’t.

Continue reading →

Stolen data on the dark web is spreading 11 times faster today than it was six years ago, according to the latest study from Bitglass.

Breach data received over 13,200 views in 2021 compared to 1,100 views in 2015 -- a 1,100 percent increase. In 2015, it took 12 days to reach 1,100 link views -- in 2021, it takes less than 24 hours to pass that milestone.

Continue reading →

Microsoft has issued a stark warning to system administrators, advising them of the importance of updating PowerShell 7 as soon as possible.

Versions prior to PowerShell 7.0.8 and PowerShell 7.1.5 are vulnerable to a .NET Core Information Disclosure flaw that is being tracked as CVE-2021-41355. There is a degree of urgency to upgrading to a non-vulnerable version of PowerShell, as the flaw could expose credentials in plain text in Linux.

Continue reading →

Security Information and Events Management (SIEM) has become the keystone of many organizations' security strategies in recent years.

But is it effective? And in the era of greater cloud and SaaS use, is the time right for the concept of SIEM to undergo a radical rethink? Andrew Maloney, COO and co-founder at security investigation specialist Query.AI thinks it is. We spoke to him to learn more.

Continue reading →