Articles about threat

Cybersecurity professionals are sounding the alarm, not about increasingly sophisticated cyber threats, but about something far more human --  distraction.

New research from KnowBe4 shows distraction (43 percent) and lack of security awareness training (41 percent) are identified as the primary reasons employees fall victim to cyberattacks, rather than sophistication of the attacks themselves.

Continue reading →

Lenovo’s customer service AI chatbot Lena was recently found to contain a critical vulnerability that could allow attackers to steal session cookies and run malicious code.

Cybernews researchers discovered that with just one maliciously crafted prompt, the AI could be manipulated into exposing sensitive data. Lenovo has since fixed the issue, but the case shows how chatbots can create fresh risks when not properly secured.

Continue reading →

Threat actors are favoring smaller, persistent attacks under 100,000 requests per second according to a new report. This shift signals a growing dependence on automated, generative AI-enhanced attack tools, reflecting the democratization of DDoS capabilities among loosely coordinated threat actors and new actors entering the scene.

The report from Radware also shows web DDoS attacks rose 39 percent over the second half of 2024. The second quarter set a record with a 54 percent quarter-on-quarter spike.

Continue reading →

New analysis of recent high-profile breaches and global threat patterns, reveals a cybersecurity landscape dominated by AI-enhanced attacks, organized cybercrime, and rapid exploitation of zero-day vulnerabilities.

The research, from compliance automation platform Secureframe, shows critical infrastructure, healthcare, and financial services have become primary targets as threat actors evolve faster than traditional defenses.

Continue reading →

While 92 percent of respondents to a new survey say collaboration and information sharing are either 'absolutely crucial' or 'very important' in the fight against cyber threats, the results tell a different story when it comes to the adoption of this practice.

The study from Cyware, conducted among cybersecurity professionals at the RSA Conference 2025, finds only 13 percent say their current automation between cyber threat intelligence (CTI) and SecOps tools is working well. Nearly 40 percent day they struggle to coordinate data across critical security tools like Threat Intelligence Platforms (TIPs), SIEMs, and vulnerability management platforms.

Continue reading →

Artificial intelligence (AI) is transitioning from an emerging technology to a business mainstay. While many businesses are already reaping the benefits of strategic AI implementation, others are adopting AI solutions without first considering how to integrate the tools strategically. While some AI tools offer tangible gains in automation and efficiency, others overpromise and underdeliver, leading to costly investments with little return.

Distinguishing marketing buzz from real-world impact is critical for businesses looking to make AI a true driver of operational success. Despite AI’s potential, many businesses fall into common pitfalls that prevent them from realizing the full value of innovative technology. From unclear objectives to poor integration and security risks, these challenges can turn AI from a competitive advantage into an expensive mistake.

Continue reading →

Analysis of almost 93,000 threats detected within more than 308 petabytes of security telemetry by Red Canary shows infostealer malware infections on the rise across both Windows and macOS platforms.

Used to gather identity information and other data at scale, in 2024 LummaC2 was the most prevalent stealer detected in 2024, operating under a malware-as-a-service model, and selling for anywhere from $250 per month to a one-time payment of $20,000.

Continue reading →

The cybersecurity landscape is constantly evolving and organizations need to stay up to date if they're to adequately protect themselves.

At the end of last year, O'Reilly released its 2024 State of Security survey, which analyzes the threats that concern frontline practitioners most, the projects they're implementing to safeguard systems and infrastructure, the skills companies are hiring for, and more.

Continue reading →

A new survey reveals that the financial industry has faced a surge in attacks, with 64 percent of respondents reporting cybersecurity incidents in the past 12 months.

The study from Contrast Security finds 71 percent of respondents reported zero-day attacks as the key concern to safeguarding applications and APIs, followed by dwell time (43 percent) and lack of visibility into the application layer (38 percent).

Continue reading →

The state of high-profile cyber incidents in recent years has highlighted the fact that defenses need to be kept up to date to provide adequate protection.

AI and machine learning have the potential to transform security operations to enhance protection against emerging threats. We spoke to Gurucul CEO Saryu Nayyar to get her view on how protection technologies are evolving and why this is so crucial.

Continue reading →

A new survey from HackerOne shows 67 percent of respondents believe an external, unbiased review of GenAI is the most effective way to uncover AI safety and security issues as AI red teaming gathers momentum.

Nearly 10 percent of security researchers now specialize in AI technology as 48 percent of security leaders consider AI to be one of the greatest risks to their organizations, according to the report -- based on data from 500 global security leaders, and more than 2,000 hackers on the HackerOne platform.

Continue reading →

A new survey of over 7,000 individuals suggests a growing wave of pessimism among workers regarding cybersecurity practices.

The study from CybSafe and the National Cybersecurity Alliance shows 53 percent believe staying safe online is possible, down by five percent from last year, while only 60 percent think online safety is worth the effort, marking a nine percent drop.

Continue reading →

The recent release of “Best Practices for Event Logging and Threat Detection” by CISA and its international partners is a testament to the growing importance of effective event logging in today’s cybersecurity landscape. With the increasing sophistication and proliferation of cyber attacks, organizations must constantly adapt their security strategies to address these advanced threats. CISA’s best practices underscore how a modern SIEM (Security Information and Event Management) solution, especially one equipped with UEBA (User and Entity Behavior Analytics) capabilities, is critical for organizations trying to adopt the best practices in this domain.

A modern SIEM with UEBA can help organizations streamline their event logging policies. It automates the collection and standardization of logs across diverse environments, from cloud to on-premise systems, ensuring that relevant events are captured consistently. This aligns with CISA’s recommendation for a consistent, enterprise-wide logging policy, which enhances visibility and early detection of threats. We've seen a rise in detection and response technologies, from Cloud Detection and Response (CDR) to Extended Detection and Response (XDR) being positioned as alternatives to SIEM. However, when it comes to consistently capturing and utilizing events across diverse environments, SIEM remains the preferred solution for large organizations facing these complex challenges.

Continue reading →

It's not what you know, it's what you don’t know that bites you. Cyber attacks, internal rogue employees, and general operational missteps are a constant at enterprises. The cost, both financially and human operationally, impacts morale and budgets.

Many enterprises think they have what they need to defend their attack surfaces, except for one thing: a clear view of ALL the assets that make up that attack surface -- devices, users, applications and vulnerabilities. Too many security teams are trying to protect expanding and increasingly complex infrastructures without knowing all their risk exposures.

Continue reading →

Check Point Research (CPR) has identified a critical zero-day spoofing attack exploiting Microsoft Internet Explorer on modern Windows 10/11 systems, despite the browser's retirement.

Identified as CVE-2024-38112, this vulnerability allows attackers to execute remote code by tricking users into opening malicious Internet Shortcut (.url) files. This attack method has been active for over a year and could potentially impact millions.

Continue reading →