Threats

For organizations in the EMEA region, the 'dwell time' between the start of a cyber intrusion and it being identified, has fallen from 177 days to 54 days since the introduction of GDPR.

A new report from FireEye Mandiant also shows a decrease in dwell time globally, down 28 percent since the previous report. Median dwell time for organizations that self-detected their incident is 30 days, a 40 percent decrease year on year.

Increased availability of sophisticated attack toolkits, along with threats aimed at embedded technologies in connected vehicles, manufacturing and mobile devices, and those taking advantage of misconfigurations in cloud computing deployments are all causing concern for business.

The 2020 Annual Threat Report from BlackBerry Cylance says the search to find and exploit vulnerabilities has seen a shift in the industries most targeted, particularly towards the automotive sector.

A cyber threat is basically any type of threat that is computer related in nature. To be clear, a computer could be a desktop computer, a laptop, a tablet or even a smartphone. All of these devices have particular types of threats that they can be exposed to that users need to be aware of to ensure that they can protect themselves and their confidential information. 

Given the number of different types of devices that can be exposed to cyber threats, there are a number of different types of issues that can present themselves. Each of these threats is unique in its own right and poses a different type of issue for the user, but typically they all have the same end result… the impacted system is somehow compromised and the user, or the user’s information, is placed at risk. While the list below is extensive, it is not all inclusive. There are far too many types of threats out in the wild of the Internet to list in one article. What I do hope to do is to list those that are most prevalent and give the reader a good overview of what the threat is and how it is often used to do damage to both home and corporate networks. 

Traditional cyber defenses are designed to protect assets that exist within an organization's network. But with the growth of the cloud, IoT and more, assets now extend far beyond the network perimeter, increasing the risk of exposure or theft.

FireEye is launching a Digital Threat Monitoring tool that automatically collects and analyzes content on the dark and open web, alerting defenders whenever a potential threat is detected.

Insider threats, caused by current and departing employees, expose companies to breaches and put corporate data at risk, but security solutions may not be effectively preventing them.

A new study from data loss solution company Code42 finds that 69 percent of organizations say they were breached due to an insider threat and confirm they had a prevention solution in place at the time of the breach.

As more and more apps and data move to the cloud, identifying and ranking threats becomes an increasingly difficult task.

Machine data analytics platform Sumo Logic is launching a new Global Intelligence Service for Amazon GuardDuty that delivers almost real-time actionable insights to allow customers to benchmark themselves against other adopters of Amazon Web Services cloud infrastructure, strengthen cloud security posture, improve threat detection, and enhance regulatory compliance.

A new study into the threats faced by US businesses produced by Securitas Security Services reveals that in many sectors businesses are concerned as much or more with physical threats such as shootings than they are with cyber security.

It also shows rising concern about the threats posed to organizations by insiders, of the 27 threat categories security executives consider to be a concern, 21 may be caused or carried out by an insider.

A new report from the Information Security Forum looks at the threats organizations can expect to face over the next two years as a result of increasing developments in technology.

The Threat Horizon 2021 report highlights three major themes that will present particularly difficult cyber security challenges for businesses.

Spending on security technology continues to soar. Nevertheless, data breaches and cyberattacks continue to make headlines at an incredible rate, with no relief in sight. The Online Trust Alliance reported that attacks in 2017 came from a myriad of vectors, such as phishing and ransomware, and that the number of attacks doubled to nearly 160,000 incidents per year over 2016. What’s worse, estimates for the number of unreported attacks exceed 350,000 annually.

While enterprises typically dominate the headlines, organizations of all sizes are affected by cyber incidents. A recent Ponemon study showed that two-thirds of small and mid-sized businesses reported that threats evaded their intrusion detection systems, and more than half of the companies said they were attacked by ransomware more than twice during the last year. There is no dispute that the number of vulnerable endpoints and the complexity of threats will continue to increase, and limited IT budgets and overstretched staff will remain an industry-wide problem. It’s clear that companies need to adopt new approaches to stay ahead of cyberattacks.

Most endpoint detection tools collect only a limited set of data, which can make it hard for teams to track down and combat threats.

To address this issue, endpoint security specialist Carbon Black is launching a new threat hunting tool as part of its Predictive Security Cloud (PSC).

Everyone is aware that cybersecurity threats are out there, but what are the biggest threats and are IT and business executives worried about the same things?

New research from data security specialist Varonis highlights some major differences -- and potential challenges -- when it comes to communicating and aligning on key threats.

Internet scam artists have found a new way to deceive user to surrender their personal information. It’s called SMISHING -- when someone tries to trick you into giving them your private information (including user IDs and passwords) via a text or SMS message.

It is an emerging and growing threat, a form of criminal activity using social engineering techniques in the same way Phishing is for email scamming. Smishing may include tricking the user into downloading a Trojan horse, virus or other malware onto their cell phone or other mobile device. Criminals love Smishing because users tend to trust text messages, as opposed to email, of which people are naturally more suspicious.