Outdated software is now a bigger threat than weak passwords, bring-your-own-device (BYOD) and unsecured USB sticks, according to a new study.
All about Virtualization and Cloud Security | Recent Articles:
37% of IT Managers See Failure to Install Updates as the Biggest Security Threat of 2018
Cyberattacks are on the rise, with the most significant malicious activity so far detected in the finance, professional and information sectors, followed by manufacturing, according to Rapid7. Despite the increasing number of data breaches in critical sectors, there are discrepancies in how C-level executives perceive cybersecurity and the threat landscape, depending on their industry and home country.
Smart connected appliances, should they be commandeered by attackers for use in a botnet, could result in everything from local power outages to severe wide-scale blackouts a team of Princeton University researchers contended at the USENIX Security Symposium.
The vast majority of businesses think data protection is important or mission-critical for digital and IT transformation projects, but they lack the technological provisions to provide good data protection assurance.
Diminished Data Privacy, Customer Doubt Could Affect Corporate Business Models, Monetization
Many companies have based their business models on collecting facts and statistics from their customers, accumulating big data which they analyze to improve not only customer experience, but also marketing, sales and product strategies. Or so they claim. The popularity of social media and digital operations have made it easier for businesses to gather reams of personal information, including emails, browsing history, habits, location, political beliefs and pretty much any other behavioral detail.
Critical National Infrastructures on the Radar; British MPs Say Attack Is Imminent
Critical national infrastructures such as the energy sector, public transportation, commercial facilities, government and defense, and medical services, among others, have been under attack in recent years, following a large volume of security vulnerabilities and a lack of encryption.
Phishing isn’t a new problem, but that fact alone doesn’t mean that it’s an easy one for companies to protect against.
NHS Security Systems, Data Protection Questioned after Repeated Patient Record Losses
A new study by the Parliament Street think tank has revealed that the UK’s National Health Service (NHS) lost nearly 10,000 patient records between 2017 and 2018. After facing the ‘biggest ransomware’ offensive in history, NHS trusts lost hundreds of thousands of additional documents.
Distributed Denial of Service (DDoS) attacks aimed at disruption remain a massive problem for businesses big and small, despite the shutdown of the Webstresser DDoS-for-hire service. Attackers are also increasingly striking outside of normal business hours, researchers have found.
Bitdefender Investigates Advanced Cyberattacks on Financial Institutions, Warns That Hackers Target Eastern European and Russian Banks
Bitdefender has recently investigated a series of advanced cyberattacks aimed at financial institutions, designed to covertly exfiltrate massive amounts of money in coordinated strikes.
Cloud computing enables the much-needed speed and agility demanded in our digital economy era. Embracing the cloud can generate significant cost savings as well as new revenue streams. However, the cloud-first mindset may be sending digital businesses down a dangerous path.
Total spending on information security products and services will reach more than $114 billion globally in 2018, an increase of 12.4% from last year, according to advisory company Gartner.
The Underrated Importance of Training Your Staff to Spot Devious Phishing Attacks
A new phishing campaign is making the rounds. Scammers are taking advantage of a small, but serious oversight in Microsoft’s Office 365 suite of online services to serve phishing emails that are visually indistinguishable from work-related emails and appear completely safe. This new threat once again highlights the importance of training your first line of defense to deal with cyber threats, as part of your organization’s cybersecurity strategy.
146 Billion Records Leaked by 2023, Small Businesses Left Most Vulnerable, Study Says
Enterprises are at risk now more than ever because it seems they keep falling behind on infrastructure security, while hackers are more vigilant and sophisticated in their schemes. Researchers can’t really put their finger on what it is exactly that causes more damage –insider threats, targeted attacks or plain old outdated software, but one thing is certain: by 2023, more than 146 billion records will be leaked following security breaches, according to Juniper Research.
Most CISOs surveyed by Bitdefender trust next generation security, including endpoint detection and response (EDR) capabilities, as the best security approach against advanced attacks. Security audits, and traditional security - endpoint protection platforms - come second and third, mentioned by more than a third of respondents, according to a Bitdefender survey of 1,000+ CISOs from large companies in the US and Europe.
For the eighth year in a row, healthcare organizations incurred the highest costs from data breaches, costing them an average $408 per lost or stolen record. Costs associated with data breaches in healthcare are nearly three times higher compared to other industries.
CISOs Witness More Cyber Breaches, but Endpoint Detection and Response Tools Have Tripled Visibility on Attacks
Some 37 percent of chief information officers in the US and Europe admit their company has suffered a breach in the past year, a slight increase from 34 percent in 2016. However, continuous adoption of endpoint detection and response tools has helped them gain more visibility into cyber attacks - from 26% two years ago, to 84% in 2018, according to Bitdefender’s Advanced Threat Index, an annual survey of 1,000+ CISOs in the US and Europe.
When it Comes to Managing Third-Party Risk, Many Organizations Are Falling Short
Many companies today do business in more complex environments than ever. They work with numerous third-party partners including suppliers, B2B customers, vendors, cloud providers, managed services providers, consulting firms, and others.
The Future Today Institute, an organization that provides forecasts about how emerging technology will disrupt business and transform the workforce, has once again looked into its crystal ball—and cyber security executives might not be thrilled with the predictions.
With cybercrime showing no signs of slowing down in 2018, security leaders are looking to find and invest in the best tools and approaches to combat their adversaries. Yet the cat-and-mouse-game continues, as hackers get more innovative every day, sometimes outpacing even the best cyber defenses.
Security professionals, penetration testers and malware investigators are preparing to get energized. In just about a week the hacking community will converge on Las Vegas to drop their biggest discoveries of the year at the podiums of Black Hat USA. This annual confab always offers up a range of great new ideas for defenders, red teamers and security researchers—as well as a boatload of new tools. This year's show should be no different. The buzz is already growing for a number of previously unseen tools that will help security pros solve tough problems and break things in whole new ways. Here are a few highlights.
For two decades now, online attacks targeting retailers have been on the rise. According to a new report from 451 Research and data encryption and tokenization provider Thales, last year was no different.
The dust is beginning to settle after the U.S. federal criminal indictment of 12 Russian military intelligence officers who are alleged to have conspired to hack into systems of the Democratic Congressional Campaign Committee (DCCC), Democratic National Committee (DNC), and volunteers of the Hillary Clinton campaign. As the implications of the indictment are becoming better understood, it’s now a good time to take a step back and look at what the 29-page indictment has to teach us about enterprise information security.
Cloud Security
Subscribe to Blog Updates
Posts by Categories
- Advanced Persistent Threats (7)
- CISO (20)
- Cloud Security (122)
- Cybersecurity Awareness (28)
- Endpoint Detection and Response (6)
- Endpoint Protection & Management (25)
- Enterprise Security (428)
- Events (4)
- Financial Services (16)
- Healthcare (22)
- IoT Security (24)
- IT Compliance & Regulations (53)
- Machine Learning (9)
- Managed Detection and Response (8)
- Managed Service Providers (19)
- Network Protection (11)
- Privacy and Data Protection (105)
- Ransomware (12)
- Remote Work (5)
- SMB Security (44)
- Telecommunications (2)
- Threat Research (94)
- Virtualization & Data Center Security (81)
Latest Tweets
Tweets by @Bitdefender_EntPosts by Month
- February 2021 (9)
- January 2021 (12)
- December 2020 (31)
- November 2020 (33)
- October 2020 (39)
- September 2020 (26)
- August 2020 (29)
- July 2020 (34)
- June 2020 (40)
- May 2020 (33)
- April 2020 (31)
- March 2020 (28)
- February 2020 (23)
- January 2020 (26)
- December 2019 (28)
- November 2019 (24)
- October 2019 (28)
- September 2019 (19)
- August 2019 (17)
- July 2019 (23)
- June 2019 (15)
- May 2019 (17)
- April 2019 (20)
- March 2019 (19)
- February 2019 (20)
- January 2019 (19)
- December 2018 (19)
- November 2018 (23)
- October 2018 (22)
- September 2018 (22)
- August 2018 (23)
- July 2018 (24)
- June 2018 (22)
- May 2018 (28)
- April 2018 (23)
- March 2018 (22)
- February 2018 (19)
- January 2018 (19)
- December 2017 (13)
- November 2017 (17)
- October 2017 (19)
- September 2017 (18)
- August 2017 (16)
- July 2017 (17)
- June 2017 (16)
- May 2017 (17)
- April 2017 (15)
- March 2017 (16)
- February 2017 (13)
- January 2017 (14)
- December 2016 (11)
- November 2016 (14)
- October 2016 (11)
- September 2016 (10)
- August 2016 (15)
- July 2016 (12)
- June 2016 (15)
- May 2016 (10)
- April 2016 (13)
- March 2016 (15)
- February 2016 (14)
- January 2016 (6)
- December 2015 (6)
- November 2015 (9)
- October 2015 (8)
- September 2015 (11)
- August 2015 (8)
- July 2015 (10)
- June 2015 (3)
- May 2015 (8)
- April 2015 (6)
- March 2015 (5)
- February 2015 (7)
- January 2015 (8)
- December 2014 (8)
- November 2014 (9)
- October 2014 (8)
- September 2014 (9)
- August 2014 (9)
- July 2014 (8)
- June 2014 (8)
- May 2014 (6)
- April 2014 (8)
- March 2014 (5)