Outdated software is now a bigger threat than weak passwords, bring-your-own-device (BYOD) and unsecured USB sticks, according to a new study.
.jpg)
Cyberattacks are on the rise, with the most significant malicious activity so far detected in the finance, professional and information sectors, followed by manufacturing, according to Rapid7. Despite the increasing number of data breaches in critical sectors, there are discrepancies in how C-level executives perceive cybersecurity and the threat landscape, depending on their industry and home country.
Smart connected appliances, should they be commandeered by attackers for use in a botnet, could result in everything from local power outages to severe wide-scale blackouts a team of Princeton University researchers contended at the USENIX Security Symposium.
The vast majority of businesses think data protection is important or mission-critical for digital and IT transformation projects, but they lack the technological provisions to provide good data protection assurance.
Many companies have based their business models on collecting facts and statistics from their customers, accumulating big data which they analyze to improve not only customer experience, but also marketing, sales and product strategies. Or so they claim. The popularity of social media and digital operations have made it easier for businesses to gather reams of personal information, including emails, browsing history, habits, location, political beliefs and pretty much any other behavioral detail.
Critical national infrastructures such as the energy sector, public transportation, commercial facilities, government and defense, and medical services, among others, have been under attack in recent years, following a large volume of security vulnerabilities and a lack of encryption.
Phishing isn’t a new problem, but that fact alone doesn’t mean that it’s an easy one for companies to protect against.
A new study by the Parliament Street think tank has revealed that the UK’s National Health Service (NHS) lost nearly 10,000 patient records between 2017 and 2018. After facing the ‘biggest ransomware’ offensive in history, NHS trusts lost hundreds of thousands of additional documents.
Distributed Denial of Service (DDoS) attacks aimed at disruption remain a massive problem for businesses big and small, despite the shutdown of the Webstresser DDoS-for-hire service. Attackers are also increasingly striking outside of normal business hours, researchers have found.
Bitdefender has recently investigated a series of advanced cyberattacks aimed at financial institutions, designed to covertly exfiltrate massive amounts of money in coordinated strikes.
Cloud computing enables the much-needed speed and agility demanded in our digital economy era. Embracing the cloud can generate significant cost savings as well as new revenue streams. However, the cloud-first mindset may be sending digital businesses down a dangerous path.
Total spending on information security products and services will reach more than $114 billion globally in 2018, an increase of 12.4% from last year, according to advisory company Gartner.
A new phishing campaign is making the rounds. Scammers are taking advantage of a small, but serious oversight in Microsoft’s Office 365 suite of online services to serve phishing emails that are visually indistinguishable from work-related emails and appear completely safe. This new threat once again highlights the importance of training your first line of defense to deal with cyber threats, as part of your organization’s cybersecurity strategy.
Enterprises are at risk now more than ever because it seems they keep falling behind on infrastructure security, while hackers are more vigilant and sophisticated in their schemes. Researchers can’t really put their finger on what it is exactly that causes more damage –insider threats, targeted attacks or plain old outdated software, but one thing is certain: by 2023, more than 146 billion records will be leaked following security breaches, according to Juniper Research.
Most CISOs surveyed by Bitdefender trust next generation security, including endpoint detection and response (EDR) capabilities, as the best security approach against advanced attacks. Security audits, and traditional security - endpoint protection platforms - come second and third, mentioned by more than a third of respondents, according to a Bitdefender survey of 1,000+ CISOs from large companies in the US and Europe.
For the eighth year in a row, healthcare organizations incurred the highest costs from data breaches, costing them an average $408 per lost or stolen record. Costs associated with data breaches in healthcare are nearly three times higher compared to other industries.
Some 37 percent of chief information officers in the US and Europe admit their company has suffered a breach in the past year, a slight increase from 34 percent in 2016. However, continuous adoption of endpoint detection and response tools has helped them gain more visibility into cyber attacks - from 26% two years ago, to 84% in 2018, according to Bitdefender’s Advanced Threat Index, an annual survey of 1,000+ CISOs in the US and Europe.
Many companies today do business in more complex environments than ever. They work with numerous third-party partners including suppliers, B2B customers, vendors, cloud providers, managed services providers, consulting firms, and others.
The Future Today Institute, an organization that provides forecasts about how emerging technology will disrupt business and transform the workforce, has once again looked into its crystal ball—and cyber security executives might not be thrilled with the predictions.
With cybercrime showing no signs of slowing down in 2018, security leaders are looking to find and invest in the best tools and approaches to combat their adversaries. Yet the cat-and-mouse-game continues, as hackers get more innovative every day, sometimes outpacing even the best cyber defenses.
Security professionals, penetration testers and malware investigators are preparing to get energized. In just about a week the hacking community will converge on Las Vegas to drop their biggest discoveries of the year at the podiums of Black Hat USA. This annual confab always offers up a range of great new ideas for defenders, red teamers and security researchers—as well as a boatload of new tools. This year's show should be no different. The buzz is already growing for a number of previously unseen tools that will help security pros solve tough problems and break things in whole new ways. Here are a few highlights.
For two decades now, online attacks targeting retailers have been on the rise. According to a new report from 451 Research and data encryption and tokenization provider Thales, last year was no different.
The dust is beginning to settle after the U.S. federal criminal indictment of 12 Russian military intelligence officers who are alleged to have conspired to hack into systems of the Democratic Congressional Campaign Committee (DCCC), Democratic National Committee (DNC), and volunteers of the Hillary Clinton campaign. As the implications of the indictment are becoming better understood, it’s now a good time to take a step back and look at what the 29-page indictment has to teach us about enterprise information security.
