The disparity of technologies that enterprises use to secure their IT infrastructures don’t provide a complete, real-time view of cybersecurity risk, a Forrester survey reveals. The research also shows the abundance of deployed tools leads to a false sense of confidence.
We all know that Business Email Compromise (BEC) is one of the most dangerous IT threats facing organisations today.
A new study that explores how chief information security officers (CISOs) perceive the state of their profession carries some surprising findings. In a stark contrast with past year studies, “experiencing a data breach” now paints CISOs as more experienced and thus more apt to defend the organization from cyber threats.
IT security experts fear that payouts from insurers may be fueling ransomware attacks as more and more critical infrastructures across the United States fall victim to ransomware operators.
Consumers across the globe are seriously concerned about the data security practices of the companies they do business with, and would take their money elsewhere after a data breach, according to a new study.
The implementation of the California Consumer Privacy Act of 2018 (CCPA) is just around the corner, but there are indications that many organizations might not be ready for the new data protection requirements.
Schools are increasingly deploying a “cloud-first” strategy but they can’t keep up with the cyber risks associated with their expanding attack surface, according to a new study. If the recent spate of ransomware attacks on U.S. school districts is any indication, the education sector is in dire need of skilled cybersecurity staff.
Most analysts predict managed cyber-security will grow at a CAGR of over 15% in coming years. This trend is no surprise, considering the global shortage of security talent and the increasing sophistication of attacks on data and business productivity.
More than a year after the European Union enacted the General Data Protection Regulation (GDPR), half of businesses in the United Kingdom are still not fully compliant. Around 52% stand to incur big penalties from the Information Commissioner’s Office (ICO), in case they misuse personally identifiable information of EU residents.
Banks, like most industries, are undergoing profound digital transformations. They’re trying to compete, lower business risk, and cut costs from their business operations.
Cybercriminals often exploit flaws in unpatched systems to breach an organization, as in the 2017 WannaCry contagion and the massive 2018 Equifax incident. Perhaps it’s no surprise, then, that businesses big and small list patch management as a key pain point. And, according to a recent survey, small and medium-sized businesses are particularly susceptible to data breaches that use this attack avenue.
The US Federal Bureau of Investigation (FBI) and federal partners have arrested 281 alleged cybercriminals across nine countries, dismantling one of the biggest international business email compromise (BEC) operations.
Cybersecurity has become a board room imperative, with almost half of corporate boards across the US, Europe, Australia and New Zealand now actively discussing cybersecurity strategy, new research shows.
Legislators need to impose stricter cybersecurity laws as cyber-attacks continue to increase. However, the vast majority of cybersecurity professionals attending this year’s Black Hat conference in Las Vegas agreed that elected officials aren’t capable of crafting effective security regulation.
- BlueKeep is a wormable security flaw in Microsoft Remote Desktop Services that allows attackers to take control remotely of vulnerable systems.
- Metasploit developers released the first functional prototype of exploit code with payload execution capabilities.
- Bitdefender tested the newly released exploit code and Hypervisor Introspection prevents this attack (demo included).
Last Friday, security researchers working on the Metasploit project released the first functional exploit code to successfully achieve code execution against systems vulnerable to BlueKeep. This high impact vulnerability affecting Microsoft Remote Desktop Services was first reported as CVE-2019-0708 in May 2019. On May 14th, Microsoft started releasing patches for affected Windows OSes (including the end of life XP and 2003)
Ransomware operators have developed a taste for state and local governments across the United States this year, with almost two thirds of ransomware attacks in 2019 directed at government organizations.
The Cloud Security Alliance (CSA), an organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, recently unveiled its “Top Threats to Cloud Computing: The Egregious Eleven,” a report that examines the risks inherent with cloud security.
The Cloud Security Alliance (CSA), an organization that works to raise awareness about best practices for secure cloud computing environments, has been especially busy of late—churning out findings related to cyber security and the cloud.
New research out in the past few weeks show that false positives and alert fatigue continue to plague security operations centers (SOCs) worldwide. And, according to the research, it's killing the SOC's ability to keep teams intact and to respond quickly to threats.
