Most analysts predict managed cyber-security will grow at a CAGR of over 15% in coming years. This trend is no surprise, considering the global shortage of security talent and the increasing sophistication of attacks on data and business productivity.
More than a year after the European Union enacted the General Data Protection Regulation (GDPR), half of businesses in the United Kingdom are still not fully compliant. Around 52% stand to incur big penalties from the Information Commissioner’s Office (ICO), in case they misuse personally identifiable information of EU residents.
Banks, like most industries, are undergoing profound digital transformations. They’re trying to compete, lower business risk, and cut costs from their business operations.
Cybercriminals often exploit flaws in unpatched systems to breach an organization, as in the 2017 WannaCry contagion and the massive 2018 Equifax incident. Perhaps it’s no surprise, then, that businesses big and small list patch management as a key pain point. And, according to a recent survey, small and medium-sized businesses are particularly susceptible to data breaches that use this attack avenue.
The US Federal Bureau of Investigation (FBI) and federal partners have arrested 281 alleged cybercriminals across nine countries, dismantling one of the biggest international business email compromise (BEC) operations.
Cybersecurity has become a board room imperative, with almost half of corporate boards across the US, Europe, Australia and New Zealand now actively discussing cybersecurity strategy, new research shows.
Legislators need to impose stricter cybersecurity laws as cyber-attacks continue to increase. However, the vast majority of cybersecurity professionals attending this year’s Black Hat conference in Las Vegas agreed that elected officials aren’t capable of crafting effective security regulation.
- BlueKeep is a wormable security flaw in Microsoft Remote Desktop Services that allows attackers to take control remotely of vulnerable systems.
- Metasploit developers released the first functional prototype of exploit code with payload execution capabilities.
- Bitdefender tested the newly released exploit code and Hypervisor Introspection prevents this attack (demo included).
Last Friday, security researchers working on the Metasploit project released the first functional exploit code to successfully achieve code execution against systems vulnerable to BlueKeep. This high impact vulnerability affecting Microsoft Remote Desktop Services was first reported as CVE-2019-0708 in May 2019. On May 14th, Microsoft started releasing patches for affected Windows OSes (including the end of life XP and 2003)
Ransomware operators have developed a taste for state and local governments across the United States this year, with almost two thirds of ransomware attacks in 2019 directed at government organizations.
The Cloud Security Alliance (CSA), an organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, recently unveiled its “Top Threats to Cloud Computing: The Egregious Eleven,” a report that examines the risks inherent with cloud security.
The Cloud Security Alliance (CSA), an organization that works to raise awareness about best practices for secure cloud computing environments, has been especially busy of late—churning out findings related to cyber security and the cloud.
New research out in the past few weeks show that false positives and alert fatigue continue to plague security operations centers (SOCs) worldwide. And, according to the research, it's killing the SOC's ability to keep teams intact and to respond quickly to threats.
