IT auditors—the people who conduct examinations of the management controls within an organization’s IT infrastructure to determine if technology assets are secure and to ensure data integrity—have had their hands full lately.
A Canadian insurance company that fell victim to ransomware last year has managed to obtain the decryptor from its aggressors, then went on to freeze their Bitcoin wallet using a clever trick.
Earlier this week, police in Japan launched what was described as a "three day public-private cybersecurity exercise" focusing on the risks faced by teleworkers.
What is security culture? There’s lots of talk about how important security culture is to a security program, but security culture is a nebulous concept to attempt to define — and harder still to measure. It’s also, apparently, difficult to achieve: a survey from the IT governance professional’s organization ISACA found that nine in ten enterprises said they have a gap between the security culture they want to have and the actual culture they have in place.
From humble beginnings of protecting traditional PCs, endpoint security has evolved to protect complex systems in large organizations, safeguarding diverse environments including business-issued hardware, bring-your-own-device (BYOD) programs, and more. The latest TAG Cyber Security Annual report spots the trends in endpoint security and how they relate to cybersecurity in general.
Many companies are coming to the realization that an effective anti-malware tool is insufficient to protect their business in today’s threat landscape. It is this realization that has driven the uptake of a more comprehensive service, known to the industry as Managed Detection and Response, or MDR for short. This service helps small to medium enterprises limit risk to their businesses by outsourcing 24/7 Detect and Response operations to an established service provider allowing them to reduce complexity and cost.
Precisely 13 years ago, on January 28, the Council of Europe initiated European Data Protection Day to raise awareness of best practices for data protection and to help boost knowledge about personal data among organizations and individuals.
The price of a ransomware attack can be ascertained more precisely than other types of attacks, and a new study unveils the expected costs that a company incurs during such an event.
Whenever we hear about major cyber security attacks such as data breaches, it’s typically larger enterprises that are the victims. That makes sense, considering those events can potentially impact a lot of people and therefore are more likely to grab headlines and garner attention.
Of all the possible concerns global businesses can have, cyber security threats are at the top of the list, according to recent research by insurance firm The Travelers Companies.
Cyber-attacks on government institutions and critical infrastructures have increased considerably in recent years, with the United States seemingly painted as the bullseye for ransomware operators in 2019. Infosec experts argue that state institutions spend too little on cybersecurity, and a recent study shows they may be right
An attack on any of the five most active U.S. banks would have a ripple effect throughout the entire banking system, causing disruptions in the financial sector and affecting a third of all assets, according to a study by the Federal Reserve Bank of New York.
Despite growing risks, many companies are still poorly protected against the type of reputational crisis that a cyber incident can deliver, according to research by Allianz.
Not all cyberattacks are visible, and some companies don't know they are under attack and have no clue as to the effects of such an attack on their organization, according to a new study.
Credit reporting agency Equifax continues to pay through the nose after the mega breach it suffered in 2017 resulted in the leak of 147 million customer records and the firing of three executives.
Cybersecurity shot up to the #1 spot as the top peril for companies globally this year, from #2 last year and as low as #15 seven years ago, according to financial services firm Allianz.
Companies are quick to move their operations into the cloud to reduce operating costs, but very few believe the shift makes their data more secure.
A perfect storm of patches can affect the operations inside a company if two or more major vendors choose to push out large patches for their products. Such storms could occur three times in 2020 -- on January 14, April 14 and July 14.
New research estimates, after all the breach data, is tallied, that by the end of 2019, healthcare-related data breaches will cost the industry $4 billion, and respondents to a recent survey expect those numbers to only increase in the year ahead.
Recent investigations by Bitdefender security researchers revealed an attack tactic that could be considered fileless, from an endpoint perspective. Abusing the RDP protocol, in the sense that attackers already have legitimate RDP (Remote Desktop Protocol) credentials, means they can set up a share on their machine that acts as a resource on the local virtual network.
The role of the application programmable interface (API) keeps rising in prominence within the enterprise. And as that happens, so does the risk of APIs as an enterprise attack surface. According to security experts, API security will be a top concern for many cybersecurity organizations in the coming year.
API security is no longer a problem of the future—widespread API proliferation is already here, after all. According to a report earlier this year from Akamai, a full 83% of web traffic today is now API traffic. There are a number of factors that are increasing the prevalence—and the importance-- of APIs within organizations both large and small.
Three Major Awards Mark A Milestone for Bitdefender’s Integrated Security Across Endpoint, Network and Cloud!
From crippling ransomware attacks to a near-miss of WannaCry 2.0, 2019 has been anything but short of security incidents, with major attacks popping up in the media on an almost weekly basis. The line between standard and advanced security is blurring, and tools today need to be able to fight off both everyday threats and targeted attacks in real-life conditions (without relying on signatures, and instead focusing on behavioral detection).
A new study out conducted among the DevSecOps community shows that Kubernetes use is rapidly growing within the enterprise, and not just within test or development environments. As organizations try to catch their breath with the rapid adoption rate, the security community is scrambling to adapt to containers and cloud native architectures as the new normal.
Companies are always in the crosshairs of threat actors, but how do you prepare if you don’t know how your business could be affected. Fortunately, Bitdefender's Cybersecurity Predictions for 2020 offer a framework for the essential security pillars of any company.
If security incidents in the past few years are any indication, cybersecurity professionals face a bumpy road ahead. While some IT security chiefs are prepared to hang up their boots, many are almost certain their organization is under attack from hackers but they haven’t yet learned of it.
Canada-based LifeLabs notified 15 million patients on December 17 that their personal information relating to healthcare, including name, address, email, login, passwords, date of birth, healthcare number, and lab test results, may have been accessed without authorization. Most of those affected reside within British Columbia and Ontario.
