Physical security systems across Europe are not properly optimized and some of them need improvements in 2020, according to a survey of 1,000 IT decision-makers.
Insider threats present themselves in a variety of ways, and a person isn’t always responsible. Most insider threats are a mix of technology, personnel, and security, according to officials from the US Department of State.
More and more businesses are falling victim to Business Email Compromise, where scammers fool companies into transferring money into the bank accounts of criminals.
A prolific and dangerous group called Exaggerated Lion has been hitting targets in the United States with business email compromise (BEC) attacks that follow a very specific model. They have racked up thousands of attempts and hundreds of millions of dollars stolen every month.
Since 2007, security services provider Unisys has measured the level of security concerns among consumers. Unisys claims its “Security Index” is the longest-running snapshot of consumer views regarding security from around the world.
More than 2,000 government mobile devices went missing in a recent 12-month period in the UK alone, either lost or stolen. Many were unencrypted, raising questions about cybersecurity.
Switzerland’s Reporting and Analysis Centre for Information Assurance (MELANI) has issued an urgent security notice addressing Swiss-based companies that have recently suffered cyber-attacks.
Data breaches in the healthcare industry are on the rise in the United States, and more people are affected each year. While the number of breaches is rising, the number of affected patient records is soaring, having tripled since 2018.
From small companies losing their income to fraud to entire countries being robbed of their data, the past few years have seen an unprecedented surge in security incidents. In fact, the recently launched Allianz Risk Barometer 2020 claims cyber incidents have surpassed even business interruption to become the No. 1 business risk for companies everywhere.
The FBI's Internet Crime Complaint Center (IC3) has compiled all complaints registered in 2019, and the reported losses exceed $3.5 billion, with Business Email Compromise (BEC) and Email Account Compromise (EAC) accounting for $1.7 billion.
The Oil & Gas sector is investing aggressively in digital as the energy transition progresses and firms move to sustainable business models. That includes heavy investments in cybersecurity, an ongoing trend in an industry bent on protecting assets and reputations.
When it comes to critical infrastructure, there are few more essential than electricity generation and distribution. Without electricity, nothing else works. According to a report from cybersecurity firm Dragos, groups have shown that they have the capability to impact power operations and network connectivity detrimentally. "Electric utilities remain at risk for a disruptive – and potentially destructive – cyberattack due to the political and economic impact such an event may cause,” the firm wrote in its report North American Electric Cyber Threat Perspective.
The healthcare industry is fighting a wave of ransomware attacks, as hackers constantly adapt a varied arsenal of malware tools. A recent survey found 172 cyberattacks against the healthcare systems have succeeded in the past four years.
The Federal Bureau of Investigation has issued a private industry notification warning organizations across the U.S. that hackers are actively targeting their supply chain partners to compromise their systems.
One year back, Bitdefender was featured in Dark Reading’s series Cybersecurity and the Human Element: We're All Fallible. At that time, we provided our perspective on the fallibility for end users, security leaders, security analysts, IT security administrators, programmers, and attackers. Fast forward to today, RSAC 2020 Trend Report singles out the human element as the main trend in cybersecurity in 2020, and themes RSAC 2020 event around it:
While software developers are showing signs of high apprehension when it comes to the security of their software, their organizations however have considerable work ahead of them getting developers the tools they need to succeed.
- New remote memory corruption vulnerability in Internet Explorer browsers allows for full takeover of infected systems
- Bitdefender has confirmed exploitation in the wild of CVE-2020-0674 with analysis of 2 distinct executable payloads
- Hypervisor Introspection delivers true zero-day protection by preventing all common memory exploit techniques
Every cyber security executive knows—or should know—that the current demand for skills is much greater than the supply. But a recent study by (ISC)², an international non-profit membership association of certified cyber security professionals, indicates just how mammoth the talent shortage has become.
Any organization with an online footprint is always exposed to DDoS (distributed denial-of-service) attacks, and new data from Imperva shows no industry has more to fear than Games and Gambling.
While most enterprises recognize the critical role that security operation centers (SOC) play in cybersecurity activities, very few are able to perfect a SOC approach that meets their ultimate satisfaction. A new study out on attitudes toward SOC efficacy shows that organizations are spending millions each year to run their SOCs, but that many are unhappy with the ROI from this investment.
Cyber threats lurk behind every corner, in every industry and geography. From run-off-the-mill crooks to sophisticated state-sponsored actors, cybercriminals take every opportunity to exploit weaknesses for quick cash, to exfiltrate data, or to simply disrupt operations, depending on their goal.
A protocol little known by executives outside of the networking world may put the future safety of enterprise IoT at extreme risk if organizations don't take action to secure their connections. New research out last week found that the way that many large organizations are using the Long Range Wide Area Networking (LoRaWAN) protocol is making them susceptible to hacking that could cause civic disruption and even put people at risk.
The US National Security Agency (NSA) has published an important document outlining the main classes of cloud vulnerabilities and the ways an organization can go about addressing them.
