Consumers across the globe are seriously concerned about the data security practices of the companies they do business with, and would take their money elsewhere after a data breach, according to a new study.
The implementation of the California Consumer Privacy Act of 2018 (CCPA) is just around the corner, but there are indications that many organizations might not be ready for the new data protection requirements.
Schools are increasingly deploying a “cloud-first” strategy but they can’t keep up with the cyber risks associated with their expanding attack surface, according to a new study. If the recent spate of ransomware attacks on U.S. school districts is any indication, the education sector is in dire need of skilled cybersecurity staff.
Most analysts predict managed cyber-security will grow at a CAGR of over 15% in coming years. This trend is no surprise, considering the global shortage of security talent and the increasing sophistication of attacks on data and business productivity.
More than a year after the European Union enacted the General Data Protection Regulation (GDPR), half of businesses in the United Kingdom are still not fully compliant. Around 52% stand to incur big penalties from the Information Commissioner’s Office (ICO), in case they misuse personally identifiable information of EU residents.
Banks, like most industries, are undergoing profound digital transformations. They’re trying to compete, lower business risk, and cut costs from their business operations.
Cybercriminals often exploit flaws in unpatched systems to breach an organization, as in the 2017 WannaCry contagion and the massive 2018 Equifax incident. Perhaps it’s no surprise, then, that businesses big and small list patch management as a key pain point. And, according to a recent survey, small and medium-sized businesses are particularly susceptible to data breaches that use this attack avenue.
The US Federal Bureau of Investigation (FBI) and federal partners have arrested 281 alleged cybercriminals across nine countries, dismantling one of the biggest international business email compromise (BEC) operations.
Cybersecurity has become a board room imperative, with almost half of corporate boards across the US, Europe, Australia and New Zealand now actively discussing cybersecurity strategy, new research shows.
Legislators need to impose stricter cybersecurity laws as cyber-attacks continue to increase. However, the vast majority of cybersecurity professionals attending this year’s Black Hat conference in Las Vegas agreed that elected officials aren’t capable of crafting effective security regulation.
- BlueKeep is a wormable security flaw in Microsoft Remote Desktop Services that allows attackers to take control remotely of vulnerable systems.
- Metasploit developers released the first functional prototype of exploit code with payload execution capabilities.
- Bitdefender tested the newly released exploit code and Hypervisor Introspection prevents this attack (demo included).
Last Friday, security researchers working on the Metasploit project released the first functional exploit code to successfully achieve code execution against systems vulnerable to BlueKeep. This high impact vulnerability affecting Microsoft Remote Desktop Services was first reported as CVE-2019-0708 in May 2019. On May 14th, Microsoft started releasing patches for affected Windows OSes (including the end of life XP and 2003)
Ransomware operators have developed a taste for state and local governments across the United States this year, with almost two thirds of ransomware attacks in 2019 directed at government organizations.
