New research from Digital Shadows reveals that criminal groups are promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors with extortion scams. These salary promises can be higher still for those with network management, …
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software directly from the computer’s memory, researchers with Independent Security Evaluators (ISE) have found. The findings They tested the 1Password, Dashlane, KeePass and …
Companies like Airbnb, Uber and DoorDash, which have a cloud-based software infrastructure as one of their main enablers, are disrupting the hospitality, transportation and food delivery sector. Why do all these new companies use the cloud and what advantages does it give them? Unlike legacy competitors, innovators with new infrastructure can: …
There were 6,515 publicly disclosed data compromise events through December 31, 2018, exposing over 5 billion sensitive records, according to Risk Based Security’s Year End 2018 Data Breach QuickView Report. While the year ended below 2017’s high mark of 6,728 reported breaches, a slow trickle of new breach information continues and may …
A successful cyberattack is undoubtedly one of the most disruptive events an organization can …
A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of …
Duo Security has released CRXcavator, a tool that can help end users and enterprises make an informed decision about installing a specific Chrome extension. About CRXcavator CRXcavator was created as an internal tool by Duo’s Corporate Security …
Cybercrime continues to evolve and become more sophisticated. AI and machine learning are leveraged by many criminal organizations to help them better understand how to improve their attacks and they are now targeting specific industry …
To identify top threats, the Dtex researchers collected and analyzed information from work-issued endpoints across more than 300,000 user accounts. Proprietary, cloud and personal accounts such as email were included in the total. Assessed …
Cybersecurity concerns, along with U.S. economic growth, are the two top drivers anticipated to spur overall U.S. tech industry growth in 2019. Data privacy remains at the center of the sector’s worries, with 87 percent of tech CFOs expressing a …
A majority (82 percent) of end-users are pushing back on IT or management when the company tries to dictate which collaboration tools should be used. But IT is standing its ground; nearly two-thirds (63 percent) of information technology …
New research from Digital Shadows reveals that criminal groups are promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors …
Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the patched vulnerabilities affect Cisco HyperFlex Software, software …
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE archives. About the flaw The vulnerability was unearthed by Check Point …
Cloud services serve core functions essential to all aspects of business operations, but getting cloud security right is still a challenge for many organizations, the 2019 Cloud Threat Report by Oracle and KPMG has shown. The two companies have …
This year’s (ISC)² Secure Summit EMEA will take place in The Hague in April. In order to find out what elements set this event apart from other cybersecurity events, we sat down with Mary-Jo de Leeuw, Director of Cybersecurity Advocacy, …
PCI SSC is accepting applications for the Qualified PIN Assessor (QPA) Program. The QPA Program will enable security professionals to perform assessments using the PCI PIN Security Requirements and Testing Procedures (PCI PIN Security Standard). …
Account Takeover attacks don’t follow conventional attack patterns – they look, act, and feel like legitimate users. Without the right tooling, visibility into your environment, and intimate understanding of your users, defending …
