Navigating the waters of maritime cybersecurity
In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government …
Security awareness training doesn’t solve human risk
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world …
A picture is worth a thousand words, but to hackers, it’s worth much more
Enterprises and end-users are constantly reminded of the dangers associated with clicking on unknown links and documents. Images rarely top the list as would-be …
Defending against Windows RDP attacks
In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in the number …
Email security is a human issue
Research suggests that email is the most common point of entry for malware, providing access in 94% of cases, so it’s unsurprising that phishing is the root cause of 32% of …
Is it OK to publish PoC exploits for vulnerabilities and patches?
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …
Only 8% of businesses that paid a ransom got all of their data back
The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021, a Sophos survey …
Apple patches macOS zero-day exploited by malware for months (CVE-2021-30657)
Apple has patched a critical macOS zero-day (CVE-2021-30657) that has been exploited by Shlayer malware for months and has finally introduced/enabled the App Tracking …
16% of mobile devices in developing markets now infected with malware
Mobile users already disadvantaged by an economic and digital divide have suffered the most from digital fraud throughout the COVID-19 pandemic. In emerging markets such as …
Cybercriminals evolving their tactics to exploit collective human interest
Phishing activity increased significantly in the first few months of 2020, taking advantage of pandemic-induced product shortages and increased usage of streaming services, …
61% of organizations impacted by ransomware in 2020
Enterprises faced unprecedented cybersecurity risk in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber …
Security research project: The easiest way to get “experience” and land a job in cybersecurity
Despite what you might have heard, there’s no shortage of people looking for jobs in cybersecurity. Every open position triggers stacks of resumes, but the challenge is …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware