
ICS threat landscape highlights
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed …

Physical cyber threats: What do criminals leave when they break in?
Many organizations have maintained heavy investment in cybersecurity over the last year, even in an unpredictable time when other spending has faltered. Gartner estimates that …

Adversaries exploit supply chains, double down on COVID-19 and ransomware
Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. eCrime attacks made up 79% of all …

Most security pros think a WAF is high maintenance
An organization’s web application firewall (WAF) is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are …

Business email compromise is a top concern for banks
Bottomline and Strategic Treasurer released the results of a survey that gathered details about corporate and banking experiences, actions and plans regarding fraud. Results …

Knowledge graphs: The secret of Google Search and now XDR
Wading through waves of alert noise to find real threats and manually connecting the dots to find context in real-time attacks are essential capabilities in today’s …

Analysts need advanced automation tools to reduce fear of missing incidents
Security analysts are becoming less productive due to widespread “alert fatigue” resulting in ignored alerts, increased stress, and fear of missing incidents, according to an …

Malware increased by 358% in 2020
A research study conducted by Deep Instinct reports on the hundreds of millions of attempted cyberattacks that occurred every day throughout 2020 showing malware increased by …

Successful BEC attacks become 56% more costly
The number of phishing attacks grew through 2020, fully doubling over the course of the year. Attacks peaked in October 2020, with a high of 225,304 new phishing sites …

mHealth apps consistently expose PII and PHI through APIs
All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health …

Researchers spot massive increase in RDP attack attempts
The COVID-19 pandemic continued to influence the cybercrime landscape in 2020, ESET reveals. Most notably, the new attack surface created by the shift to work from home …

Credential spill incidents nearly doubled since 2016
The number of annual credential spill incidents nearly doubled from 2016 to 2020, according to F5 research. There was a 46% downturn in the number of spilled credentials …
Featured news
Resources
Don't miss
- Building a healthcare cybersecurity strategy that works
- AI-generated images have a problem of credibility, not creativity
- The five-minute guide to OT cyber resilience
- Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884)
- Apple offers $2 million for zero-click exploit chains