WordPress kept users and hackers in the dark while secretly fixing critical zero-day
Last week WordPress released the newest version (4.7.2) of the popular CMS, ostensibly fixing three security issues affecting versions 4.7.1 and earlier. What the WordPress …
Corporate insiders sell secrets and access on dark web
Dark web marketplaces have witnessed an increase of employees offering insider traders, fraudsters and hackers information, help or outright access to their company’s …
Identity fraud hits record high
The number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, according to Javelin Strategy & Research. …
AppSec teams facing resourcing issues that are making them vulnerable
A new Bugcrowd study of one hundred CISOs revealed that 94 percent are concerned about breaches in their publicly facing assets in the next 12 months, particularly within …
PCI SSC publishes best practices for securing e-commerce
Exponential online sales growth paired with the EMV chip migration in the US makes e-commerce payment security for merchants more important than ever before. As EMV chip …
EyePyramid clears the way for future malware attacks
Several weeks ago, the release of court documents revealed a long-standing cyber espionage campaign aimed at Italian politicians and businesspeople, law firms, state …
Hacker Phineas Fisher arrested in Spain?
Has Phineas Fisher, the person (or group) behind the Gamma International and Hacking Team breaches and data leaks, been caught? According to Catalan news outfit ARA, three …
91% of phishing attacks are display name spoofs
GreatHorn analyzed more than 56 million emails from 91,500 corporate mailboxes from March to November 2016. The data found that display name spoofs are the clear phishing …
CSOs reveal true cost of breaches
Over one-third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent, according to the Cisco …
SSD security challenges: Which data sanitization methods are effective?
In recent years, a growing number of data breaches have resulted from the improper data removal and insecure storage of drives. Organizations face a myriad of internal and …
The emergence of new global cybercriminal attack patterns
The findings of a new Malwarebytes report illustrate a significant shift in cybercriminal attack and malware methodology from previous years. Ransomware, ad fraud and botnets, …
ThreatQ 3.0: A threat intelligence platform with fine-tuned controls
ThreatQuotient announced new ThreatQ platform advancements, a robust Partner Integration Program and Professional Services offerings to answer industry demand to make threat …
Featured news
Resources
Don't miss
- Law enforcement takes down proxy botnets used by criminals
- Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
- How to give better cybersecurity presentations (without sounding like a robot)
- Layoffs pose a cybersecurity risk: Here’s why offboarding matters
- Fake AI platforms deliver malware diguised as video content