Average DDoS attack volumes grew by 194% in 12 months
The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key…
There’s a growing disconnect between data privacy expectations and reality
There is a growing disconnect between how companies capitalize on customer data and how consumers expect their data to be used, according to a global online survey commissioned by RSA Security. Consumer backlash in response to the numerous high-profile data breaches in recent years has exposed one of the hidden risks of digital transformation: loss…
Apple Patches FaceTime Spying Vulnerability
Apple described the flaw, tracked as CVE-2019-6223, as a logic issue in the handling of Group FaceTime calls. The company says the problem has been addressed with “improved state management.” The bug allowed an attacker to spy on FaceTime users by calling the targeted user and adding the attacker’s own number to a group chat….
4 Payment Security Trends for 2019
Visa’s chief risk officer anticipates some positive changes ahead. Change that leads to improvement is usually good, in my opinion, and in my role at Visa, I anticipate some healthy changes ahead for the payment industry. Of course, no one can perfectly predict what is to come, but here is my take on four notable…
Consumers Care About Security – Sometimes
Consumer concern about cybersecurity and privacy is very real but not evenly distributed, a new report shows: while passwords and financial information are worrying for everyone, concern about other information varies widely depending on the individual’s age, gender, and national origin. The RSA Data Privacy & Security Survey 2019 of more than 6,000 adults contains…
What do successful pentesting attacks have in common?
In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast majority of companies, there were multiple vectors in which an attacker could reach the internal network. Full control of infrastructure was obtained on all tested systems in internal pentesting. In addition, the…
Report: Over 59,000 GDPR data breach notifications, but only 91 fines
Since the European Union’s General Data Protection Regulation (GDPR) came into effect in May last year, EU organizations have reported almost 60,000 data breaches, but so far fewer than 100 fines have been issued by regulators. According to a new report by multinational law firm DLA Piper, the European Commission’s official statistics show 41,502 data…
Mitigating the Security Risks of Cloud-Native Applications
Containers represent the most significant computing advancements for enterprise IT since VMware introduced its first virtualization product, Workstation 1.0, in 1999. They enable organizations to build, ship, and run applications faster than ever, fueling the rise of the DevOps movement. It’s important for CISOs to realize that while containers can create more secure application development…
Cybercriminals Exploit Gmail Feature to Scale Up Attacks
Some cybercriminals are taking advantage of a long-standing feature in Google Gmail designed to enhance account security, to create multiple fraudulent accounts on various websites quickly and at scale, security vendor Agari said this week. The feature, which some have warned about previously, basically ensures that all dotted variations of a Gmail address belong to…
Four differences between the GDPR and the CCPA
By passing the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, the Golden State is taking a major step in the protection of consumer data. The new law gives consumers insight into and control of their personal information collected online. This follows a growing number of privacy concerns around corporate…