IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, according to Yubico and Ponemon Institute. The conclusion is that IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation…

A sharp increase (57%) in high-risk vulnerabilities drove the threat index score up 8% from December 2019 to January 2020, according to the Imperva Cyber Threat Index. Following the release of Oracle’s Critical Patch Update – which included 19 MySQL vulnerabilities—there was an unusual increase in the vulnerabilities risk component within the Index. Specifically, there…

44% of malicious threats are cloud enabled, meaning that cybercriminals see the cloud as an effective method for subverting detection, according to Netskope. “We are seeing increasingly complex threat techniques being used across cloud applications, spanning from cloud phishing and malware delivery, to cloud command and control and ultimately cloud data exfiltration,” said Ray Canzanese,…

Many novice Office 365 (O365) shops do not know where platform-specific security vulnerabilities lie, or even that they exist. The threats that you are unaware exist do not cause pain until they rise up and bite – then the agony is fierce. Companies get themselves into trouble when they do not fully understand the way…

Many organizations are starting to realize the benefits of increased scale and velocity of application deployment in their businesses, according to F5 Networks. This value, however, can bring significant complexity as organizations maintain legacy infrastructure while increasingly relying on multiple public and private clouds, implement modern application architectures, and face an evolving and sophisticated threat…

Cybersecurity has emerged as the top focus of upstream oil and gas companies’ digital investments, according to a report from Accenture. The report is based on a global survey of 255 industry professionals, including C-suite executives, functional leaders and engineers. Increased investments in cybersecurity When respondents were asked which digital technologies their organizations are investing…

ThemeGrill Demo Importer is a popular plugin that allows WordPress website administrators to import demo content, widgets and settings for ThemeGrill themes. Researchers at web security company WebARX discovered recently that versions 1.3.4 through 1.6.1 of the plugin are affected by a critical vulnerability that allows an unauthenticated attacker to wipe the entire database of…