The password reuse problem is a ticking time bomb
Despite Bill Gates predicting the demise of passwords back in 2004, they are still very much in use. Passwords, like email, seem future proof; but they are also the source of many cybersecurity problems. Key drivers of these issues are human behavior and the desire for convenience, which results in password reuse across multiple accounts….
Believe the hype, but control the threat: Reducing the risk of ransomware
Ransomware is becoming an epidemic for any collection or repository of data. Each day the attacks seem to be getting larger and more lucrative for cybercriminals. According to Europol’s annual report, the Internet Organised Crime Threat Assessment (IOCTA), file-encrypting malware attacks could become far more destructive as cybercriminals change their tactics. The IOCTA lists ransomware…
IaaS cloud vulnerabilities expected to increase 50% over 2018 figures
Although the total number of IaaS cloud vulnerabilities is still small and the technology relatively young, volumes are increasing year-over-year at a steady rate, an expected to hit 50-percent growth by the end of 2019, Skybox reveals. Key findings of the report include: Vulnerabilities affecting cloud IaaS solutions likely to increase 50% over 2018 figures…
About 50% of Apps Are Accruing Unaddressed Vulnerabilities
The latest edition of Veracode’s annual “State of Software Security” study released this week shows that many enterprise organizations are at increased breach risk because of aging, unaddressed application security flaws. Veracode recently analyzed data from application security tests on more than 85,000 applications and found that, on average, companies fix just 56% of all…
Older Amazon Devices Subject to Old Wi-Fi Vulnerability
Som old Amazon devices contain an even older Wi-Fi vulnerability that can be exploited in man-in-the-middle attacks. The vuln – KRACK, or Key Reinstallation Attack – is a flaw in the four-way WPA2 handshake that begins the protected transaction. The vulnerability leaves the wireless traffic encrypted, but routed through a malicious middle actor that decrypts…
IoT Attacks Up Significantly in First Half of 2019
Malicious actors aren’t tiring of the Internet of Things (IoT), with cyberattacks on network-connected smart devices and process controllers rapidly increasing in number. One network of honeypots, put in place by Kaspersky, saw 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first six months of 2019, compared with just…
Cybercrime is maturing, shifting its focus to larger and more profitable targets
Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key element in cybercrime, both from a crime and an investigate perspective. These key threats demonstrate the complexity of countering cybercrime and highlight that criminals only innovate…
Microsoft Issues 9 Critical Security Patches
Today is the second Tuesday of the month, and Microsoft is right on schedule with 59 security fixes, nine of which are considered Critical in severity. None of the vulnerablities were previously known or exploited, and 49 are ranked Important and one as Moderate. The latest release affects Windows, Internet Explorer, Edge, ChakraCore, Microsoft Office…
Insider threats are security’s new reality: Prevention solutions aren’t working
Insider threats expose companies to breaches and put corporate data at risk. New research from Code42 questions whether the right data security solutions are being funded and deployed to stop insider threats and asserts that legacy data loss prevention solutions fall short in getting the job done. Today, 79% of information security leaders believe that…
Educational organizations massively vulnerable to cyber attacks
The education sector is facing a crisis as schools grapple with high levels of risk exposure – driven in large part by complex IT environments and digitally savvy student populations – that have made them a prime target for cybercriminals and ransomware attackers, according to Absolute. The summer months of 2019 saw the number of…