All the latest blog posts from the most relevant cyber security companies in the business.

The retail industry’s cybersecurity preparedness continues to lag behind almost every other sector despite efforts by the major credit card associations to bolster retail security via the Payment Card Industry Data Security Standard (PCI DSS). Third-party risk management firm SecurityScorecard recently analyzed a total of 1,444 domains in the retail industry with an IP footprint…

New data shows attackers are trying to sneak past malware scanners on websites using stealthy hacks such as cryptojacking and malicious JavaScript. Website security service provider SiteLock analyzed data from 6 million customer websites for the second quarter of 2018 and found that a website, on average, suffers 58 attack attempts per day – or…

The race to comply with the European Union’s General Data Protection Regulation (GDPR) by the May 25 deadline is over, but data security and privacy is a marathon, not a sprint. If the ever-evolving regulatory compliance landscape is any indication, GDPR is just the first of many mandates to come. Although it certainly has been…

It takes over a month for the average organization to patch its most critical vulnerabilities, according to a new report detecting trends in Web application attacks. The data comes from tCell, which today released its Q2 2018 “Security Report for In-Production Web Applications.” Researchers analyzed more than 316 million security incidents across its customer base…

The security of Internet of Things (IoT) devices, especially those intended for consumer use, tends to fall on a spectrum between “serious concern” and “industry joke.” Yet the fact is that a growing number of employees have various IoT devices in their homes — where they also could be connecting to an enterprise network to…

A new body of evidence indicates threat actors are using increasingly advanced techniques to target cloud providers and leveraging cloud-specific traits to hide their activity as they breach and persist in target networks. Data comes from the Threat Stack security team, which spotted the pattern over multiple years of observing behavior on client networks. It…

Security pros can never rest. Even with the operation last year that took down AlphaBay and Hansa, industry experts say many groups continue to trade in malware, ransomware, and stolen credentials on the Dark Web, and that the criminals who were caught simply reorganized. “People need to understand that there’s an underground economy – a…

The rapid convergence of enterprise IT and operational technology networks in manufacturing organizations has definitely caught the eyes of cyberattackers. According to a new report out today, manufacturing companies have started experiencing elevated rates of cyber reconnaissance and lateral movement from attackers taking advantage of the growing connectivity within the industry. Developed by threat hunting…