While nearly three-quarters of cybersecurity professionals would grade their organization's
ability to identify and mitigate a cyberattack, as above average or superior, nearly half have
been subject to a spear-phishing attack and a third have suffered a malware incident in the
last year. Further, over half of...
Ask a group of security analysts about the challenges of working in cybersecurity, and you'll likely hear some common themes, like a high volume of security alerts, too many security point-products to manage, and a shortage of skilled cybersecurity talent.
Many teams have turned to security orchestration,...
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
Cloud security is not where it needs it be, and cyber-criminals know this better than anyone.
The cloud itself encompasses a wide range of systems and services, and a single security team can often be responsible for securing workloads across AWS and Azure, email communications in Office 365, customer data in...
When it comes to the organization's overall security posture, which includes the technology stack but also incorporates elements such as procedures, processes and human behaviors, the confidence of the security professionals we interviewed was far from strong. In fact, 70% expressed some sort of dissatisfaction,...
The year 2019 saw a marked increase on breach responses services for small-to-midsized businesses. Kristin Judge, CEO of the Cybercrime Support Network, outlines the state of cybersecurity for the midmarket.
Cyber adversaries are resilient and move quickly, so it'st critical that organizations share threat intelligence in an automated way, says Shawn Henry of CrowdStrike Services. But that sharing has been hampered by a lack of understanding of why it's important and how organizations can benefit, he says.
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Microsoft says intruders targeting its email services had access to email content for a single-digit percentage of the overall affected accounts, a more serious conclusion than first thought. But the company hasn't released many details, including the total number of accounts affected.
Email remains the top threat vector for organizations. And while the move to cloud-based solutions has significantly improved email security, environments such as Office365 have their own complexities that need to be addressed, says David Wagner, CEO of Zix Corp.
Hackers have breached the Australian Parliament's network, although investigators say they have found no evidence that attackers stole any data. But Parliament's presiding officers said all users have been ordered to reset their passwords as a precaution.
For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reports.
Email fraud threats have evolved from attackers targeting networks to them focusing on specific individuals within an organization. What can enterprises do to halt these attacks before they reach the inbox? Denis Ryan of Proofpoint shares defensive tactics.