A recent One Identity survey[pdf] conducted among IT professionals sheds light on Pass the Hash (PtH) attacks, in which threat actors use stolen hashed administrator credentials in order to compromise systems. A staggering 95% of organizations have suffered PtH attacks that impacted business operations. PtH attacks often impacted operational costs

In the past 12 months, 56% of utility companies around the world suffered at least one cyberattack resulting in the loss of private data or downtime affecting their operational technology (OT) systems, a recent survey by Siemens and Ponemon Institute found. More than half are anticipating a cyberattack targeting critical

An investigation by ESET has uncovered Attor, a previously unknown cyber-espionage platform that has been used by threat actors to carry out campaigns targeting government and diplomatic entities in Eastern Europe since at least 2013. Zuzana Hromcová of ESET said the attacks were “highly targeted at users of these Russian

82% of organizations suffered a DNS attack last year, and many companies were hit multiple times, with the average number of attacks per company falling just short of 9.5, a new report by EfficientIP shows. Because the average cost per attack exceed $1.3 million, companies can expect to lose over

A new report by Amnesty International accuses Israeli spyware vendor NSO Group of providing the Moroccan government with cyber espionage tools that were used to target a freedom of expression activist and a human rights lawyer in the country. The targets both received text messages containing malicious links that would

For the last seven years, iTerm2, the most used terminal emulator for macOS, contained a critical flaw that could have enabled threat actors to run arbitrary code on vulnerable systems in various ways. This is especially worrisome considering the fact that the application’s user base consists in large part of

Twitter has admitted that it “inadvertently” used an unknown number of email addresses and phone numbers that had been provided by users solely for the purpose of enabling multi-factor authentication, for targeted advertising. The social media firm assured that “no personal data was ever shared externally with our partners or

In the past 12 months, two-thirds (66%) of small to mid-sized businesses (SMBs) have suffered a cyberattack, according to a new report by the Ponemon Institute and Keeper Security. The finding underscores a broader trend of growing cyber incidents at SMBs over the last 3 years. Last year, 63% of

The websites of many US presidential candidates suffer from security and privacy issues, a recent audit by the Online Trust Alliance (OTA) found. Just 7 out of 23 candidates, including Donald Trump and Bernie Sanders, achieved the “Honor Roll,” meaning that their websites provided sufficient privacy, security and consumer protection

A new survey by LastPass shows that a majority (57%) of organizations have adopted multi-factor authentication (MFA), which is  a 12% increase compared to last year. The vast majority (95%) of employees who use MFA, rely on a software-based solution, which typically provides less security than hardware solutions (4%) and