In order to mitigate application security risk, organizations often use a ‘spaghetti on the wall’ approach, meaning that they use lots of different tools and hope for the best, a new Radware report indicates. The most common AppSec solutions are Web Application Firewalls (WAFs, used by 75% of firms), cloud WAF services

Last month, cybersecurity firm Imperva announced that the data of a “subset of customers” of Imperva’s Cloud Web Application Firewall was exposed in a “security incident” in September 2017. This week, the company published an analysis of the breach, which shows that the incident was made possible by the company

Two European web forums serving sex workers and their customers have been breached by a Bulgarian threat actor who is now selling 330,000 stolen user records on underground marketplaces. The hacker, who uses the moniker InstaKilla, exploited a recently disclosed critical vulnerability in vBulletin in order to steal 300,000 records

Twitter has admitted that it “inadvertently” used an unknown number of email addresses and phone numbers that had been provided by users solely for the purpose of enabling multi-factor authentication, for targeted advertising. The social media firm assured that “no personal data was ever shared externally with our partners or

Nearly half (49%) of business executives and 43% of IT decision makers have clicked on a potentially malicious link in an email before verifying that it was safe to do so, according to a new Code42 study[pdf] that highlights the insider threat to companies. In the past year and a

A new report[pdf] by Advisera underscores what security consultants have been telling their clients for years: compliance does not guarantee security. The two are closely related however, as 85% of survey respondents agreed. 90% of respondents said that low security awareness among employees due to a lack of relevant training

A new study by Onapsis and IDC highlights how enterprise resource planning (ERP) applications can undermine the data protection efforts of companies. In the past two years, 64% of businesses that use SAP or Oracle E-Business Suite (EBS) have experienced a breach of their ERP environment. The compromised data often included

Customer service software company Zendesk experienced a data breach in 2016 that impacted around 10,000 corporate customers, the company announced on Wednesday. Zendesk found out about the breach through a third-party and launched an investigation into the matter, which confirmed that the compromised data includes the full names, contact information,

Data breaches keep getting more expensive for enterprises. In 2017, data breaches at enterprises cost $1.23 million on average per incident, but that number rose to $1.41 million in 2018, a new report by Kaspersky shows. In the first half of 2019, around 4,000 data breaches have taken place, affecting

In the last three years, 60% of organizations around the world have experienced a breach, and 36% acknowledge that they may have been compromised without realizing it, a new survey[pdf] by Bitdefender indicates. A majority of firms (58%) are worried about their ability to handle a major cybersecurity incident. The study