14 Oct 2019

Consumers concerned about connected home privacy, still few implement safety practices

35% of US citizens are worried that threat actors may be able to obtain authorized access to their home network by hacking into smart devices, a new ESET survey found. Despite these concerns, just 20% of respondents try to find out how data is collected, stored and shared by smart

Read More
14 Oct 2019

Planes, gates, and bags: How hackers can hijack your local airport

New research by Pen Test Partners sheds light on the many ways airport security systems can be compromised by hackers. Potential avenues for attack include: Crew passes: threat actors can use various techniques to steal or copy RF cards that provide airport personnel with access to restricted areas. Building management

Read More
11 Oct 2019

ICS cybersecurity investment should be a priority in protecting operations from disruption

A new Tripwire study reveals that the overwhelming majority (93%) of ICS security professionals are worried about disruptive cyberattacks impacting business operations or resulting in downtime of customer-facing services. 77% of companies have invested in ICS cybersecurity in the last 2 years in order to mitigate these threats. However, about

Read More
10 Oct 2019

Impact and prevalence of cyberattacks that use stolen hashed administrator credentials

A recent One Identity survey[pdf] conducted among IT professionals sheds light on Pass the Hash (PtH) attacks, in which threat actors use stolen hashed administrator credentials in order to compromise systems. A staggering 95% of organizations have suffered PtH attacks that impacted business operations. PtH attacks often impacted operational costs

Read More
10 Oct 2019

Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey

In the past 12 months, 56% of utility companies around the world suffered at least one cyberattack resulting in the loss of private data or downtime affecting their operational technology (OT) systems, a recent survey by Siemens and Ponemon Institute found. More than half are anticipating a cyberattack targeting critical

Read More
10 Oct 2019

Financial industry spending millions to deal with breaches in 2019

82% of organizations suffered a DNS attack last year, and many companies were hit multiple times, with the average number of attacks per company falling just short of 9.5, a new report by EfficientIP shows. Because the average cost per attack exceed $1.3 million, companies can expect to lose over

Read More
08 Oct 2019

Internal user mistakes create large percentage of cybersecurity incidents

The vast majority (80%) of cybersecurity incidents over the past twelve months were caused, at least in part, by internal user errors, a new SolarWinds report shows. Other factors contributing to breaches were shortcomings in network, system or application security (36%), external threat actors breaching the network or systems (31%),

Read More
08 Oct 2019

Global Study Finds Orgs Are Failing to Protect Data in the Cloud

As companies increasingly migrate to the cloud, many of them are putting their data at risk by failing to understand the extent to which they are responsible for the security of their cloud environment, new research by Thales and the Ponemon Institute found. Currently 48% of corporate data is already

Read More
04 Oct 2019

How to protect your organization against insider threats

Nearly half (49%) of business executives and 43% of IT decision makers have clicked on a potentially malicious link in an email before verifying that it was safe to do so, according to a new Code42 study[pdf] that highlights the insider threat to companies. In the past year and a

Read More
04 Oct 2019

Being compliant with laws and regulations is not a guarantee against data breaches

A new report[pdf] by Advisera underscores what security consultants have been telling their clients for years: compliance does not guarantee security. The two are closely related however, as 85% of survey respondents agreed. 90% of respondents said that low security awareness among employees due to a lack of relevant training

Read More