Check Point researchers have developed a new attack technique that takes advantage of memory safety issues in the widely used SQLite database engine. It allows attackers to execute commands in applications that rely on the engine for data storage. The discovered flaws represent a very serious threat because SQLite is

A mere 4% of small businesses in the United States have fully adopted the cybersecurity best practices outlined by the US Small Business Administration (SBA), a new report by Nationwide found. Around 20% of small businesses in the survey did not train employees about cybersecurity at all. Most small business

A new survey by Fidelis Cybersecurity reveals that the majority of infosec professionals are very concerned about a lack of automation (57.43%) and of visibility (53.39%) in their organization. While 70% of respondents said that threat hunting is a necessity to address growing cyber threats, a majority of firms are

The Cloud Security Alliance has released a new report listing the latest threats related to cloud computing that impact strategies for could adoption in businesses.   The top 11 new threats for cloud environments are: 1. Data breaches 2. Misconfiguration 3. Lack of security architecture and strategy 4. Poor access

New statistics gathered by Lares show that the most common security issues found by ethical hackers as part of penetrating testing engagements are: Brute forcing accounts with weak and guessable passwords Kerberoasting Excessive file system permissions WannaCry/EternalBlue Windows Management Instrumentation (WMI) lateral movement According to Lares founder Chris Nickerson, penetration

A new report by Keeper Security indicates the most business leaders at small to mid-sized businesses (SMBs) vastly underestimate the risk that cyber threats pose to their firm. Two in three (66%) respondents said that their organization will not suffer a cyber attack, even though recent research by the Ponemon

A new ConnectWise report highlights major shortcomings in the cybersecurity strategies of small and mid-sized businesses (SMBs). The vast majority of SMBs have not identified and documented cybersecurity threats (69%) nor vulnerabilities (66%), which means that they have no clue about the weak links in their defenses and no way

Data breaches have gotten 12% more costly over the past five years, and the average data breach now leads to $3.92 million in losses for the affected organization, a new report by IBM shows. While the costs for smaller firms tend be lower, companies with fewer than 500 people on

A new SANS report provides insight into company efforts to increase the security awareness and skills of employees. The study found that only 4.3% of organizations still don’t have a security awareness program, which is a slight improvement compared to two years ago when the number was 7.6%. However, SANS

A new RedSeal survey among IT professionals highlights how the reckless or ignorant behavior of CEOs may put companies at risk. A majority (54%) of respondents think that their CEO is undermining the security of their organization by not adhering to internal cybersecurity policies, while 75% of IT professionals want