20 Sep 2019

Key threats and trends SMB IT teams deal with

Malware is the top security concern for IT professionals at small to mid-sized businesses (SMBs), a new LogMeIn report reveals. Malware (mentioned by 54% of respondents) is followed by ransomware (46%), employee behavior (44%), cloud security breaches (44%), external data breaches (37%), and internal data breaches (34%). The reports notes a

Read More
19 Sep 2019

Small businesses underestimate financial damage of cyberattacks

70% of small to mid-sized businesses (SMBs) believe that losses from a successful cyberattack on their firm would not exceed $25,000, while over half think total damages would remain under $10,000, a new AppRiver survey shows. This implies that small business owners are grossly underestimating the amount of money they

Read More
19 Sep 2019

Businesses need to treat cybersecurity as something that crosses organizational boundaries

An new CompTIA survey reveals stark differences between how company executives, business employees and technology professionals view their organization’s cyber-readiness. While the majority of respondents in the first two categories were fully satisfied with their company’s cybersecurity efforts (55% of executives and 61% of business staff stated this), a mere

Read More
17 Sep 2019

Only 15% of organizations can recover from a severe data loss within an hour

Just 15% of organizations are confident they could bounce back from a serious data loss incident within an hour, while 40% would need at least one day to achieve this, and 25% would need days or weeks, a new survey by StorageCraft reveals. According to the report, 80% of businesses

Read More
17 Sep 2019

Most Cyber Attacks Focus on Just Three TCP Ports

Almost two in three (65%) cyber campaigns targeting small to mid-sized businesses (SMBs) attack one of three popular TCP ports, namely port 22 (SSH, 35%), port 80 (HTTP, 15%) and port 443 (HTTPS, 15%), a new report by Alert Logic found. The fourth most targeted port is 3389, which is

Read More
10 Sep 2019

More than 99% of attacks in the past year relied on human error to gain access

A new Proofpoint report underscores the need for organizations to address the human factor in their cybersecurity programs. According to the study, over 99% of cyberattacks last year relied on user interaction. In other words, the attacks could only succeed because someone did something they shouldn’t have done, such as

Read More
06 Sep 2019

Senior Staff Immune from Insider Threat Finger-Pointing

A new study[pdf] by Red Goat Cyber Security sheds light on insider threats. The survey presented respondents with different scenarios indicating potentially malicious behavior by a colleague, friend, new employee, senior staff member or contractor, and asked them whether or not they would report the person in question. When presented

Read More
05 Sep 2019

Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn

Security researchers with the Zero Day Initiative (ZDI) are warning that Google has failed to include a high-severity privilege escalation vulnerability in the collection of security patches it released for the Android platform this week. The bug affects the v4l2 (Video4Linux 2) driver used in Android devices. ZDI disclosed the

Read More
04 Sep 2019

A look into the frequency and success of phishing attacks on SMBs

In the last 12 months, threat actors targeted 43% of small to mid-sized businesses (SMBs) in the UK with a phishing attack in which they masqueraded as one or more employees, a new CybSafe report found. It is rather worrisome that two-thirds (66%) of targeted SMBs were actually compromised as

Read More
21 Aug 2019

Should Companies Block Newly Registered Domains?

Companies can significantly improve their cybersecurity by blocking access to newly registered domains (NRDs) because 70% of these are “malicious,” “suspicious” or “not safe for work,” a new report by Palo Alto Networks suggests. These findings confirm earlier reports indicating that threat actors frequently use NRDs for malicious purposes including “C2

Read More