By Bogdan Botezatu on Nov 17, 2017 |
What were the biggest cyber security culprits in the first half of 2017 from a data breach standpoint? Identity theft and poor internal security practices, according to the latest Breach Level Index (BLI) Report by Gemalto. The index, a global database of public data breaches, showed that the first six months of the year had 918 data breaches that led to 1.9 billion data records being compromised worldwide. Compared with the last six months of 2016, the number of lost, stolen or compromised records increased by a staggering 164%, the report said. Much of this was due to the 22 largest data breaches, each involving more than one million compromised records. Of the 918 data breaches during the period, more than 500 (59% of all breaches) had an unknown or unaccounted number of compromised data records. By Razvan Muresan on Aug 22, 2017 |
Some 90 percent of boards of directors in the US address cybersecurity as a serious risk management issue with severe reputation and financial consequences, while only 8 percent haven’t done it so far, according to a recent Bitdefender survey. Some 60 percent of IT security decision makers in the US say their companies could ‘definitely’ be a target of cyberespionage campaigns using advanced persistent threats (APTs), according to a recent survey by security firm Bitdefender. These complex cyber tools are crafted for high-profile entities and operate by silently gathering sensitive data over long periods. Another 35 percent of respondents say their IT infrastructure could ‘possibly’ be targeted in high-level cyberespionage actions that exfiltrate intelligence systematically. By Filip Truta on Aug 16, 2017 |
Organizations worldwide are on track to spend a cumulative $86.4 billion on information security products this year, a 7 percent increase over 2016, Gartner reports. The research firm anticipates that figure will climb to $93 billion in 2018. The IT-focused advisory firm projects fast growth for the security testing market. Despite the relatively small base, the infrastructure-protecting segment continues to suffer data breaches, fueling demand for application security testing. “Spending on emerging application security testing tools, particularly interactive application security testing (IAST), will contribute to the growth of this segment through 2021,” says Gartner. By Razvan Muresan on Aug 14, 2017 |
It’s safe to say that the concept of the Internet of Things (IoT) has progressed to the point where a growing number of organizations are exploring the opportunities. What might not be so safe is the IoT itself; security remains one of the biggest concerns and challenges of implementations. Before we take a look at the security issues, let’s examine some recent research to see just how “real” IoT is. A report released in June 2017 by International Data Corp. (IDC) said spending on the IoT grew 17% year over year in 2017, reaching just over $800 billion. By 2021, the firm said, global IoT spending is expected to total nearly $1.4 trillion, as organizations continue to invest in the hardware, software, services, and connectivity that enable the IoT. Firms that didn’t patch and enabled local admin rights continue to suffer post cyber-attack7/17/2017
By Graham Cluley on Jul 12, 2017 |
Here’s a salutary reminder for all businesses. Just because a malware outbreak has begun to fade away from the newspaper headlines, doesn’t mean your troubles are over. Many firms can continue to suffer long afterwards. In late June, a malware attack crippled businesses and critical infrastructure in Ukraine at astonishing speed. Initially suspected of being a similar ransomware attack to the WannaCry outbreak seen the month before, the malware (variously named as Petya, NotPetya or GoldenEye by security vendors) appears to have been launched through a malicious automatic update to a popular Ukrainian accounting software tool called MeDoc. We tell companies all the time to keep their software updated with the latest available patches, and yet here was an update which actually delivered a devastating malware attack. The irony isn’t lost on anybody. By Razvan Muresan on Jun 15, 2017 |
Attackers are now targeting small and medium businesses to extort higher fees, a Bitdefender survey shows, meeting the company’s predictions for 2017. One in five small and medium businesses (SMBs) in the US reported a ransomware attack within the past 12 months, according to a Bitdefender survey of 250 IT pros in the US working in SMBs, carried out by Spiceworks. Some 38% indicated they paid ransom - $2,423 on average - but most did not recover the encrypted data. Ransomware, a type of malware that locks and usually encrypts a computer’s files until the victim pays to regain access, is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016, a 300-percent increase over the approximately 1,000 attacks per day seen in 2015, according to the U.S. Department of Justice. SMBs are ideal targets for ransomware developers as some do not invest in security solutions, yet they handle sensitive business information (i.e. customer data, financial records, product info), targets that cyber-criminals value most. Bitdefender’s survey shows that less than half (45%) of the SMBs that paid to regain access to their data after falling victim to ransomware actually got their information back. From those targeted, most were able to mitigate the attack by restoring from backup (65%) or through security software/practices (52%). A quarter of those targeted couldn’t find a solution to address the ransomware attack and lost their data. By Andrei Pisau on Feb 04, 2016 |
CIOs and CISOs unanimously agree that IT departments need beefed-up security with solutions that can not only cope with an ever-increasing number of threats, but also integrate with existing infrastructure to minimize both deployment and performance impact. Independent tester AV-TEST is known for thoroughly testing endpoint security for threat detection capabilities, performance impact and usability, establishing itself as one of the most respected and impartial independent testers. It is because of this that IT security managers carefully assess such findings and make important strategic decisions based on these results. With technology executives expecting to spend between 1% and 5% of their revenue on IT security, security and risk management are two challenges that can also be addressed by due diligence on endpoint protection security solutions. By Razvan Muresan on May 16, 2017 |
Ransomware infections impact individual users and businesses, regardless of size or industry, by causing service disruptions, financial loss and, in some cases, permanent loss of valuable data. In 2016, the number of ransomware attacks increased 300 percent from 2015, with over 4,000 attacks detected per day, according to US government statistics. WannaCryptor (WannaCry), the most recent version of ransomware, has targeted businesses in more than 70 countries around the world, with more than 250,000 infected terminals so far. By late Monday, cybersecurity officials said the globe-spanning WannaCry cyberattack had largely been contained, though governments and companies are likely to continue disclosing instances of infection for days or weeks as they get a better handle on the scope of the attack, the WSJ reports. The FT reports that "at least a dozen other NSA tools are currently being discussed and worked on as the basis of potential new cyber weapons on hacking forums on the dark web." By Luana Pascu on Mar 24, 2017 |
In 2016, the number of ransomware attacks increased 300 percent from 2015, with over 4,000 attacks detected per day, according to US government statistics. Ransomware is among the worst types of infection, as it not only encrypts network data, but in the end may cost victims all their data – even if they pay the ransom. It should be a priority for all businesses and organizations in 2017. Ransomware is not limited to consumer networks; it’s one of the most sophisticated types of malware that targets all internet users, from private individuals to corporate networks to government agencies. Ransomware attacks on enterprises affect shareholders, employees and customers, and could lead to permanent damage caused by loss of confidential information, negative publicity and financial loss. By George V. Hulme on Mar 23, 2017 |
A vital, actually a most fundamental, aspect of enterprise security is helping organizations to keep confidential information confidential. This is why security at the data and document level is something to which much more attention should be paid by enterprises. And a report, Getting Control of Document Flow: Exploring Exposure and Risk In Document-Related Data Breaches, just issued from the Business Performance Innovation (BPI) Network (sponsored by Foxit software) found that 60 Percent of survey respondents said sensitive documents have accidentally been sent to someone who probably wasn’t authorized to see the document. No big surprise there, in fact I think most of us have forwarded something we shouldn’t have to someone at some point in our work lives. The BPI Network survey, based on responses from business owners, CEOs, executives and knowledge workers from more than 200 companies from various nations was fielded in the final quarter of 2016 and part of first quarter 2017. It found that 89 percent of those surveyed believe that increased connectivity and mobile devices is increasing document risk. |
Protect from RansomwareBuy Bitdefender now RECOMMENDED READINGs
All
|