Security News

A GoodFirms survey outlines the current password behavior of online users, risk factors associated with password management, and the best measures, policies, and practices to safeguard passwords from attacks or breaches. 30% of surveyees reported password leaks and security breaches owing to poor password practices and weak password setups.

Cybercriminals will continue to exploit vulnerabilities within remote working and the vaccine ecosystem, but also set their sights on new targets such as online gambling. As more states legalize online sports betting, phishing scams will target the growing ranks of online gamblers, particularly new entrants.

Midsize companies often lack the staff, expertise and expensive tools needed to defend themselves against attack, says security provider Coro. To generate its new report, named "The Great Cyber Security Market Failure and the Tragic Implications for Mid-Sized Companies," Coro analyzed information on more than 4,000 midsize companies across six industries: retail, manufacturing, professional services, healthcare, transportation and education.

Brittany Ferries has told some customers that an unforeseen technical glitch introduced after "Routine" website maintenance had left their accounts wide open, potentially exposing very sensitive details to anyone who knew the linked email address. The operator, which runs ships from the UK to ports in Spain and France, contacted punters on Tuesday with the bad news about a "Breach to our data that might have an impact on your My Account with Brittany Ferries."

A group of hackers that security researchers call LightBasin has been compromising mobile telecommunication systems across the world for the past five years. LightBasin is active since at least 2016 and targets Linux and Solaris servers in particular, although it did interact with Windows systems where needed, in their mission to steal subscriber information and call metadata.

Australia's Minister for Home Affairs has announced the "Australian Government's Ransomware Action Plan," which is a set of new measures the country will adopt in an attempt to tackle the rising threat. Ransomware is a global problem, and Australian businesses aren't excluded from costly service-disrupting attacks.

Egnyte's latest report, based on a survey of 400 IT executives, examines the challenges of securing and governing unstructured content in today's hybrid and remote work environments. A key finding of the research is that unchecked data growth, combined with a lack of visibility, is increasing the risk of breaches, ransomware, and compliance violations dramatically.

Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more!Offensive Security has released Kali Linux 2021.3, the latest version of its popular open source penetration testing platform. Third-party cloud providers: Expanding the attack surfaceIn this interview with Help Net Security, Fred Kneip, CEO at CyberGRX, talks about the lack of visibility into third-party risk, how to address this issue, and what companies should consider when choosing the right cloud provider.

46% of all on-prem databases globally are vulnerable to attack, according to a research by Imperva. A five-year longitudinal study comprising nearly 27,000 scanned databases discovered that the average database contains 26 existing vulnerabilities.

The US Cybersecurity and Infrastructure Security Agency has released guidance to help government and private sector organizations prevent data breaches resulting from ransomware double extortion schemes."All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems."