Security News

Enforcing a password policy that helps end-users create stronger passwords and blocks the use of weak and common phrases will make it more difficult for hackers. Specops data shows that 83% of compromised passwords satisfied both length and complexity requirements of regulatory password standards.

Leaked credentials from traditional sources are still a prominent and substantial risk to organizations. We monitor more than 14 billion leaked credentials found from dumps across the dark web.

90% of the world's largest energy companies experienced a third-party breach in the past 12 months, according to SecurityScorecard. 92% of the energy companies evaluated have been exposed to a fourth-party breach.

The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief...

To put an end to the growing, existential threat that healthcare faces, it will take creativity, innovation, partnership, and a willingness to change the current state of IT security and risk management in healthcare. How has the transition to cloud computing changed the cybersecurity landscape for healthcare organizations?

Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is soaring, as is the number of incidents becoming public. "Several factors are combining to make data exfiltration more attractive for threat actors. The scope and amount of personal information being collected is increasing, while privacy and data breach regulations are tightening globally. At the same time, the trends towards outsourcing and remote access leads to more interfaces for threat actors to exploit."

The cost of data breaches to all businesses is at its highest level ever with an average cost of more than $4.4 million globally, more than $5.1 million in Canada, and more than $9.4 million in the U.S. This financial impact could cripple a small business as they face potential regulatory actions and fines, legal fees, and the loss of customers. 3 in 4 small business leaders and 94% of the individual consumers surveyed said they are concerned about future data breaches.

The U.S. Federal Trade Commission has amended the Safeguards Rules, mandating that all non-banking financial institutions report data breach incidents within 30 days. "The addition of this disclosure requirement to the Safeguards Rule should provide companies with additional incentive to safeguard consumers' data."

The rise of API use has also led to an increase in the number of API breaches. For these reasons, it's essential to implement robust security measures to protect your APIs, and the data traversing them, to prevent breaches from occurring.

Among organizations that have suffered data breaches 58% were caused by issues related to digital certificates, according to a report by AppViewX and Forrester Consulting. According to the Forrester study, "Enterprise organizations have traditionally been less focused on managing machine identities compared to human ones, partly because they have different requirements and more complicated lifecycle and security challenges. These digital certificates offer authentication and protect sensitive information. Yet, few are confident in successfully layering and managing identity security across machines and navigating responsibility assignment for privacy and security."