Security News

Organizations globally are under tremendous pressure to address evolving threats like ransomware, zero-day vulnerabilities, and espionage, and they face challenges in extending security coverage across multiple environments and dealing with an ongoing skills shortage, according to Bitdefender. "The results of this survey demonstrate, more than ever, the importance of layered security that delivers advanced threat prevention, detection and response across the entire business while improving efficiencies that allow security teams to do more with less," said Andrei Florescu, deputy GM and SVP of products at Bitdefender Business Solutions Group.

For SlashNext's The Mobile BYOD Intelligence Report, the company surveyed 300 individuals about the use of personal devices for work, how employers balance security and employee privacy with the popularity of Bring Your Own Device, and the resulting gaps in cybersecurity. Right off the bat, the survey found that the use of personal devices for work has been increasing.

Even though your company may not have suffered a direct breach, your data may already be on the Dark Web. Breaches end up being marketed by hackers with data descriptions and auction demands, often in Bitcoin.

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. The malware is mainly designed to single out Unix-like platforms running x86, x64 and ARM architectures, with GoBruteforcer attempting to obtain access via a brute-force attack using a list of credentials hard-coded into the binary.

The impact a data breach can have on individuals can be devasting; getting back to something that vaguely resembles normality is very challenging. There are obviously huge differences between individuals and organizations regarding security.

Cyber attack risks faced by businesses across states and reported data breaches are relative to the respective state governments' cybersecurity investment, according to Network Assured. While expectedly, California, with its high concentration of businesses in technology and healthcare recorded the highest number of data breaches at 1,338, the relatively small state of Maryland ranked 5th worst in the nation with 343 breaches.

In this Help Net Security video, Caroline Wong, Chief Strategy Officer at Cobalt, offers valuable insight into what leaders can do to instill stronger cybersecurity practices from the bottom up...

The number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to Critical Insight. Healthcare industry sees a decrease in data breaches.

Subsequently, the first attacker group monetized the first attack not only through the ransom they obtained, but also by selling the company's network information to the second ransomware group. In the 13 months between the two attacks, the victim changed its network and removed servers, but the new attackers were not aware of these architectural modifications.

Toyota's Global Supplier Preparation Information Management System was breached by a security researcher who responsibly reported the issue to the company. The issues were responsibly disclosed to Toyota on November 3, 2022, and the Japanese car maker confirmed they had been fixed by November 23, 2022.