Security News

Critical Insight Reports Fewer Cybersecurity Breaches in Health Care, Yet Victim Numbers Are Up in 2023
2023-08-24 13:12

A new study by Critical Insight shows that cybersecurity attacks in the health care sector are hitting more individuals and finding vulnerabilities in third-party partners. A new study by cybersecurity firm Critical Insight noted that while the sheer number of breaches against health care facilities is actually down, there is a spike in the number of people who have been affected by attacks as well as an increase in supply chain and third-party targets.

Surviving the 800 Gbps Storm: Gain Insights from Gcore's 2023 DDoS Attack Statistics
2023-07-06 11:22

The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood. In 2021, the capacity of DDoS attacks was up to 300 Gbps. In 2022, the attack capacity was about 650 Gbps. In Q1-Q2 of 2023, we see a capacity of about 800 Gbps. Alt Text: Illustration of attack raising from 300 Gbps in 2021 and 650 Gbps in 2021 to 800 Gbps in 2023.

Gigamon’s Cloud Security Report Shares Insights on Undetected Breaches & Deep Observability
2023-06-30 17:47

Findings in network intelligence firm Gigamon's Hybrid Cloud Security Survey report suggest there's a disconnect between perception and reality when it comes to vulnerabilities in the hybrid cloud: 94% of CISOs and other cybersecurity leaders said their tools give them total visibility of their assets and hybrid cloud infrastructure, yet 90% admitted to having been breached in the past 18 months, and over half fear attacks coming from dark corners of their web enterprises. Key to understanding hybrid cloud security Must-read security coverage Google offers certificate in cybersecurity, no dorm room required The top 6 enterprise VPN solutions to use in 2023 EY survey: Tech leaders to invest in AI, 5G, cybersecurity, big data, metaverse Electronic data retention policy.

Okta’s Security Center opens window to customer insights, including threats and friction
2023-05-18 19:25

The 14-year-old company and single sign-on market share leader announced this month that it is adding a key element of visibility, the Security Center, to its Auth0-powered Okta Customer Identity Cloud. The Security Center dashboard is designed to give near real-time asset visibility to teams focused on customer identity, user experience and security.

Enhancing open source security: Insights from the OpenSSF on addressing key challenges
2023-05-18 04:30

Brian Behlendorf, CTO at the Open Source Security Foundation, shares insights on the influence of his experiences with the White House CTO office, World Economic Forum, and Linux Foundation on leading the OpenSSF and addressing open-source security challenges. Like all software projects, open source software projects are never over-staffed; they are volunteers struggling not just to write the functionality they need but also to fix the bugs they and others find, paying down technical debt and implementing better security practices and tools often fall way behind in priority compared to new feature work and bug-fixing.

Web entity activity reveals insights into internet security
2023-05-15 03:30

For its recent research focusing on web entities, Censys leveraged its internet-wide scan data to understand better the applications and services that have become core to our existence, evaluating the state of security on the modern internet. In this Help Net Security video, Himaja Motheram, Security Researcher at Censys, offers insight into the assets and weaknesses across organizations' internet infrastructure.

Data-driven insights help prevent decisions based on fear
2023-05-02 03:30

Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. "We launched the Data Security Incident Response Report nine years ago because we recognized that organizations were making data-driven decisions about other areas of risk and compliance and that there was no source for that purpose for data security," said Theodore J. Kobus III, chair of BakerHostetler's Digital Assets and Data Management Practice Group.

Data-backed insights for future-proof cybersecurity strategies
2023-04-12 04:00

In this Help Net Security interview, Travis Smith, VP of the Qualys TRU, talks about the 2023 Qualys TruRisk Threat Research Report, which provides security teams with data-backed insights to help them better understand how adversaries exploit vulnerabilities and render attacks. What tactics have threat actors used to exploit the most critical vulnerabilities, and what can organizations do to protect themselves?

The role of human insight in AI-based cybersecurity
2023-03-03 03:45

If AI-based cybersecurity tools leveraged RLHF, they would be immensely powerful, intuitive, and effective and could improve detection and response times to even the most sophisticated threats. RLHF can be used to train AI-based models to detect and respond to potential threats more effectively by using human feedback to learn from real-world examples.

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
2023-02-27 15:33

The RIG exploit kit touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. Exploit kits are programs used to distribute malware to large numbers of victims by taking advantage of known security flaws in commonly-used software such as web browsers.