Security News

TikTok cannot be considered a private company, says Australian report
2023-03-19 23:30

Asia In Brief ByteDance, the Chinese developer of TikTok, "Can no longer be accurately described as a private enterprise" and is instead intertwined with China's government, according to a report [PDF] submitted to Australia's Select Committee on Foreign Interference through Social Media. The report alleges that China's government noticed as Douyin - the Chinese version of TikTok - boomed.

Google One expands security features to all plans with dark web report, VPN access
2023-03-09 08:16

Secondly, introducing the dark web report in the U.S. will aid in better monitoring personal information.Google One has announced that VPN access will be expanded to all its plans, including the Basic plan that starts at $1.99/month.

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
2023-03-02 11:35

The report also details the top browser security threats of 2022, which include phishing attacks via high reputation domains, malware distribution via file sharing systems, data leakage exploiting personal browser profiles, outdated browsers, compromised passwords, vulnerable unmanaged devices, high-risk extensions, shadow IT, and account takeovers with phishing credentials. In addition to the stats and analysis of the prominent threats, the report provides a retrospect of the main news stories that left a mark in the world of browser security in 2022.

Visualize change with an out-of-the-box configuration report
2023-03-01 03:45

Your technology is always changing, and you often play catchup to secure it. This isn't easy in the cloud when you share security responsibility with the cloud service providers.

Pen testing report: IT budgets should focus on entire security stack
2023-02-28 19:05

With a focus on the security of web app firewalls, pen tests target application programming interfaces, servers and any leaky point of entry. Security firm Pentera's second annual report on pen testing deployment in the U.S. and Europe found that 92% of organizations are lifting their overall IT security budgets.

Shocking Findings from the 2023 Third-Party App Access Report
2023-02-27 14:39

SaaS-to-SaaS app installations are growing nonstop at organizations around the world. Third-party app connections typically take place outside the view of the security team, are not vetted to understand the level of risk they pose.

Report: Stress will drive a quarter of cyber defenders out the door
2023-02-23 20:16

Relief may not come soon, if research firm Gartner's predictions hold true that fully a quarter of security leaders will depart the cybersecurity field entirely by 2025 due to work pressures. In a new report, the firm predicts that nearly half of cybersecurity leaders will change jobs, and that by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents.

Healthcare giant CHS reports first data breach in GoAnywhere hacks
2023-02-14 16:26

The healthcare provider giant said on Monday that Fortra issued an alert saying that it had "Experienced a security incident" leading to some CHS data being compromised. A subsequent investigation revealed that the resulting data breach affected the personal and health information of up to 1 million patients.

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
2023-01-31 11:08

The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. The use of SDelete is notable, as it suggests that Sandworm has been experimenting with the utility as a wiper in at least two different instances to cause irrevocable damage to the targeted organizations in Ukraine.

Lessons Learned from the Windows Remote Desktop Honeypot Report
2023-01-25 15:06

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system. Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?