Security News

The global cloud migration continues to fuel a market expected to hit the $1 trillion milestone in 2028. A recent report of Forrester Consulting, commissioned by Quali, found that 63% of surveyed IT and decision-makers say their organizations lack the support for a variety of cloud resources.

Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports submitted to it for personal gain. The employee, who had access to HackerOne systems between April 4 and June 23, 2022, for triaging vulnerability disclosures associated with different customer programs, has since been terminated by the San Francisco-headquartered company as of June 30.

A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards. The rogue worker had contacted about half a dozen HackerOne customers and collected bounties "In a handful of disclosures," the company said on Friday.

"Despite defenders' best efforts, cybercriminals continue to defraud, extort, and ransom companies for billions of dollars annually," said Sherrod DeGrippo, vice president of threat research and detection at Proofpoint. Proofpoint entered into the report with a number of assumptions in place, detailing what methods threat actors would go to to carry out an attack, as well as the methods employed to help carry out such attacks.

Timeline May 31: Volexity found zero-day vulnerability in Atlassian Confluence. AI Spera used Criminal IP to determine the number of Atlassian Confluence servers connected to the Internet.

Stop significant B2B or B2C information sharing problems with a tailored approach to encryption. The security of our data is, without question, at the top of any enterprise's priority list.

The U.S. Federal Trade Commission says Americans have reported losing more than $1 billion worth of cryptocurrency to scams between January 2021 and March 2022. The U.S. law enforcement agency said that tens of thousands of reports pointed to over $1.6 billion in cryptocurrency losses.

BeyondTrust's recent 2022 Microsoft Vulnerabilities Report includes the latest annual breakdown of Microsoft vulnerabilities by category and product, as well as a six-year trend analysis, providing a holistic understanding of the evolving threat landscape. In this video for Help Net Security, Morey Haber, Chief Strategy Officer at Beyond Trust, talks about this report, which analyzes data from security bulletins publicly issued by Microsoft throughout the previous year.

An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud. "Just in the first five months of 2022 there has been an increase of more than 40% in malware families that abuse Android OS to perform fraud using the device itself, making it almost impossible to detect them using traditional fraud scoring engines."

Ransomware, supply-chain threats and how organizations and their employees are their own worst enemy when it comes to security are some of the key takeaways of Verizon's annual report on the last 12 months of cyber-attacks. Some findings seem consistent with what the report has highlighted since its inception in 2008, one security professional observed.