Security News

While tech workers want to learn and organizations are spending thousands of dollars per employee on learning technology, it is not translating into improved on-the-job performance for 4 out of 10 IT employees, according to Skillable. Inadequate training puts workers at risk of being left behind in the race for tech talent, which is in short supply.

Today, the U.S. Cybersecurity and Infrastructure Security Agency urged technology manufacturers to stop providing software and devices with default passwords. "This SbD Alert urges technology manufacturers to proactively eliminate the risk of default password exploitation," CISA said, by taking "Ownership of customer security outcomes" and building "Organizational structure and leadership to achieve these goals."

A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications...

Human trafficking for the purposes of populating cyber scam call centers is expanding beyond southeast Asia, where the crime was previously isolated. The latest five-month operation discovered that victims from Malaysia were being trafficked to work in Peruvian call centers and Ugandan victims were being trafficked to Dubai for the same reason, only to be diverted to Thailand and then Myanmar.

A Belgian man has been arrested and charged for his role in a years-long smuggling scheme to export military-grade electronics from the US to Russia and China. Belgian law enforcement detained Hans Maria De Geetere, 61, and five others for questioning on December 5.

As the digital transformation of business accelerates, risk and internal audit leaders shift their focus to managing technology-driven risk, according to AuditBoard. In a continuation of a trend identified by the 2023 survey, the top 2024 risk cited by internal audit leaders is cyber and data security, with more than 80% of respondents not only rating this risk highly but also giving it the top spot for expected audit efforts in 2024.

DDoS attacks are cyber threats aimed at disrupting online services by flooding them with excessive traffic. Layer 7 DDoS attacks are a new breed of DDoS that allows attackers to do much more damage with fewer resources.

Marketing apps such as Salesforce, Hubspot, Outreach, Asana, Monday, and Box empower marketing teams, agencies, freelancers, and subject matter experts to collaborate seamlessly on campaigns and marketing initiatives. In this article, we explore the top Marketing SaaS application use cases, from external users and publicly shared links to connected apps and credit cards - and how to ensure the security and integrity of the data stored within them.

Genuinely new ideas are rare in IT – this superhero is ready to make a real difference Opinion Cybersecurity has many supremely annoying aspects. It soaks up talent, time, and money like the...

The recent attacks were discovered by researchers at cybersecurity company CrowdStrike, who made the attribution based on infrastructure overlaps with past campaigns, observed tactics, techniques, and procedures, the use of the IMAPLoader malware, phishing lures. In a report published earlier this week, researchers say that Imperial Kitten launched phishing attacks in October using a 'job recruitment' theme in emails carrying a malicious Microsoft Excel attachment.