Security News

59% of CTOs still see human error as the main security threat to their business, alongside other prominent concerns such as ransomware and phishing, a research from STX Next reveals. The research surveyed 500 global CTOs about the biggest challenges facing their organization.

You'll be much better prepared to face them down if you have an in-depth understanding of how things have played out this year and what the finest minds in the sector expect the next 12 months to bring. With barely six weeks of this year left, how can you achieve this? By joining the Sophos Cybersecurity Summit 2021, on December 1, from 1000 GMT. This compact virtual conference will serve up seven in-depth sessions in just four hours from practitioners, analysts, and of course Sophos' own highly experienced staffers, all of whom have deep front-line experience against cyber-threats.

Researchers set up 320 honeypots to see how quickly threat actors would target exposed cloud services and report that 80% of them were compromised in under 24 hours. Malicious actors are constantly scanning the Internet for exposed services that could be exploited to access internal networks or perform other malicious activity.

An alert issued Monday by the Cybersecurity and Infrastructure Security Agency and the FBI urged organizations to be on guard for ransomware attacks that take advantage of worker downtime during Thanksgiving. Launching cyberattacks during a holiday or even a weekend is hardly a new strategy for criminals.

The research found that fraud fighters - professionals tasked with investigating and prosecuting insurance fraud - in North America were the least prepared for threats from abroad. "Organized rings, both foreign and domestic, are stealing billions," Coalition Co-Chair David Rioux of Erie Insurance said. Globalized insurance fraud is not a priority at all for 27.7% of respondents and a low-to-medium priority for 57.5% of respondents, leading to a lack of resources and time invested in day-to-day operations fighting global insurance fraud.

This year saw multiple examples of advanced persistent threats under the spotlight, allowing us to predict what threats might lead the future. Advanced persistent threats, which focus on cyberespionage goals, are a constant threat to companies, governments and freedom activists, to name a few.

Learn how to build a resilient disaster response plan Webinar You can’t predict when a disaster will strike your organisation, whether it’s extreme weather, workplace violence, or a cyber attack.…

While the volume of malicious apps targeting mobile devices is not as high as those plaguing desktops, these apps are common-especially those targeting the Android platform. The unwanted mobile apps we see most often include adware, which monetizes itself by displaying advertising on a device.

71% of VPs and CIOs believe that the high number of cybersecurity tools they use negatively impacts their organization's ability to detect and prevent threats, a Perimeter 81 report reveals. The research evaluated responses from 500 IT professionals at companies with 50 or more employees in the US. It covers new trends in the workforce due to COVID-19, how those changes have affected cybersecurity, and their impact on IT professionals.

Britain's National Cyber Security Centre is prepared to share its cyber defence tech and threat intel feeds with British organisations in need of extra help, it said at the launch of its annual review today. You probably don't want the country's DNS being run by GCHQ! Chief techie Ian Levy highlighted the NCSC's Protective DNS service to The Register as one example of good things the cyber defence organisation has done, with the custom DNS resolver service being used by 1,000 NHS supply chain firms to prevent their devices visiting known malicious web domains.