The cybersecurity industry is facing a challenge to find qualified candidates. Here’s what recruiters, educators, and employers can do to fill the talent gap.
It only takes one successful attack to spell disaster for a company. Learn how to protect your company with this email security best practice guide.
Study shows that more than 35% have suffered seven or more successful attacks.
The social media giant also started warning about 50,000 people it believes may have been targeted in more than 100 nations.
HAECHI-II initiative represents Interpol's stepped-up efforts to tackle the operators of financially motivated online scams and other cyberattacks.
Analysis of threat trends from last quarter reveals attackers ramped up their use of fileless malware, and zero-day malware accounted for almost two-thirds of all detections.
At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.
Redmond's latest OS will run only on systems with TPM 2.0 chips.
What we really have is an automation-in-the-wrong-place problem.
Following their release of 70 different vulnerabilities in different implementations of TCP/IP stacks over the past year, two companies find a common link.
The pandemic's decline won't stop the work-from-home trend nor the implications for cybersecurity, so it's crucial to minimize the threats.
Rust offers a safer programming language, but adoption is still a problem despite recent signs of increasing popularity.
A peek at open XDR technology, and defense that held up better than the Kansas City Chiefs.
The World Economic Forum says cyberattacks will be one of the top global business risks over the next 10 years.
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.
Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features.
Our polarized climate and COVID-19 are putting the nation's cybersecurity in imminent danger, and it's past time to act.
Security pros and former government employees share their expectations and concerns for the new administration - and their hope for a "return to normal."
These trends show that AI security is more important in stopping cybersecurity threats and data breaches.
Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
Mobile providers don't often update users when applications are not supported by developers, security firm says.
As an industry, we must move beyond one-dimensional approaches to assessing ransomware exposures. Asking these four questions will help.
There's an art to reporting security metrics so that they speak the language of leadership and connect the data from tools to business objectives.
The carpentry maxim "measure twice, cut once" underscores the importance of timely, accurate, and regular metrics to inform security leaders' risk decisions.
As new technologies disrupt the industry, remember that security is a process, not a goal. Educate yourself on how you can best secure your corner of the Web.
The Cybersecurity and Infrastructure Security Agency (CISA) publishes a draft document mandating a vulnerability disclosure policy and a strategy for handling reports of security weaknesses.
A feature that's supposed to make your account more secure -- adding a cellphone number -- has become a vector of attack in SIM-swapping incidents. Here's how it's done and how you can protect yourself.
With their lens into the human side of business, human resources can be an effective partner is the effort to train employees on awareness and keep an organization secure.
Cybersecurity professionals often talk about the economic drivers of security. But should the conversation shift to include a moral component? At least one analyst says "yes."
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.
Smart cities are the future of our urban centers, and even of suburbs and small towns – and this transformation is critical. Equipped with sensors and constantly collecting data, this tech revolution aims to make crowded cities more efficient, keep residents safer, and even helpprotect our environment through resource management. Making this shift, however, will require big investments on the part of both government bodies and businesses. This is particularly true when it comes to reducing energy waste.
Is it rude to ask someone to shut off their Alexa? Ask the family who's written the book on etiquette for nearly 100 years - the descendants of Emily Post herself.
IoT cybersecurity threats are continually increasing and becoming more sophisticated, so it's important to protect yourself.
Research highlights how most criminals exploit human curiosity and trust to click, download, install, open, and send money or information.
It won't be long before we consider embodied AI as a form of "life" - and that will have a variety of paradigm-shifting, somewhat irritating, and potentially hilarious impacts on the daily lives of cybersecurity and privacy professionals.
What's missing in today's TPCRM programs is visibility into third-party ecosystems. Here's how to bridge the gap.
Is there something strange about your network activity? Better make sure all of your IoT devices are under control.
Despite increasing threats, many organizations continue to run with only token cybersecurity and resilience.
The Village of Key Biscayne hacking comes a week after Riviera Beach in South Florida agreed to pay $600,000 in ransom to hackers last week.
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
Spam has given way to spear phishing, cryptojacking remains popular, and credential spraying is on the rise.
Incident response demands technical expertise, but you can't fully recover without non-IT experts.
Theranos flamed out in spectacular fashion, but you can still learn from the company's "worst practices."
If a company or individual is powerful, they are vulnerable to a dangerous cyber attack, and that's where we come in.
New technology can help cybersecurity bridge the talent gap, but tech won't do much without people to operate it.
Hacking by external actors caused most breaches, but Web intrusions and exposures compromised more records, according to Risk Based Security.
New global survey shows businesses are valuing IoT security more highly, but they are still challenged by IoT data visibility and privacy.
This new form of crypto wallet fraud enlists unwary consumers and companies to help defeat anti-money laundering methods for law enforcement and regulators.
Machine intelligence, in its many forms, began having a significant impact on cybersecurity this year - setting the stage for growing intelligence in security automation for 2019.
When most people think of buying tickets for a flight, or making other travel-related purchases, they might reach into their wallet for their credit card. But did you know you might be able to pay with a form of digital cryptocurrency, like Bitcoin?
Tens of millions of dollars stolen from at least eight banks in East Europe, Kasperksy Lab says.
Stolen credentials for industrial control system workstations are fast becoming the modus operandi for ICS attacks by cybercriminals.
Two reports call out the most serious malware attacks and attackers of the year (so far).
Instead of simply fleeing when discovered, adversaries are actively engaging with incident response teams, a new Carbon Black study finds.
Linux powers many of the IoT devices on which we've come to rely -- something that enterprises must address.
Emerging threats over the next two years stem from biometrics, regulations, and insiders.
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
The vulnerability, found in Struts' core functionality, could be more critical than the one involved in last year's Equifax breach.
A closer look at native threat intelligence capabilities built into major cloud platforms and discussion of their strengths and shortcomings.
Keep your company protected with a mix of old- and new-school technologies.
New Accenture study finds half of businesses provide cybersecurity training for new hires and only 40% of CISOs prioritize building or expanding insider threat programs.
Security teams must expand strategies to go beyond simply identifying details tied to a specific threat to include context and information about attack methodologies.
A glimpse into how two new products for intrusion detection and entity resolution are using AI to help humans do their jobs.
Attacks directed at targets in Singapore went through the roof earlier this week.
A deep dive into the issues surrounding an HTML email attack.
If cybercrime were a country, it would have the 13th highest GDP in the world.
Another widespread worm attack is "inevitable," but spreading a different more lucrative or destructive payload, experts say.
The expenses and actions typically associated with a cyberattack are not all created equal. Here's how to explain what's important to the C-suite and board.
Understanding the different types of hackers, what motivates them, and the malware they use can help you identify the attacks you are most likely to face and how to properly defend yourself and your organization.
Azure Sphere, now in preview, is a three-part program designed to secure the future of connected devices and powered by its own custom version of Linux.
Outside attackers still the biggest problem - except in healthcare.
AVCrypt tries to disable anti-malware software before it can be detected and removed.
Man-in-the-browser attacks targeting Blockchain.info and Coinbase websites, SecurityScorecard says.
Unauthorized cryptocurrency mining can consume processing power and make apps unavailable as well as lead to other malware.
Far from helping organizations defend themselves, hacking back will escalate an already chaotic situation.
A comprehensive new report from Cisco should "scare the pants off" enterprise security leaders.
The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro.
Expect more as the year goes on: more breaches, more IoT attacks, more fines..
News has surfaced of a breach of sensitive data of California state employees.
In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.
Companies overlook critical security steps as they move to adopt the latest cloud applications and services.
Ransomware operators have begun warning their victims to not use the tor proxy sites for making ransom payments.
Jackpotting is an attack / technique to exploit ATMs to make them dispense cash without withdrawing it from a bank account – Now, U.S. ATMs are under Jackpotting attack.
Serverless architectures take away business responsibility for server management, but security should still be top of mind.
I am sincerely sorry about this and hope that we will get the funds back," the creator of BlackWallet said.
FakeBank can steal sensitive information from the device including phone numbers, balance on a linked bank card and location data.
Robots, voting machines, machine learning, and the wind were among the hacks security researchers pulled off this year.
Forensic examiners don't work for bounties. They do what is required to catch criminals, pedophiles, or corporate embezzlers, and now their important security research is finally being acknowledged.
Developers can play a vital role in accelerating the adoption of AppSec practices, security vendor says.
We can now recover evidence from the RAM on a cellphone, even if the account is locked, and use it to prosecute a case.
A look back at WannaCry, NotPetya, Locky, and other destructive ransomware campaigns to infect the world this year.