In the business world, there are two main paths a company can take with cybersecurity -- the reactive and the proactive approach. The problem with a purely reactive attitude is that it can easily put companies in constant firefighting mode. And for small companies with limited resources, this can turn out to be an increasingly uncomfortable place to be in.
With that in mind, experts today suggest proactive cybersecurity by monitoring suspicious activity and identifying risks before they turn into full-blown attacks. more
Does threat intelligence (TI) work? I looked into that question last year, exploring the reasons why it actually doesn't and what can be done to remediate the situation. Since then, more companies have incorporated TI into their security processes, and many are still not getting the benefits they expect. What's causing the dissatisfaction? Interestingly, pretty much the same aspects... more
Between December 2, 2018 and May 4, 2019, 197,524 phishing domains were discovered, 66% of which directly targeted consumers according to the latest State of the Internet report by Akamai. more
A significant rise has been detected in the use of malware aimed at harvesting consumer data, known as password stealers. more
Equifax has announced a comprehensive resolution for its 2017 cybersecurity incident that includes a fund of up to $425 consumer fund. more
Lake City became the second Florida city to pay a substantial ransomware demand to hackers in less than a week. more
The researchers at Cybereason Nocturnus have identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. This multi-wave attack is reported to have sought to steal communications data of specific individuals in various countries. more
The United States in retaliation to the growing Iranian cyber-activity and the shooting of an unarmed US drone last week has launched a series of cyberattacks against Iran's military IT systems. more
How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more
The United States has shifted its Russia strategy more toward offense and inserted potentially crippling malware inside Russia's electric power grid at a depth and with an aggressiveness that had never been tried before, according to a New York Times's story that broke over the weekend. more
XENOTIME, the notorious group behind what is regarded as the most dangerous malware targetting industrial control systems has expanded its targeting beyond oil and gas to the electric utility sector. more
New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could prevent 33% of cybersecurity data breaches from occurring. more
On May 7, hackers breached parts of the computer systems that run Baltimore's government, taking down essential systems such as voice mail, email, a parking fines database, payment systems used for water bills, property taxes, real estate transactions and vehicle citations. more
The number of DDoS attacks during the first three months of 2019 increased by 84%, compared with the previous quarter. more
Two years after the initial wave of WannaCry attack in May of 2017, security researchers say the ransomware continues to spread to vulnerable devices. WannaCry infection has affected close to 5 million devices to date. more