Large organizations have significantly strengthened their cyber workforce in 2024, according to cyber consultancy Wavestone. In its Cyber Benchmark 2024 report, Wavestone found that, on average, companies with over $1bn in revenues have one expert dedicated to cybersecurity for 1086 employees. In 2023, the same organizations had one cyber professional for 1285 employees – a
Month: June 2024
Video Learn about the categories of threats that ‘topped the charts’ and the kinds of techniques that bad actors leveraged most commonly in the first half of this year. 28 Jun 2024 This week, the ESET research team released the H1 2024 issue of ESET Threat Report that examines the key trends and developments that
Jun 29, 2024NewsroomCybersecurity / Website Security Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner. “Over the past several years, publicly disclosed incident reports
Remote software provider TeamViewer has been hit by a cyber-attack that it has attributed to Russian state-affiliated threat actor Midnight Blizzard/APT29. The firm revealed it identified suspicious behavior on a standard employee account within its corporate IT environment on Wednesday, June 26. It has tied the incident to the credentials of that account. TeamViewer said
Business Security Why organizations of every size and industry should explore their cyber insurance options as a crucial component of their risk mitigation strategies Tony Anscombe 26 Jun 2024 • , 5 min. read Offsetting business risk with insurance is not new. Early mariners transporting their goods around the world hundreds of years ago faced
Jun 28, 2024NewsroomCyber Espionage / Cyber Attack The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the
A third (33%) of security leaders believe companies often sacrifice long-term security for cost savings. The data comes from Bugcrowd’s 2024 Inside the Mind of a CISO report, which also suggests that 40% of security leaders think fewer than one-third of companies understand their breach risks. Despite these concerns, nearly 87% of security leaders are actively
The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat’s transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation. “With its latest updates to the crypto miner, ransomware payload, and rootkit elements, it
Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products. The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration (CVE-2024-5806). It affects the Secure File Transfer Protocol (SFTP) service from version 2023.0.0 to 2023.0.11, 2023.1.0 to 2023.1.6 and 2024.0.0 to 2024.0.2. The second is an
Privacy VPNs are not all created equal – make sure to choose the right provider that will help keep your data safe from prying eyes Phil Muncaster 25 Jun 2024 • , 6 min. read In a world of remote working and heightened privacy and security concerns, virtual private networks (VPNs) have become an indispensable
Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following versions – From 2023.0.0 before
New fraud campaigns have been discovered involving the Medusa (TangleBot) banking Trojan, which had evaded detection for nearly a year. An analysis published by Cleafy researchers last week revealed that this sophisticated malware family, first identified in 2020, has resurfaced with significant changes. This malware, known for its remote access Trojan (RAT) capabilities, includes keylogging,