In new research from HelpSystems interviewing chief security officers in financial institutions about the security challenges they face, more than a third (35%) of survey respondents cite insider threats as one with potential to cause the most damage in the next 12 months.
Spoofed websites are a common avenue for cyberattacks. To better understand the scope of this phenomenon, it’s important for security professionals and organizations to know just how widespread the problem is.
(ISC)² released its 2020 Cybersecurity Workforce Study. For the first time, the study indicates a year-over-year reduction in the cybersecurity workforce gap, due in part to increased talent entry into the field and uncertain demand due to the economic impact of COVID-19.
Starting on December 8, Apple will require all third-party developers to detail their app’s privacy information, according to an Apple post. Security experts note that this new update (iOS 14) puts additional focus on user privacy, and in particular gives users better visibility into their personal information that is shared with third parties.
Security alerts are imperative for effectively mitigating and preventing cyberattacks. But, a key challenge of modern threat protection solutions is the sheer number of alerts they generate – leading to “alert fatigue.”
To learn more about the dangers of alert fatigue, we talk to Mark Kedgley, CTO at New Net Technologies (NNT).
The Office of the Comptroller of the Currency (OCC) reported the key issues facing the federal banking system and the effects of the COVID-19 pandemic on the federal banking industry in its Semiannual Risk Perspective for Fall 2020.
While the technical root causes are the same, the impact of an IoT botnet attack on consumer versus enterprise and industrial devices is vastly different. An attack on a consumer gadget could be limited to a privacy issue, whereas the effect of a successful breach on a commercial device can have a significant production or safety cost. That’s why it’s more critical than ever for IT and OT security professionals to understand and be prepared to defend against this growing threat.
One type of social engineering attack is the personalized-message, which often ends up in the hands of the CEO or another executive who would have access to sensitive files and information. Until recently, email was the dominant medium by a wide margin. However, recently, attackers have started to move to social media and text messages. What can you do about it?
Although DDoS as a threat vector may have been overshadowed in the media as a result of several high-profile ransomware operations this year, instances of DDoS attacks show little sign of slowing down as a common tool for malicious actors.
According to new Digital Shadows research, 2020 saw the largest DDoS attack on record, peaking at rate of 2.3 terabytes per second and causing three days of downtime for the targeted business.
The Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (collectively, the agencies) issued an interagency paper titled “Sound Practices to Strengthen Operational Resilience.” The sound practices paper generally describes standards for operational resilience set forth in the agencies’ existing rules and guidance for domestic banking organizations that have average total consolidated assets greater than or equal to (1) $250 billion or (2) $100 billion and have $75 billion or more in average cross-jurisdictional activity, average weighted short-term wholesale funding, average nonbank assets, or average off-balance-sheet exposure.
RSS
