The percentage of open source code in proprietary apps is rising

The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging vulnerabilities in them, a recent report has shown. Compiled after examining the findings from the anonymized data of over 1,100 commercial codebases audited in 2017 by the Black […]

Europe continues to be a cybercrime hub

ThreatMetrix announced new data revealing a 30 percent year-on-year increase in the volume of cyberattacks hitting Europe in the first quarter of 2018. As attacks patterns morph across the region, European digital businesses were hit with 80 million fraud attempts, as they experienced more pronounced spikes of peak attack periods throughout Q1 2018 compared to […]

Companies ditch data as GDPR deadline approaches

A new study from IBM reveals that nearly 60 percent of organizations surveyed are embracing the GDPR as an opportunity to improve privacy, security, data management or as catalyst for new business models, rather than simply a compliance issue or impediment. To reduce their exposure, the study indicated that the majority of companies are being more selective in […]

IT Pros Worried About IoT But Not Prepared to Secure It

Some 85% of IT professionals believe their country will suffer a major critical infrastructure cyberattack in the next five years and 64% say they’re more concerned this year than last about connected device threats in their organizations – and slightly fewer are actually doing anything about Internet of Things security. The 2018 Internet of Evil Things […]

Phishers increasingly targeting cloud storage and SaaS

The Anti-Phishing Working Group (APWG) has been tracking notable increases in phishing campaigns that target SAAS/webmail providers, as well as increased attacks on financial / banking targets and cloud storage and file-sharing sites. But banks remain the most popular targets, with phishers stealing customers’ online banking credentials. APWG member MarkMonitor detected phishing attacks targeting 454 organizations in […]

Most businesses believe stronger data protection policies will lead to fewer breaches

In light of new data privacy legislations, a new Webroot report looks at how businesses in the U.S., U.K., and Australia are adjusting to new data security measures in order to meet compliance requirements. Specifically, the report measures organisations’ readiness to comply with the General Data Protection Regulation (GDPR), and Australia’s Notifiable Data Breaches (NDB). The results reveal that […]

Open-source vulnerabilities plague enterprise codebase systems

A new report into the state of enterprise security suggests that the majority of codebases in use contain known vulnerabilities due to the use of open-source components. Synopsys has released the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis (OSSRA) report, which found that open-source adoption is on the rise in the enterprise — but […]

25% of companies affected by cloud cryptojacking

Cryptojacking has unquestionably gone mainstream. Despite heavy media and industry attention, organizations are struggling to meet compliance requirements in public cloud environments, according to RedLock. On the flip side, there’s evidence that companies are becoming more aware of cloud account compromises and implementing best practices to prevent attacks, but there’s still no shortage of new attack vectors […]

The pace of vulnerability disclosure shows no signs of slowing

Unless the pace of vulnerability disclosure slows down in the coming quarters, we are looking at yet another record-breaking year, according to Risk Based Security’s 2018 Q1 Vulnerability QuickView Report. 5,375 unique vulnerabilities were reported. This is just a 1.8% increase over the same period in 2017. Note that this number will continue to rise […]

Cyber crime: Under-reporting of attacks gives hackers a green light, say police

Organisations which don’t report that they’ve been the victim of cyber crime are putting others at risk of further attacks and are hampering the authorities’ ability to fight against hackers, the UK’s serious and organised crime unit has warned. The National Crime Agency has issued the warning to businesses as part of its National Strategic Assessment of […]