Tag: Report

The attack surface is growing faster than it has at any other point in the history of technology

Avast launched its annual Threat Landscape Report, detailing the biggest security trends facing consumers in 2019 as collected by the Avast Threat Labs team.

“This year, we celebrated the 30th anniversary of the World Wide Web. Fast forward thirty years and the threat landscape is exponentially more complex, and the available attack surface is growing faster than it has at any other point in the history of technology,” commented Ondrej Vlcek, President of Consumer at Avast.

Read about the findings of the new Avast report on Help Net Security.

60% of Organizations Suffered a Container Security Incident in 2018, Finds Study

Many organizations have DevOps on their mind going into 2019. Firms will confront growing complexity and risk as they work to scale their DevOps initiatives in 2019. Part of this risk will come from their containers, for many organizations still lack transparency into these software pieces.

If they are to adequately mitigate their risk and minimize their exposure to digital threats, organizations will need to secure their containers. But are they prepared to do this? Tripwire’s State of Container Security Report found that 60 percent of organizations had been hit with at least one container security incident within the past year.

Read more about the findings of the new report on Tripwire.

AI in Security Carries as Many Questions as Answers

Nearly three-quarters of all organizations have implemented security projects that have some level of intelligence built in. And the more security alerts a company sees in a day, the more likely it is to look to machine intelligence in order to deal with the flood.

Those are just two of the conclusions reached in a new white paper, “The State of AI in Cybersecurity: The Benefits, Limitations and Evolving Questions,” published today by Osterman Research. The report, based on more than 400 surveys of organizations with more than 1,000 employees, asked questions about the use of AI and the results of that use.

Read more about the findings of the new report on Dark Reading.

Cyber attacks a growing threat to cities globally

The potential impact of cyber attacks on the economy of the world’s largest cities has risen by nearly nine per cent in the last year, according to the 2019 update of the Global Risk Index from the Centre for Risk Studies at Cambridge Judge Business School.  Cyber risk has now risen from seventh to sixth place among global threats in the index.

The research is unique in making an annual quantification of the potential GDP impact of unpredictable shocks on the world’s most prominent cities.  The 2019 update to the Global Risk Index sees a uniform rise in GDP@Risk across all the 279 world cities that make up the index and more significant increases in risk for some urban centres.

Read more about the findings of the Global Risk Index on BusinessWeekly.

The solution to dysfunctional cybersecurity and network teams

One might expect people on different teams of a company’s IT department to be on the same page and have a certain amount of work-related trust for each other. However, a BlueCat Networks sponsored International Data Group (IDG) survey found that this isn’t always the case.

Over 65% of respondents indicated their company has experienced two or more cybersecurity events, while only 38% of the survey participants believe their organization is capable of defending against a cybersecurity event. The report does not mince words as to why: “Business investments in network operations and cybersecurity may be shortchanged if the teams responsible for those areas aren’t collaborating.”

Read more about the report’s findings and implications on TechRepublic.

How Facebooks Tracks Non-Users via Android Apps

If you quit Facebook or never joined because of its data collecting practices the odds are good the social network is still tracking you – despite your protest.

Facebook collects data of non-users of its social network via dozens of mainstream Android apps that send tracking and personal information back to the social network. Some of the dozens of apps sharing data with Facebook include KayakYelp and Shazam, according a report presented by Privacy International at 35C3. “Facebook routinely tracks users, non-users and logged-out users outside its platform through Facebook Business Tools,” according to the report.

Read more about the findings of the report on Threatpost.

Malwarebytes: Fileless ransomware an emerging threat for U.S.

A completely fileless ransomware, dubbed Sorebrect, is “one of the first of its kind” to combine traditional ransom functionality with fileless tactics, according to a new Malwarebytes report.

In “Under the Radar: The Future of Undetected Malware,” Malwarebytes detailed four fileless attacks observed throughout 2018, including Emotet, TrickBot, SamSam and Sorebrect. The report referenced a study from the Ponemon Institute, which stated that “fileless malware attacks are estimated to account for 35% of all attacks in 2018, and they’re almost 10 times more likely to succeed than file-based attacks.”

Read more about the findings of the Malwarebytes report on TechTarget.

How China Helped Make the Internet Less Free in 2018

As democracies around the world struggle to hold back the rising tide of authoritarianism, a similar crisis is unfolding online. Three factors converged this year to make 2018 the eighth straight year that global internet freedom declined, according to an annual report from the nonprofit Freedom House: increasing censorship in response to disinformation, the widespread collection of personal data, and a growing group of countries emulating China’s model of digital authoritarianism.

Not only does China once again rank as the worst abuser of internet freedom, it is actively exporting its techno-dystopian model to other countries according to the report.

Read more about the findings of the Freedom House report on Wired.

DevSecOps is having a positive impact on security, but the state of security still has a long way to go

Even with a stronger focus on security this year, most software is still riddled with security vulnerabilities. According to Veracode’s State of Software Security (SOSS) report, 87.5 percent of Java applications, 92 percent of C++ applications, and 85.7 percent of .NET application contain at least one vulnerability. In addition, over 13 percent of applications contain at least one critical vulnerability.

“Our annual SOSS data puts hard evidence on the table to explain why so many security professionals experience anxiety when they think about application security (AppSec),” the report stated.

Read more about the findings of the Veracode report on SD Times.

How cybercrime is punished around the world

Next year could see cybercrime’s total cost to the world economy rise to more than $2 trillion. We’ll inevitably see new threats emerge and existing threats grow more sophisticated too.

A new infographic by solicitors Cartrwight King sets out some facts and stats about this burgeoning problem, including the states cybercriminals typically hail from and how government’s around the world have punished those caught (though of course few are caught).

See the infographic on IFSEC Global.