Editor's News

New research has revealed that one in three untrained employees will click on a phishing link, according to the 2022 Phishing by Industry Benchmarking Report from KnowBe4. With ransomware payments averaging $580,000 in 2021 and business email compromise (BEC) losses topping $1.8 billion in 2020, a cyber attack can wreak havoc on an organisation. Yet, according to the baseline testing conducted for the report, without security training, across all industries globally, 32.4% of employees are likely...

Outpost24 has announced it has been acquired by Vitruvian Partners to take the company into the next phase of growth. The new ownership structure will enable Outpost24 to invest in its people, processes, and industry-leading technology to further strengthen its leadership position in a large and growing market. Vitruvian has acquired a majority ownership position in the Company, with management and key employees remaining significant minority shareholders. With over 2,500 customers in more than countries,...

With results from more than 100 professionals in cybersecurity, Armis released a survey that explored the risks and struggles within the industry as the environment changes. As the landscape of cybersecurity changes rapidly, security intel being reported to companies may be constantly outdated. According to the results, while top management in companies in the past 6 months have spent more time involved with cybersecurity concerns, almost 23% of the professionals surveyed believed that board members...

KnowBe4, the provider of security awareness training and simulated phishing platform, has conducted a survey during Infosecurity Europe, which evaluated the opinions of nearly 200 security professionals towards security culture, or more specifically: the ideas, customs and social behaviours of an organisation that influence their security practices. The research found the threat of cyber warfare (30%) or experiencing a data breach or cyberattack (30%) were the two biggest reasons why security professionals wanted to improve...

Lookout has announced the discovery of an enterprise-grade Android surveillanceware currently used by the government of Kazakhstan within its borders. Lookout researchers also found evidence of deployment of the spyware – which Lookout researchers have named “Hermit” – in Italy and in northeastern Syria.   Hermit is likely developed by Italian spyware vendor RCS Lab S.p.A. and Tykelab Srl, a telecommunications solutions company that may be operating as a front company. RCS Lab, a known developer...

SafeBreach, the pioneer in breach and attack simulation (BAS), today announced the launch of their EMEA programme, which will aim to bring their dynamic continuous security validation platform to an EMEA audience. The SafeBreach platform enables security teams to assess the efficacy of their security ecosystem by safely executing attacks across the entire cyber kill chain to validate and optimise security controls, prioritise remediation efforts and mitigate critical gaps before a breach occurs. As a...

On 16 April 2022, the ContiNews ransomware PR site posted the gang's newest victim: the Ministry of Finance of Costa Rica. Three days later, the post was updated with a sample of the stolen data, and a threat to continue attacks against Costa Rican agencies unless the government paid a requested ransom of $10 million. On April 21, the post was updated to include the URLs of two more compromised government departments - the Ministry...

A new industry report evaluating the level of security culture worldwide has found a positive improvement overall. The 2022 Security Culture Report by KnowBe4 looked at trends in security culture for the first time, analysing the ideas, customs and social behaviors of an organisation that influence their security. In particular, the report looked at the seven different dimensions of security culture (Attitudes, Behaviors, Cognition, Communication, Compliance, Norms and Responsibilities) across regions and industries worldwide. Key...

Today, Outpost24 has released the results of its 2022 FTSE 100 Credential Theft Study outlining the number of breached credentials from the UK’s most profitable companies online and found up to 31,135 exposed user credentials belonging to FTSE 100 companies on the open, deep and dark web. In fact, 75% of these credentials were stolen through data breaches and 25% were unknowingly obtained via malware infection/stealer. Of this number, over 60% of the stolen user...

  Armis, the unified asset visibility and security platform, disclosed five critical vulnerabilities, known as TLStorm 2.0, in the implementation of TLS communications in multiple models of network switches. The vulnerabilities stem from a similar design flaw identified in the TLStorm vulnerabilities (discovered earlier this year by Armis), expanding the reach of TLStorm to millions of additional enterprise-grade network infrastructure devices.   In March 2022, Armis first disclosed TLStorm—three critical vulnerabilities in APC Smart-UPS devices....