CISOs Look to Establish Additional Leadership Roles
According to an IANS survey of more than 800 CISOs, roles such as business information security officers (BISOs), chiefs of staff and heads for privacy, program management and data protection are among the top positions being considered to support cybersecurity efforts ... Read More
Zero-Day Exploits Surge in 2023, Cisco, Fortinet Vulnerabilities Targeted
A report from the Five Eyes cybersecurity alliance, released by the CISA, highlights the majority of the most exploited vulnerabilities last year were initially zero-day flaws, a significant increase compared to 2022 when less than half of the top vulnerabilities were zero-day exploits ... Read More
Hackers Exploit DocuSign APIs for Phishing Campaign
Cybercriminals are exploiting DocuSign’s APIs to send highly authentic-looking fake invoices, while DocuSign’s forums have reported a rise in such fraudulent campaigns in recent months. Unlike typical phishing scams that rely on spoofed emails and malicious links, these attacks use legitimate DocuSign accounts and templates to mimic reputable companies, according ... Read More
CISA Strategic Plan Targets Global Cooperation on Cybersecurity
The Cybersecurity and Infrastructure Security Agency (CISA) introduced its inaugural international strategic plan, a roadmap for strengthening global partnerships against cyber threats ... Read More
AI Cyberattacks Rise but Businesses Still Lack Insurance
Cybersecurity is a leading concern for risk managers as AI-related cyber risks surge, and despite growing investments, many businesses still lack comprehensive cyber insurance, according to a Nationwide survey ... Read More
Spooky Spam, Scary Scams: Halloween Threats Rise
Halloween-themed spam has risen sharply this season, with Bitdefender reporting that 40% of these emails contain malicious content designed to scam users or harvest personal data. In the first half of October alone, spam volumes increased by 18% compared to September, signaling the start of a cybercrime spike that is ... Read More
Sophos Acquires Dell’s Secureworks for $859 Million
British security provider Sophos plans to acquire Dell subsidiary Secureworks in an all-cash transaction valued at approximately $859 million. The deal, announced in a joint release on Monday, will grant Sophos control over Secureworks’ Taegis Extended Detection and Response (XDR) platform, a platform aimed at enhancing threat detection for medium ... Read More
Majority of SaaS Applications, AI Tools Unmanaged
Unmanaged software as a service (SaaS) applications and AI tools within organizations are posing a growing security risk as vulnerabilities increase, according to a report from Grip Security ... Read More
API Vulnerabilities Jump 21% in Third Quarter
Application programming interface (API) vulnerabilities surged 21% in the third quarter, with cloud-native infrastructure increasingly targeted by cybercriminals, according to Wallarm’s Q3 2024 API ThreatStats report ... Read More
Phishing Attacks Snare Security, IT Leaders
Despite 80% of IT leaders expressing confidence that their organization won’t fall for phishing attacks, nearly two-thirds admitted they’ve clicked on phishing links themselves. This overconfidence is coupled with concerning behaviors, as 36% of IT leaders have disabled security measures on their systems, undermining organizational defenses. These were among the ... Read More
