Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
email fraud cyber insurance
The Rising Threat of Email Fraud: How Businesses Can Stay Ahead of Cybercriminals
November 29, 2024
It's 4:48 pm on the Friday before a long weekend, and you have just received an email from the CEO requesting immediate payment or an important deal will fall through. This could be genuine, but…
Read More >
CISA Jen Easterly
Leadership Shift Imminent at CISA
November 26, 2024
A Cybersecurity and Infrastructure Agency (CISA) spokesperson recently announced that all appointees of the Biden-Harris administration will vacate their positions by inauguration day. As the U.S. begins to prepare for the official presidential transition, CISA…
Read More >
security debt application security financial
Mounting Security Debt Is Putting Financial Services at Risk
November 22, 2024
Many financial institutions have a debt problem. Not a monetarily but a software security one. Veracode’s State of Software Security 2024 study reports that over three out of four (76%) financial organizations have security debt,…
Read More >
FIDO Alliance passkeys passwords
From Frustration to Security: How Passkeys Are Transforming the Way We Log In
November 21, 2024
Passwords have been a cornerstone of digital authentication for decades, but their flaws are becoming increasingly apparent. According to the FIDO Alliance's latest report, "password pain" has led 42% of consumers to abandon purchases due…
Read More >
Traceable API security report
Rethinking API Security: Generative AI, Bots, and the Need for New Defenses
November 20, 2024
API vulnerabilities–and their potential impact on a company’s cybersecurity defenses–are a real and growing concern. Traceable recently released its second annual research report, the 2025 Global State of API Security, and found that most organizations…
Read More >
Remcos RAT trap Fortinet
The Remcos RAT Trap: How Phishing Campaigns Are Exploiting Old Vulnerabilities for Remote Control
November 19, 2024
The manipulation of remote administration tools (RATs) for cyberattacks is on the rise, with bad actors evading security measures to exploit known vulnerabilities. The dangers here are many, as leveraging RATs grants attackers high levels…
Read More >
RaaS ransomware-as-a-service
RaaS Revolution: How Ransomware-as-a-Service is Escalating the Corporate Cybersecurity Arms Race
November 18, 2024
Ransomware has evolved from isolated, opportunistic attacks into a sprawling, professionalized industry. Today, cybercriminals have access to Ransomware-as-a-Service (RaaS) platforms that provide powerful tools and infrastructure, making it possible for even novice attackers to launch…
Read More >
human-operated attacks ransomware
Microsoft Report Finds Human-Operated Attacks and Unmanaged Devices Are Leading to More Cyberattacks
November 14, 2024
The newly released Microsoft Digital Defense Report 2024 provides in-depth analysis and insights into the latest trends in cybersecurity. This report is crucial for any organization looking to stay informed about the latest threats and…
Read More >
Lumma Stealer CAPTCHA phishing
Tricked By a CAPTCHA: How Cybercriminals are Using Fake Verifications to Steal Sensitive Data
November 12, 2024
One of the most ubiquitous security measures on the internet, CAPTCHA is not generally seen as a potential threat vector, but bad actors can leverage fake CAPTCHA pages to harvest sensitive information from their targets.…
Read More >
Latrodectus phishing malware
Latrodectus Malware: The Stealth Phishing Threat to Critical Sectors
November 11, 2024
Latrodectus is a relatively new and sophisticated type of malware. Its name comes from the Latrodectus genus of spiders, which includes the infamous black widow. Latrodectus is well-named since it reflects the malware’s stealthy and…
Read More >
cybersecurity training CybSafe
The Overconfidence Trap: How Skipped Cybersecurity Training is Leaving Businesses Exposed
November 08, 2024
Cybersecurity training access has increased for the first time in four years, yet a quarter of employees still skip it entirely—often due to overconfidence, according to a new global study. The findings come from CybSafe's…
Read More >
Extrahop data breaches
Data Breaches Are More Costly Than We Thought—And Companies May Be Ill-Prepared
November 07, 2024
How much do data breaches really cost organizations? Are companies truly prepared to absorb the full extent of the costs associated with a data breach? New research from ExtraHop argues companies are not. The true…
Read More >
Mandiant exploitation time cybersecurity
Cybercriminals Shave Exploitation Times to Record Lows: Can Organizations Keep Pace?
November 06, 2024
The amount of time it takes for a vulnerability to be exploited after discovery, or time-to-exploit (TTE), is on the decline as cybercriminals are always honing their techniques and adapting their attacks for optimal efficiency…
Read More >
internet of things IoT cybersecurity
IoT in the Crosshairs: Securing the New Digital Frontier
November 05, 2024
The number of cyberattacks targeting Internet of Things (IoT) devices is increasing and presents a growing concern for companies in virtually every industry today. According to new research from Zscaler, from May 2023 to June…
Read More >
Bugcrowd Inside the Mind of a Hacker
71% of Hackers Say AI Boosts Hacking Efficiency but Introduces New Risks
November 04, 2024
Artificial intelligence (AI) has been a hot topic in recent years, as rapidly evolving technological capabilities have been increasingly adopted for both business and personal use. This trend has included the use of AI for…
Read More >
ConfusedPilot
ConfusedPilot Attack: The Alarming New Threat to AI Systems Like Microsoft Copilot
October 31, 2024
A novel attack method is making AI systems vulnerable to manipulation and misinformation, with significant implications for businesses relying on AI-driven tools. A newly discovered attack on AI systems lets anyone with access to add…
Read More >
Man 5899192 1280
Cyber Resilience in Compliance: Transforming a Costly Requirement into a Competitive Edge
October 30, 2024
With compliance demands mounting, businesses are discovering that regulatory mandates can drive more than just red tape. Understanding and following all of the applicable laws and regulations can be daunting enough on its own, and…
Read More >
cybersecurity skills gap
Critical Cyber Skills Shortage Exposes Businesses to New Threats: How AI and Upskilling Are the Frontline Defense
October 25, 2024
The cybersecurity landscape is evolving at breakneck speed, but there's a problem: the talent pool isn't keeping up. According to the 2023 ISC2 Cybersecurity Workforce Study, despite a global cybersecurity workforce of 5.5 million professionals,…
Read More >
Subscribe for the Latest News
Webinars
Scaling Code Security for Builders Beyond Developer-First
Register Now
Cyber Resilience in Action: How IBM and Index Engines Deliver a Detection-to-Recovery Pipeline
Register Now
Passwordless Authentication: A Practical Approach to Modernizing Access
Register Now