Enterprise Security

The modern attack surface has grown too large and complex for security professionals to manage using traditional, manual approaches to the asset lifecycle.

Under the new Critical Infrastructure Defense Project, companies in particularly vulnerable industries -- such as hospitals and water and power utilities -- will have access to the full suite of Cloudflare's Zero Trust solution, CrowdStrike's endpoint protection and intelligence services, and Ping I...

Russian state-sponsored cybercriminals lurked for the last two years in numerous U.S Cleared Defense Contractors' networks stealing sensitive, unclassified information along with proprietary and export-controlled technology. The Federal Bureau of Investigation, Cybersecurity and Infrastructure Secur...

Four out of five cybersecurity pros are fretting over the potential for a sneak attack by an adversary with a quantum computer that will render the encryption on their data ineffective. Quantum computers can process data much faster than most computers today because they use qubits to crunch data, w...

New research from cloud security firm Ermetic shows that nearly all businesses have identities that, if compromised, would place at least 90 percent of the S3 buckets in their AWS account at risk. Ermetic conducted the study to determine the circumstances that would allow ransomware to make its way ...

Bot activity at websites is skewing marketing analytics and costing businesses millions annually, according to a study by bot detection and mitigation firm Netacea. The company maintained in its report that the skewed analytics problem is as costly to businesses as click fraud, which costs businesse...

'Tis the season to go phishing. Nothing brings out digital bandits like the holidays, and this year is no exception. Proofpoint, an enterprise digital security company, reports its researchers are seeing a massive global increase in holiday-themed mobile phishing attacks, a.k.a. smishing. It noted t...

Technical and logistical problems stretching across multiple industries gives both shoppers and retailers reason to double efforts to avoid being hacked this year. Two factors top the list: runaway inflation and increased cyberattacks.

Shadow code -- third-party scripts and libraries often added to web applications without security validation -- pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vu...

Hackers aren't the only ones evading security measures of many organizations. So are their remote workers. In a new report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizati...

The U.S. government is moving quickly and aggressively to address cybersecurity vulnerabilities affecting both the federal government and the private sector. Information technology companies that are directly and indirectly involved in providing IT products and services to the federal government wil...

Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vul...

Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader ...

That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at le...