The number of new identity records and the depth of personal information available in exfiltrated data are expanding, creating a blueprint of digital identities that threat actors can weaponize and expose identity information.
New SaltStack research survey, The State of XOps Report, Q2 2020, reveals that organizations using software to help IT and InfoSec teams collaborate and align are three times more confident in the effectiveness of their information security efforts.
Data from a new LastPass survey shows that 91% of people know that using the same password on multiple accounts is a security risk, yet 66% continue to use the same password anyway.
Risk Ledger, London-based cybersecurity company, part of the UK's Government's LORCA program, has produced a white paper designed to guide professionals who manage supply chain risks on how to tackle the situation.
The US Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have released a joint advisory that highlights ongoing activity by APT groups against organizations involved in both national and international COVID-19 responses.
The Information Security Forum (ISF) has published a major update to its Standard of Good Practice (The Standard) for IT security professionals. The guide delivers comprehensive coverage of information security controls and information risk-related guidance, providing ISF Members with a set of good practice covering all aspects of security strategy, incident management, business continuity, cyber resilience and risk management.
GoDaddy, one of the world’s largest domain registrar and a web hosting company that provides services to roughly 19 million customers around the world, has confirmed a data breach.
The latest findings of the Stott and May Cyber Security in Focus research reveal that leaders are still struggling with the skills gap and access to talent. Most respondents (76 percent) believe there is a shortage of cybersecurity skills in their company.
In contrast to the competitions on Russian-language cybercriminal forums profiled previously by Digital Shadows, how are competitions on English-language cybercriminal forums more generally "innocent"?