Cloud storage services and SaaS apps like Google Drive and Microsoft OneDrive provide convenient, scalable solutions for managing documents, photos, and more—making them indispensable for modern work and personal life. However, misconfigured settings and permissions can lead to serious security breaches, noncompliance, and even the loss of customer trust. Let’s explore the 5 most common misconfiguration issues with real-world examples.

As the UK cybersecurity sector prepares to meet at CyberUK next month, I have been reflecting on the conference’s theme–Securing an open and resilient digital future–and what might be the barriers to such a vision. One of the biggest challenges is doubtless the hefty legacy IT in the UK’s public sector.

ToddyCat deploys advanced tools for industrial scale data theft, hackers use eScan updates to spread GuptiMiner malware, and Russia’s APT28 exploits a Windows Print Spooler flaw.

As the number and severity of third-party breaches continues to rise, companies are scrutinizing more closely not just how they handle data, but how their vendors do as well. For security leaders, this means more security reviews are coming across their desk everyday. ‍ Limited resources and legacy processes make it hard for security teams to keep up with the pace of business.

When you think of cybersecurity, your mind likely goes to external threat actors — malware, ransomware, spearphishing attacks, and other malicious activity. However, it’s crucial to note that 60% of data breaches are caused by insider threats, and a staggering 74% of organizations are at least moderately vulnerable to them. It’s not everybody else your organization needs to worry about; it’s your own people.

In our recent research “Better Safe Than Sorry”, we reported how the number of exposed OT/ICS devices in Japan grew by 372% over the past six years. During this time, several notable cyber-attacks targeted businesses and government entities in Japan. The substantial increase in exposed OT/ICS combined with the recent cyber-attacks in Japan has prompted us to give a deeper look at the current threat landscape in the country.

In this episode of Trust Issues, host David Puner interviews Eric Hussey, SVP, Chief Information Security Officer (CISO) at Finastra, a leading provider of financial software solutions and services. Hussey shares his insights on the evolving role of the CISO, the challenges of keeping up with new and evolving cybersecurity regulations, and the importance of balancing innovation with security in the FinTech space.

Suspected North Korean threat actors are attempting to trick software developers into downloading malware during phony job interviews, according to researchers at Securonix. The threat actors contact software developers with seemingly legitimate employment opportunities before scheduling virtual job interviews.

The rapid advancements in large language models (LLMs) have revolutionized how we interact with technology, powering various applications for different use cases. As the adoption of LLM-powered solutions continues to grow, so does the emergence of new and evolving security threats that aim to exploit these robust AI systems.