Latest cloud security statistics reveal that 91% of all organizations have some portion of their IT environment hosted in cloud platforms. While cloud computing comes with many benefits, companies have trouble scaling up the security to meet the data and privacy challenges posed by it.
Modern web applications are complex, often loading JavaScript libraries from tens of different sources and submitting data to just as many. This leads to a vast attack surface area and many attack types that hackers may leverage to target the user browser directly. Magecart, a category of supply chain attack, is a good example.
This week, data breaches were particularly bad, with attacks impacting travel technology giant Sabre, production giant Johnson and Johnson, and medical company Amerita. The online service marketplace called Freecycle was also impacted and so was Traderie, a game trading platform. Millions of individuals lost their information between these various breaches. Get more details about each of the specific attacks below.
LockBit is a Ransomware as a Service (RaaS) provider accountable for most LockBit ransomware attacks in 2023. The LockBit RaaS group came into existence in 2019 and has posed great challenges to security experts ever since. A recent report states that LockBit accounted for over one-third of all ransomware attacks in the latter half of 2022 and the initial quarter of 2023.
A new comprehensive study by researchers at RWTH Aachen University in Germany did a study on over 300,000 docker images finding that 8.5% contained API keys and private keys that malicious actors could exploit in the wild.
There are many ways to safeguard your information online. Some cybersecurity basics you should already have down include using strong passwords, enabling Multi-Factor Authentication (MFA), regularly updating your software, limiting location sharing, not oversharing on social media, backing up your data and utilizing a VPN. Continue reading to learn more about what it looks like to implement these cybersecurity basics.
Numerous U.S.-based companies that operate online have customers from the European Union (EU) or other parts of the European Economic Area (EEA). If your business engages with these customers, it is subject to the EU’s General Data Protection Regulation (GDPR). This extensive data privacy regulation has an impact on many U.S. entities due to its extraterritorial reach.