Nearly half of organizations that store, process or transmit card data are still failing to maintain PCI DSS compliance from year to year, reveal new statistics. According to the 2017 Verizon Payment Security Report, the number of enterprises becoming fully compliant is on an upward trend—growing almost five-fold since 2012. Last year, 55.4 percent...

10 years ago, people used to enter a bank physically to complete any kind of transaction. The situation has changed a lot today. With the introduction of online banking, people are able to make all types of transactions with the click or touch of a button. Last year, a survey from Bank of America revealed that 62 percent of Americans now utilize...

The damage wrought by the WannaCry and NotPetya malware outbreaks highlights the importance of organizations taking steps to strengthen their digital security defenses. But in the shadow of such high-profile attacks, the state of organizations' security postures remains unclear. Do most companies understand the importance of their information and...

Cyber security is a relatively new concern to the healthcare sector. Most organizations began looking into it in just the past five years. Given this still-nascent focus, there have been some real lows for healthcare and highs for cyber attackers. Good News to Start There's some good news to share with respect to healthcare providers (acute and...

Your cyber security department has some big hurdles when it comes to hiring. In IT, 10 percent of all job postings are in cyber, and the growth rate is 2x faster than other IT jobs. There will be 1.5-2 million unfilled cyber jobs by 2019. Currently, cyber job postings take 24 percent longer to fill than other IT jobs and 35 percent longer to fill...

Have you heard about the European Union's Network and Information Security (NIS) Directive, which is scheduled to enter into member state law in 2018? Maybe not. Both the world’s attention and appetite for IT security legislation has been overfed with all things General Data Protection Regulation (GDPR) over the past two years, leaving little...

Digital security common sense says you should never plug an unauthorized device like an unknown Universal Serial Bus (USB) into your computer. Of course, logic doesn't always reign supreme when it comes to using a computer. We saw this on display at Black Hat USA 2016 when Google's anti-abuse research team shared an experiment for which its...

A high school student has received a $10,000 bug bounty award for reporting a security vulnerability in Google's App Engine. Back in July, 17-year-old Ezequiel Pereira decided to use the Burp Suite graphical tool to test the web application security of Google's App Engine. He wanted to see if he could access pages protected by MOMA, a portal for...

The WannaCry and NotPetya attacks caused disruption on a global scale in the spring and early summer of June 2017. Following those malware campaigns, businesses around the world should have heard the alarms and responded by tightening their security systems in an effort to mitigate against similar attacks in the future. But reality doesn't always...

Adventure (ad•ven•ture) / ad-ven-cher / noun: an undertaking usually involving danger and unknown risks; an exciting or remarkable experience; and enterprise involving financial risk. Origin: Old French aventure (noun), based on Latin adventurus ‘about to happen.’ There are many people who have the privilege of saying that they get paid to be...

I have been in this business for over 10 years, specifically in the business of trying to ensure our critical infrastructure remains in a safe, reliable and secure state. After all, if our critical infrastructure were to fail, the implications could be huge. Since 2011, I think the real threat of large-scale attacks against critical infrastructure...

Phishers are running a scam through a Russian hosting provider that's designed to target Bank of America customers' data. On 21 July, HackRead came across the ploy. Those responsible for the ruse impersonate financial representatives working for the second largest bank in the United States. Under that disguise, the scammers send out emails informing...

Security vulnerabilities are becoming the new oil, and the bug bounty economy is booming. As news of cyberattacks and data breaches continue to consume the press, never before has the market for vulnerabilities been so dynamic. “Bug bounty programs,” frameworks where security researchers legally trade previously undiscovered vulnerabilities for...

Critical security vulnerabilities have been discovered in the Segway/Ninebot MiniPro Hoverboard, but don't panic - firmware patches have already been issued to prevent malicious hackers from attacking the devices. Which is a relief - as successful exploitation of the security holes could have seen attackers seize remote control of a hoverboard and...

“My C-level doesn't understand that they’re being directly targeted – help me scare them!” Such was the request aimed at one of my colleagues at a cybersecurity conference not too long ago. Being in the security awareness industry, it’s not uncommon for others to solicit our feedback on how best to educate employees of all stripes. The appeal above,...

A hijacker has hit a radio station with a series of rogue broadcasts containing "The Winker's Song" by comedy band Ivor Biggun. Mansfield 103.2, an independent local radio station in Mansfield, Nottinghamshire, has suffered eight hijacking attacks since June 2017. In each of those offensives, the responsible party is believed to have used a mobile...

With millions of small businesses out there, why don’t they care about cyber security? You may be reading this and own a small business or know someone that does. Think to yourself: why would small businesses not care about cyber security? You may find that it is not a problem of caring but a problem of understanding. Let’s take a look at some of...

As someone who has worked in the Managed Network Services space for over a decade, there are certain behaviors I notice when it comes to security planning. Every so often, a major security incident occurs that makes headlines, and the media cycle begins. Decision makers at organizations, who are typically business experts and not technology experts,...

Bill C-59 – the National Security Act 2017 – outlines a new vision for Canadian national security. Reading between the lines of this “anti-terror” bill, there is a clear attempt here to comprehensively rework decision-making mechanisms to enhance oversight and ministerial control over counter terrorism, surveillance and cyberspace operations. While...

The role of cyber security in modern business is hard to overstate. Almost all business processes are automated to a degree and thus need to be thoroughly protected from any potential tampering. Vendors use anti-malware and anti-reverse engineering techniques to protect their products, but they can’t possibly weed out every vulnerability. One...