Research | SC Media

Research

Can event-based analytics spot IP developers stealing their own assets?

By

The most likely person to steal IP is not an external threat, but rather the person who developed it and uses it every day, according to Forcepoint Chief Scientist Dr. Richard Ford. And this insider threat actually may be more difficult to detect because typical event-based security analytics may not always be adequately equipped to…

Report: Bug bounty reward totals soared in 2018

By

The hacker community reported more than 93,000 resolved security vulnerabilities last year and earned roughly $19 million in bug bounties while using HackerOne’s vulnerability disclosure platform, according to the company The $19 million figure nearly equals the total bug bounty earnings collected over the previous six years of the platform’s existence, HackerOne explains in its…

Researchers develop proof-of-concept malware for attacking Building Automation Systems

By

Researchers have developed proof-of-concept malware capable of compromising Building Automation Systems after discovering two critical bugs in a BAS programmable logic controller (PLC). Created by experts at ForeScout, the malware exploits both vulnerabilities in combination with several older flaws that were previously known to the public, according to a ForeScout white paper released today in…

Report reveals struggles of SMBs navigating cyber threat landscape

By

A recent survey of just over 1,000 small- and medium-sized businesses found that 58 percent of respondents experienced a data breach in the previous 12 months, according to a new SMB cybersecurity research report from Keeper Security and the Ponemon Institute. An even larger number, 67 percent, said they experienced at least one form of cyberattack,…

IT pros dubious of government officials’ cyber knowledge

By

A newly released survey of 515 IT security professionals is giving government officials a no-confidence vote in terms of their ability to understand digital threats, practice cyber hygiene and legislate encryption policies. Conducted during last August’s 2018 Black Hat cybersecurity conference by researchers at Venafi, the survey found that 63 percent of respondents believe government…

Report: Cryptomining malware detections up more than 459 percent since 2017

By

Detections of cryptomining malware has increased by 459 percent since last year, according to a new report released today by the Cyber Threat Alliance (CTA), citing statistics collected from several of its member companies. Titled “The Illicit Cryptocurrency Cyber Threat,” the report warns that this dramatic year-over-year rise is no fluke, noting that illegal mining activity will likely…

Survey: Nearly one-third of breached companies reported job losses after data breach

By

Nearly one-third of surveyed companies that experienced a data breach in the previous 12 months said the incident cost certain employees their jobs. Conducted by Kaspersky Lab last March and April, the “Global Corporate IT Security Risks Survey” elicited responses from 5,878 businesses across 29 countries. Among this data set, 1,062 small-to-medium-sized businesses and 863…

‘Pass’ words: Philadelphia Eagles are the NFL team most often referenced in credentials

By

Proud Philadelphia Eagles fans might want to think of a more secure way to honor their Super Bowl-winning NFL franchise than using their team name as a user password. But an analysis of 61.5 million anonymized passwords found more references to “Eagles” and other team-related keywords than any other NFL franchise, according to a just…

Next post in Cybercrime