Global cybersecurity leaders may not be practicing what they preach after new research revealed that many are engaging in risky behavior online. Constella Intelligence polled over 100 global IT security bosses across multiple verticals to compile its latest report, Cyber Risk in Today’s Hyperconnected World. It revealed widespread poor security practice: a quarter (24%) admitted to using the same passwords across work and personal use and nearly half (45%) connect to public Wi-Fi without using…

There were 193 billion credential stuffing attempts during 2020 as cyber-criminals looked to capitalize on surging numbers of online users, according to Akamai. The security vendor’s latest 2021 State of the Internet / Security report revealed the sheer scale of attempts to crack open users’ accounts using previously breached credentials. Focusing mainly on the financial sector, the report claimed that Akamai detected 3.4 billion credential stuffing attempts targeting the vertical — a 45% increase on…

Misconfiguration of back-end cloud services by more than 20 mobile app developers may have exposed the personal data of over 100 million Android users, according to researchers. A team at Check Point investigated 23 Android applications in a new piece of research, and found users’ emails, chat messages, location, passwords and photos all exposed by poor security practices. There were three main issues. First, misconfiguration of the real-time databases that developers use to store data…

MITRE ATT&CK stands for MITRE Adversarial Tactics, Techniques and Common Knowledge. It’s a curated knowledge base of adversarial behavior based on real-world observation of APT campaigns. The original impetus for the project was to answer the question, “How are we doing at detecting documented adversary behavior?” MITRE ATT&CK v1 was released in 2015, and since then, it has seen rapid growth and adoption across multiple domains such as risk management, threat intelligence, incident response and…