News

Small businesses and self-employed people saw fewer cyberattacks and data breaches over the previous 12 months. Still, significant risks remain for this corner of the economy, according to the Identity Theft Resource Center’s (ITRC) 2022 Business Impact Report. ITRC recently surveyed 450 people who led small businesses or were self-employed about their experiences with cybercrime.…

Ransomware and business email compromise (BEC) caused the most cyber insurance claims over the past five years, accounting for 44% of about 7,000 claims examined in NetDiligence’s 2022 Cyber Claims Study. The percentage of claims attributed to these two causes of loss rose to 50% for claims reported in 2020 and 2021. Of the 7,439…

Patch management is the process of acquiring and applying software updates to a variety of endpoints, including mobile devices, computers, servers and embedded devices. Installing patches regularly is necessary to correct errors, help protect data and optimize system functions. This article provides information on how a consistent approach to patching and updating software can limit…

Attack surfaces refer to the total possible entry points (also known as attack vectors) for unauthorized access into any system. The recent increase in remote and hybrid work combined with the shift to the cloud and widespread implementation of software-as-a-service (SaaS) applications have made attack surfaces increasingly large, complex and difficult to defend against cyberattacks.As…

During times of economic change, cybercriminals will use fear and instability to their advantage. Now, they’re using concerns about energy costs to lure victims into their malicious scams. These scams offer rebates, refunds, or discounts for energy bills to appeal to frustrations about rising costs.In a recent scam, cybercriminals send you an email offering you…

WhatsApp is an application that allows you to message and call your friends and family worldwide. However, due to a new scam, the next WhatsApp message you receive may come from a cybercriminal instead of a trusted contact. To start the scam, a cybercriminal will send you innocent WhatsApp messages to earn your trust. After…

As cyberattacks become more frequent and severe, it’s increasingly important for organizations to practice good cyber hygiene—habitual practices ensuring critical data and connected devices are handled safely—to minimize their exposure to risk. Some consequences of poor cyber hygiene include: Security breachesData lossSoftware vulnerabilitiesAntivirus weaknesses The following are essential parts of cyber hygiene: Passwords—Users should create…

To address the epidemic of ransomware attacks against public and private entities, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) updated its advisory on ransomware payments and included the first-ever sanctioning of virtual currency exchange. The Updated Advisory addresses the sanctions risks associated with paying ransomware actors. It also outlines OFAC’s…

Ransomware actors shifted to more “mid-game hunting” in the third quarter (Q3) of 2021, resulting in fewer large ransom payments and more lower payments made by middle-market organizations, according to recent data from Coveware, an incident response and ransomware negotiation firm. The average ransom payment amount stayed around the same level between the second quarter…

Premiums for commercial property and casualty (P&C) insurance lines once again increased in the second quarter (Q2) of 2021, led by a 25.5% jump in cyber. Q2 marked the 15th consecutive quarter of U.S. commercial P&C premium increases—8.3% across all-sized accounts, according to The Council of Insurance Agents and Brokers (CIAB) Commercial Property/Casualty Market Index.…