Small businesses in the UK are failing to train staff on how to correctly identify and dispose of confidential information which could lead to a costly data breach.
Using external URL shortener services to create better-looking links to internal company documents, sensitive files and internal websites is a practice that company employees should avoid, says security researcher Shubham Shah, as it can result in those documents being accessed by individuals with malicious intentions.
Malware peddlers don't always have to steal or buy (from sellers on underground forums) legitimate and valid code-signing certificates to sign their malware with - sometimes the certificates can be found just "laying around" in open source software and code repositories.
Just a ten minutes long browsing session of the leaked Ashley Madison source code revealed to infosec consultant Gabor Szathmari a number of security mistakes that have likely helped the attackers move within the company's networks.
The fact that CEOs have tendered their resignations in the aftermath of public breaches is a clear indication that the executive level is being held more accountable for the cyber security practices of their organizations.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.