惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Latest
Security Latest
Recorded Future
Recorded Future
人人都是产品经理
人人都是产品经理
S
SegmentFault 最新的问题
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
CXSECURITY Database RSS Feed - CXSecurity.com
博客园 - 三生石上(FineUI控件)
博客园 - 聂微东
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学
Know Your Adversary
Know Your Adversary
Spread Privacy
Spread Privacy
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
量子位
L
LINUX DO - 热门话题
L
Lohrmann on Cybersecurity
博客园 - Franky
酷 壳 – CoolShell
酷 壳 – CoolShell
T
Tor Project blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
雷峰网
雷峰网
阮一峰的网络日志
阮一峰的网络日志
V
Visual Studio Blog
T
Threatpost
T
Tenable Blog
有赞技术团队
有赞技术团队
大猫的无限游戏
大猫的无限游戏
Engineering at Meta
Engineering at Meta
GbyAI
GbyAI
C
Cisco Blogs
H
Heimdal Security Blog
Attack and Defense Labs
Attack and Defense Labs
A
About on SuperTechFans
Last Week in AI
Last Week in AI
N
News and Events Feed by Topic
T
Threat Research - Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
I
Intezer
V
V2EX
Cyberwarzone
Cyberwarzone
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
B
Blog RSS Feed
V
Vulnerabilities – Threatpost
N
Netflix TechBlog - Medium
T
The Blog of Author Tim Ferriss
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
U
Unit 42
PCI Perspectives
PCI Perspectives
P
Privacy International News Feed
D
Docker

Hackread – Cybersecurity News, Data Breaches, AI and More

Operation Endgame Disrupts StealC, Amadey and SocGholish Malware Networks New GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords Best Crypto Payment Solutions for E-Commerce Businesses Internet Society Foundation Opens Global Call for Common Good Cyber Fund to Strengthen Cybersecurity LastPass Confirms Customer Data Breach After Klue OAuth Token Theft ‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking The Rise of AI-Powered Academic Fraud: Beyond Traditional Plagiarism New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto The Evolution of iGaming Fraud: What Security Teams Should Expect in 2027 2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack Beats Studio Buds Flaw Could Let Nearby Attackers Eavesdrop on Users Texas Parks and Wildlife Data Breach Affects Over 3M License Customers Threat Hunting Beyond Alerts: Finding the Activity Detection Misses Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper Salesforce Disables Klue Integration After OAuth Token Theft Hits Customer Data MDR Provider Comparison: Time to Discover and Respond to Threats Meteor 3.0 Migration Helped Rocket.Chat Move Off End-of-Life Node.js Runtime Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks FIFA World Cup 2026: Hackers Target Football Fans With Fake Tickets Sites MacBook Neo vs Windows Laptops for Cybersecurity Tasks Operation Endgame Disrupts SocGholish Malware Infrastructure What Businesses Should Know Before Migrating Their CMS DragonForce Ransomware Abused Microsoft Teams to Hide Malware Activity Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents FortiBleed Attack Exposes Fortinet Firewall Credentials in 194 Countries SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies 152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Fake Search Clicks Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat 15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys Amos Stealer Targets macOS Keychain Files and Browser Passwords Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio AppViewX Launches Agent Identity Security to Govern Agents for the AI and Quantum Era New Rokarolla Android Trojan Found Targeting 217 Crypto and Banking Apps Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection Best of Android Fax Apps: Top 5 Secure Picks for 2026 Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women Handala Hacking Group Claims Breach of California Water Service Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores Hackers Hide New Argamal Malware Inside Working Hentai Games Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware ShinyHunters Target Universities in Oracle PeopleSoft Zero-Day Attack The SpaceX Pre-IPO Market: How Crypto Rails Are Opening Synthetic Access Feds Seize AudiA6 and Dark2Web in $389M Crypto Laundering Case ShinyHunters Leak 40GB of University of Nottingham Student Data Authorities Dismantle Decade-Old SniperDZ Phishing Network Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface Management Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware The Hidden Security Risks of Poor Software Testing FBI Seizes China-Linked Fake Consulting Sites Targeting US Clearance Holders How to Turn Images into Animated Videos with AI: A Wondershare Filmora Guide Scammers Use TikTok and Instagram Reels to Spread Vidar Infostealer ServiceNow Discloses Security Incident Exposing Customer Data Cloud Security Report Finds Fragmented Tools Widening the Cloud Complexity Gap Microsoft June 2026 Patch Tuesday Fixes 206 Flaws and 3 Zero-Days Network Log Analysis: Why Collecting Logs is Not Enough E-Signature Security Checklist Before Selecting an E-Signature Tool Maine Govt Portal Lists 10M Discord Data Breach Notice, But Filing Shows Red Flags Handala Claims Israeli Radar Hack, But Evidence Shows Phone Admin Panel WhatsApp Says It Blocked Pegasus Spyware Campaign Linked to NSO Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor Hackers Clone Ghidra, dnSpy and Other Tool Sites to Spread Malware Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account Atlas Menu Data Breach Exposes 64,000 GTA V and CS2 Cheat Service Users Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil Why eSIMs Are Replacing Traditional SIM Cards Lazarus Group Uses npm Brandjacking Campaign to Target Developers Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff How to Recover Data from iCloud Backup Without Resetting Your iPhone China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware Alcasec, "Robin Hood of Spanish Hackers," Jailed for 31 Months Over Data Theft Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions Halo Security Honored with 2026 MSP Today Product of the Year Award What One Predator Case Can Reveal About an Online Platform’s Safety Gaps RaccoonLine Publishes 2026 dVPN Buyer’s Guide for Privacy-Focused Users How to Get a Reddit API Key in 2026: Step-by-Step Guide Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts How to Get the Most From Your Explainer Video Production Services Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives 27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users The Deliverability Problem: How New Platforms Are Solving Inbox Placement The CISO Whisperer's Watch List For The Gartner Security & Risk Management Summit 2026 Can Big Data Predict Market Movements Accurately? Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms How Can MSSPs Scale Threat Detection Without Burning Out Their Analysts? Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack Netherlands Busts Bulletproof Hosting Network Linked to Disinfo and Cybercrime
Why Encrypted File Sharing Is Essential for Modern Businesses
Owais Sultan · 2026-06-02 · via Hackread – Cybersecurity News, Data Breaches, AI and More

Consider the history of any recent corporate scandal, and it is quite possible to guess what the story began with: a poorly secured file.

No complex hacker intrusion, no state-sponsored attacks, just a document that had been sent to the wrong address, left in an unprotected storage space or forwarded to a person who could hardly be trusted with confidential information.

As for modern businesses, they almost certainly store some sort of confidential data and exchange it in a manner that is far from being secure.

Here comes the explanation of what encrypted file sharing really is and how it makes things better for businesses.

What Encrypted File Sharing Actually Means

In simple words, encryption transforms your data into something that looks like chaos for anyone who does not have the corresponding decryption key. The information becomes unreadable and inaccessible in case of interception and theft. Unfortunately, regular file transferring tools usually lack this feature.

In order to keep your files safe, you should ensure that they are encrypted while being transferred across networks and while staying on a server or another device used for storing data. Thus, both encryption in transit and encryption at rest are required for fully securing file transfers.

Another form of encryption worth considering is end-to-end encryption. According to this method, the file is encrypted on the sender’s device and remains encrypted until it is opened by its intended recipient. End-to-end encryption makes sense for companies operating with such files as legal documents, medical records, financial reports, and other highly confidential data.

The Real Cost of Unsecured File Transfers

None of these insecure file-exchange practices looks scary at first. You may send a contract via your personal Gmail account, upload an invoice to a free file-sharing site, or share a folder link in a Slack chat without realizing that you give others access to it. However, every single mistake like this puts your company at risk.

First of all, you should expect to pay for the costs associated with repairing security flaws, recovering data, and so on. Apart from this, your company is also required to show the regulators that it complies with regulations, like the GDPR, HIPAA, or the FTC Safeguards Rule.

Failing to prove that is likely to get you fined. For example, in 2025 the fines imposed by the GDPR authorities exceeded €1.2 billion, with a total amount exceeding €7.1 billion since the start of the enforcement process. Moreover, you do not have an option of claiming that you did not know about the regulation.

Apart from financial penalties, your company should also consider the risk of losing clients’ trust once they learn about their confidential data being stolen or exposed to third parties due to poor file management practices.

Why Standard Tools Fall Short

In many cases, tools used for regular file transferring lack the necessary security features and are designed for convenience rather than protection. Email communication is one good example of this issue: despite being the most popular way of sending files between users, emails are rarely encrypted in transit. Even worse, attachments sent via regular email are decrypted and stored in readable format on servers and processed for various commercial purposes by your email provider.

Similar problems may arise if you use consumer-grade storage tools that allow you to save multiple files without the risk of running out of memory, but do not guarantee any level of security. In most cases, such tools include a clause allowing the provider to gain access to files kept on the service.

While collaborative workspaces introduced by the rise of telework indeed made file sharing easier, they still have no proper security mechanisms, with end-to-end encryption being absent in many popular file-sharing platforms. file-sharing, even when it is included, this encryption is usually disabled by default to make the softwareusablee.

Finally, using multiple platforms at once makes things even more difficult. For instance, you might be using an encrypted tool to send a file to the receiver, then downloading it, saving it to the device and attaching the file to a message sent to another person. This is especially problematic when you use shared folders that remain active for extended periods of time or set the permission of “anyone with the link”.

How Businesses Are Moving Toward Encrypted Sharing as a Baseline

In the past decade, businesses have changed their approach towards file security. Instead of implementing additional protection in case of handling confidential files, they now try to protect their data regardless of its nature. The questions are not whether they need encrypted file transfers, but whether their existing tools provide this feature.

In order to figure out how to improve the situation, it is necessary to conduct a comprehensive review of the existing tools. This implies asking yourself if files are protected in transit, if they are encrypted on the servers, who owns encryption keys and what would happen in case of data compromise caused by a hack or acquisition of your vendor.

However, technology alone is not enough. Your team members should know which files should be sent via encrypted channels and which tools to use when working with confidential information. 

Moreover, having a security policy hidden in some obscure document in which nobody bothers to look for it does not help; the actual implementation of the policy is what you need. As more businesses began to understand the importance of secure file storage and transfer, they increasingly started adopting cloud storage services to better manage and protect their data.

This trend makes businesses reconsider their existing policies and start looking for tools that provide such important security mechanisms as encryption at rest and encryption in transit, support end-to-end encryption and have detailed audit trail features, which allow the administrator to see the full list of recipients who have accessed the files.

Key Practices That Strengthen File Security

Using proper tools alone may not be sufficient for improving the situation; your employees must adapt to secure file sharing. Some practices that may be helpful in this context are listed below.

  • Use role-based access controls so that employees can only access the files relevant to their responsibilities, reducing the risk of accidental or intentional internal leaks.
  • Set expiration dates and password protection on any shared links, particularly when sending files to external parties who do not need ongoing access.
  • Train staff regularly on phishing attempts and social engineering tactics, since many data breaches begin not with a technical failure but with an employee being tricked into handing over credentials.

These practices are pretty simple but require considerable effort for their implementation. The difference between businesses with good file management and those with bad one lies precisely in whether they implement their practices consistently.

The Compliance Angle Businesses Cannot Ignore

For companies working in some specific sectors of the market, like healthcare industry, the legal field, finance, or companies handling personal data of EU citizens, encrypted file transfer is not just a matter of convenience. They must strictly comply with certain regulations.

For instance, under the Health Insurance Portability and Accountability Act, any protected health information that is transmitted over an open network must be encrypted. Under the GDPR, you can explicitly mention encryption as a measure of technical security. Finally, the latest FTC Safeguard rule obliges all financial institutions to use encryption for both data transmission and storage. This does not sound like a mere guideline or best practice anymore but the thing you need to comply with to avoid serious penalties.

These regulations make it necessary to introduce some specific security practices, with encryption among them. Otherwise, you should expect being fined, subjected to an audit and having all the results of the investigation made public and may even become personally liable for data leakage in some jurisdictions. In industries requiring certain regulations, encryption is not an optional thing but mandatory.

If you are not regulated, you should still think about your file security. More and more procurement specialists start requiring the evidence that the potential vendors have reliable protection and use encryption technologies for data transfer and storing.

Where to Start

storageggest obstacle to implementing file security measures is most probably inertia rather than money or complex technical processes. In order to solve the problem, you need to identify existing tools and practices that should be reviewed, identify the files that require encryption, and the methods of file transfers that lack it.

It is not necessary to replace all the tools at once: start by improving the most risky aspects of file transfer and storage. Remember to introduce practices that will make file security management more convenient than what people used before in order to make them willing to use it.

(Image Photo by Nhat Anh Nguyen Chi on Unsplash)