What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-13 20:00:00 | Malware Comes Standard With This Android TV Box on Amazon (lien direct) | The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted. | Malware Prediction | ★★★★ | |
|
2023-01-12 21:17:00 | Darktrace Publishes 2022 Cyberattack Trend Data For Energy, Healthcare & Retail Sectors Globally (lien direct) | The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted. | Prediction | ★★★★ | |
 |
2023-01-12 08:59:29 | DER Entitlements: The (Brief) Return of the Psychic Paper (lien direct) | Posted by Ivan Fratric, Project Zero Note: The vulnerability discussed here, CVE-2022-42855, was fixed in iOS 15.7.2 and macOS Monterey 12.6.2. While the vulnerability did not appear to be exploitable on iOS 16 and macOS Ventura, iOS 16.2 and macOS Ventura 13.1 nevertheless shipped hardening changes related to it. Last year, I spent a lot of time researching the security of applications built on top of XMPP, an instant messaging protocol based on XML. More specifically, my research focused on how subtle quirks in XML parsing can be used to undermine the security of such applications. (If you are interested in learning more about that research, I did a talk on it at Black Hat USA 2022. The slides and the recording can be found here and here). At some point, when a part of my research was published, people pointed out other examples (unrelated to XMPP) where quirks in XML parsing led to security vulnerabilities. One of those examples was a vulnerability dubbed Psychic Paper, a really neat vulnerability in the way Apple operating system checks what entitlements an application has. Entitlements are one of the core security concepts of Apple’s operating systems. As Apple’s documentation explains, “An entitlement is a right or privilege that grants an executable particular capabilities.” For example, an application on an Apple operating system can’t debug another application without possessing proper entitlements, even if those two applications run as the same user. Even applications running as root can’t perform all actions (such as accessing some of the kernel APIs) without appropriate entitlements. Psychic Paper was a vulnerability in the way entitlements were checked. Entitlements were stored inside the application’s signature blob in the XML format, so naturally the operating system needed to parse those at some point using an XML parser. The problem was that the OS didn’t have a single parser for this, but rather a staggering four parsers that were used in different places in the operating system. One parser was used for the initial check that the application only has permitted entitlements, and a different parser was later used when checking whether the application has an entitlement to perform a specific action. | Vulnerability Guideline Prediction | ★★★ | |
 |
2023-01-12 02:00:00 | Cybersecurity spending and economic headwinds in 2023 (lien direct) | Now that everyone, their brother, sister, and dog have chimed in on cybersecurity predictions for 2023, here are a few observations based on some recent ESG research.First the numbers: 53% of organizations will increase IT spending in 2023, 30% say IT spending will remain flat in 2023, and 18% forecast a decrease in IT spending. As for cybersecurity, 65% of organizations plan to increase cybersecurity spending in 2023.These numbers mean that some organizations with flat or decreasing IT budgets will still increase spending on cybersecurity. This trend is further supported by the fact that 40% of survey respondents claim that improving cybersecurity is the most important justification for IT investments in 2023. This research was conducted in late 2022 when respondents were well aware of the economic headwinds and built appropriate assumptions into their budget planning.To read this article in full, please click here | Prediction | ★★ | |
 |
2023-01-10 12:18:55 | ChatGPT-Written Malware (lien direct) | I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. …within a few weeks of ChatGPT going live, participants in cybercrime forums—some with little or no coding experience—were using it to write software and emails that could be used for espionage, ransomware, malicious spam, and other malicious tasks. “It's still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web,” company researchers wrote. “However, the cybercriminal community has already shown significant interest and are jumping into this latest trend to generate malicious code.”... | Malware Tool Prediction | ChatGPT | ★★ |
 |
2023-01-06 19:16:00 | Dridex Malware Now Attacking macOS Systems with Novel Infection Method (lien direct) | A variant of the infamous Dridex banking malware has set its sights on Apple's macOS operating system using a previously undocumented infection method, according to latest research. It has "adopted a new technique to deliver documents embedded with malicious macros to users without having to pretend to be invoices or other business-related files," Trend Micro researcher Armando Nathaniel | Malware Prediction | ★★★ | |
 |
2023-01-06 10:23:00 | Trend Micro crée CTOne, une entité dédiée à la sécurité de la 5G (lien direct) | Trend Micro crée CTOne, une entité dédiée à la sécurité de la 5G. CTOne assure une protection complète des applications au sein des environnements réseaux 5G. - Business | Prediction | ★ | |
 |
2023-01-05 16:35:50 | I\'m a Technology Leader Who Sees Opportunities for Accelerating Security Transformation Through Networking and Infrastructure. Here\'s Why I Joined Netskope. (lien direct) | >Right now, I see a great opportunity in the cybersecurity industry to help customers as they navigate through security transformation. I don't come from a traditional security background; I'm what we might call a “networking guy.” But about two and a half years ago, in my previous role at Dell, I started noticing a trend […] | Prediction | ★ | |
|
2023-01-05 14:37:00 | Trend Micro Announces New Subsidiary for 5G Cybersecurity (lien direct) | >Right now, I see a great opportunity in the cybersecurity industry to help customers as they navigate through security transformation. I don't come from a traditional security background; I'm what we might call a “networking guy.” But about two and a half years ago, in my previous role at Dell, I started noticing a trend […] | Prediction | ★★ | |
 |
2023-01-05 11:00:00 | The dos and don\'ts of ransomware negotiations (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Has your organization suddenly been attacked by a ransomware virus? Take a deep breath and try to remain composed. It can be easy to panic or become overwhelmed in the face of an attack, but it is vital to remain calm and focused in order to make the best decisions for your organization. The initial actions to take in the event of a ransomware attack Disconnect the affected devices from the network as soon as possible. This can help to prevent the ransomware from spreading to other computers or devices. Determine what data has been affected and assess the extent of the damage. Determine the specific type of ransomware virus that has infected your devices to understand how this malware operates and what steps you need to take to remove it. It is important to notify all employees about the ransomware attack and instruct them not to click on any suspicious links or open any suspicious attachments. Consider reporting the attack. This can help to increase awareness of the attack and may also help to prevent future attacks. Please note that in some regions, business owners are required by law to report an attack. Do not rush into a decision. Take the time to carefully evaluate your options and the potential consequences of each of them before deciding whether to pay the ransom or explore other solutions. Paying the ransom is not the only option. Consider exploring other solutions, such as restoring your data from backups. If you do not have backups, cybersecurity experts may be able to help you recover your data since many ransomware strains were decrypted and keys are publicly available. Strategies cybercrooks employ to obtain funds from victims swiftly Cyber extortionists use various tactics beyond just encrypting data. They also use post-exploitation blackmail methods to coerce victims into paying them. Very often, cybercriminals use several extortion tactics simultaneously. Some examples of these tactics include: Steal and disclose Cyber extortionists not only encrypt victims' data but also often steal it. If the ransom is not paid, the stolen files may be made publicly available on special leak websites, which can cause severe damage to the victim's reputation and make them more likely to give in to the attackers' demands. Destroy keys if a negotiation company intervenes Some ransomware authors have threatened to delete the private keys necessary for decrypting victims' data if they seek the help of a professional third party to negotiate on their behalf. Launch a DDoS attack Ransomware attackers often threaten to flood the victim's website with a large volume of traffic in an effort to put it down and intimidate the targeted company into paying the ransom faster. Cause printers to behave abnormally Some hackers were able to take control of the printers and print ransom notes directly in front of partners and customers. This provides a high level of visibility for the attack, as it is difficult for people to ignore the ransom notes being printed. Use Facebook ads for malicious purposes Criminals have been known to use advertising to gain attention for their attacks. In one ins | Ransomware Malware Threat Prediction | ★★★ | |
 |
2023-01-05 05:50:00 | Focusing on Your Adversary (lien direct) | Every day, we hear news stories or read articles about data breaches and other cyber security threats. As malicious threat actors and the risk of cyber threats increase, protecting networks and valuable information becomes more critical. So what can organizations do to ensure their networks remain secure? Organizations must understand their adversaries’ identities to keep data safe and protect it from cyber-attacks. This article will explore the different types of threats facing enterprise organizations and what they can do to stay ahead of them. Evolving Cyber Attacks Cyber attacks are constantly evolving as attackers continue to find new ways to exploit vulnerabilities. This includes: Increased use of artificial intelligence (AI) and machine learning: Attackers are using AI and machine learning to automate and improve the effectiveness of their attacks. For example, AI can be used to generate convincing phishing emails or to bypass security systems. Rise of ransomware: Ransomware attacks, which involve encrypting a victim’s data and demanding a ransom to decrypt it, have become increasingly common in recent years. Ransomware attacks can significantly impact businesses, disrupting operations and resulting in financial losses. More targeted attacks: Rather than broad-based attacks that aim to compromise as many systems as possible, attackers are increasingly using targeted attacks designed to exploit a particular organization’s vulnerabilities. Increased focus on mobile devices: Mobile devices, such as smartphones and tablets, are becoming increasingly vulnerable to cyber-attacks. As a result, attackers focus more on exploiting these devices’ vulnerabilities. Increased use of cloud services: As more organizations move to the cloud, attackers are finding new ways to exploit vulnerabilities in these systems. For example, attackers may try to gain access to an organization’s cloud-based data or disrupt its cloud-based operations. It’s not only crucial for organizations to stay up-to-date on the latest trends in cyber attacks and to implement appropriate security measures to protect against them. It’s even more important to pinpoint your adversaries to understand their TTPs to protect and predict their next attack. Types of Adversaries There are many different types of cybersecurity adversaries that organizations have to deal with. Some common types of adversaries include: Hackers: Individuals or groups who attempt to gain unauthorized access to systems or networks for various reasons, such as stealing data, disrupting operations, or causing damage. Cybercriminals: Individuals or groups who use the internet to commit crimes, such as identity theft, fraud, or extortion. Cyber Terrorists: A group that’s goal is to disrupt operations, cause harm, and destroy data. Increasingly targeting critical infrastructures such as power plants, water treatment facilities, transportation systems, and healthcare providers. Nation-state actors: Governments or government-sponsored organizations that use cyber attacks as part of their foreign policy or military operations. Insider threats: Individuals with legitimate access to an organization’s systems or networks use that access to cause harm or steal sensitive information. Malicious insiders: These are individuals who are intentionally malicious and seek to cause harm to an organization’s systems or networks. Hacktivists: The term “hacktivists” refers to people who use hacking techniques to disrupt computer systems and networks in pursuit of political goals. Hackers often work alone, though some groups do exist. Script Kiddies: Originally used to describe young hackers, it now refer | Ransomware Malware Tool Vulnerability Threat Industrial Prediction | ★★★ | |
|
2023-01-03 11:00:00 | Five reasons why Cybersecurity training is important in 2023 (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The digital world is ever-expanding in scope and influence, both in personal and professional matters. In the last few years, business operations have become increasingly dependent on technology, and on employees to use that technology safely. While remote and mobile work have been necessary and useful, they also open the door for cybercriminals to take advantage of lax security measures and employees’ ignorance of best practices. So long as companies are carrying out some or all of their affairs in the digital realm, cybersecurity is easily as important as physical security. As one cybersecurity awareness training guide puts it: “if businesses are to thrive in the Fourth Industrial Revolution, security needs to be not only top of mind, but a fluent language.” Some of the most pressing reasons for cybersecurity training are detailed below. 1. Compliance with regulations There are many areas of business operations which are governed by legal or regulatory oversight to protect against various risks inherent to digital activities. These include HIPAA, which outlines rules regarding private health information, PCI SSC, which seeks to strengthen payment account security, and GDPR, which regulates general data privacy. Complying with these regulations is necessary for several reasons, although the dominant motivator for compliance is that the organizations can and will impose fines on businesses that fail to meet standards. It has often been said that a business is only as strong as its weakest link, and nowhere is this truer than in the world of data security. Any one employee can be a liability when it comes to the practices that an enterprise puts in place to protect consumer data as well as their own. When compliance is mandated and the threat of fines is looming, companies must ensure that all of their employees are properly trained and informed on the regulations in place. 2. Protecting enterprise assets Aside from wanting to avoid fines, however, businesses should still attempt to meet these regulatory standards for their own good. While meeting the bare minimum of compliance standards will keep a company out of hot water with regulatory boards, it will not necessarily protect the company itself. According to one report from IBM, the average cost of a data breach is 4.35 million USD. Ensuring that employees are trained in cybersecurity awareness greatly decreases the risk of a data breach occurring, as well as ensuring that employees know how to respond in the event that there is an attack targeting the company’s data. 3. Protecting consumer data Ostensibly protected by the aforementioned regulatory standards, consumer data is still at a huge risk of being obtained, stolen, or leveraged by cybercriminals. An attack that only targets a company’s internal data is dangerous to the company, but an attack that targets consumer data can have far-reaching consequences that affect thousands or millions of people. The responsibility for password complexity and variation, device and website privacy settings, and the amount of data shared can be at least partially placed upon the consumer’s shoulders. But the company must have its own measures in place as well to protect against attacks on customer data. Thorough and effective cybersecurity awareness training will reduce the chances of employee error l | Data Breach Threat Guideline Industrial Prediction | ★★★ | |
 |
2022-12-26 00:00:00 | CISO\'s Challenges Involved with Business Leader & SOC (lien direct) | Yohei Ishihara, IoT security evangelist at Trend Micro, discussed the challenges CISOs facing within organizations driving industrial IoT. | Industrial Prediction | ★★ | |
 |
2022-12-24 00:15:08 | CVE-2022-45798 (lien direct) | A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Vulnerability Prediction | ||
|
2022-12-21 17:53:00 | (Déjà vu) Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems (lien direct) | The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and Europe since at least September 2022. "The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools," Trend Micro researcher Christopher So | Prediction | ★★ | |
|
2022-12-21 17:07:00 | The Rise of the Rookie Hacker - A New Trend to Reckon With (lien direct) | More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends and 2023 predictions. Cybercrime remains a major threat to individuals, businesses, and governments around the world. Cybercriminals continue to take advantage of the prevalence of digital devices and the internet to perpetrate their crimes. As the internet of things continues to develop, cybercriminals | Threat Prediction | ★★ | |
 |
2022-12-21 11:41:48 | Malicious PyPI Package Found Posing as SentinelOne SDK in recent Hack Trend (lien direct) | In-depth studies on cybersecurity have just recently uncovered a new malicious package that was hiding out in the Python Package Index (PyPI) repository. This package was participating in a campaign known as SentinelSneak, in which it pretended to be a software development kit (SDK) for SentinelOne, a major company in the field of cybersecurity. The […] | Hack Studies Prediction | ★ | |
|
2022-12-21 05:11:00 | 2023 Anomali Predictions: New Risks to Put Added Pressure on Enterprise Defenders (lien direct) | Cybersecurity has a way of surprising us with the unexpected so I wouldn’t be surprised to see a completely new kind of security threat emerge in 2023. But as the ongoing cat-and-mouse game between attackers and defenders unfolds, certain scenarios are already coming into view. Why Threat Actors Will Love Pink Slips Amid growing economic uncertainty, many companies around the globe are tightening their belts and reducing headcount in advance of a possible economic recession. But as organizations brace for the worst, three related security risks now loom: 1. External attackers aren’t the only threats companies face. Insider threat incidents are up 44% in the past two years, as costs per incident have climbed more than a third to $15.38 million. But there’s new reason for concern since layoffs create insider threat risks – either in the form of disgruntled employees or among existing employees angry about corporate’s decision to let go of colleagues. That means more potential for theft or sabotage from within. 2. Staff reductions have unintended consequences on an organization’s security posture. When gaps in network defenses suddenly appear, the company now has fewer technical experts watching the situation. At the same time, the organization now has less visibility into the security status of its various products and systems. This presents a golden opportunity for professional threat actors searching out the path of least resistance. When they hear about layoff announcements at a particular firm, it doesn’t take very long before attackers start probing for security vulnerabilities. 3. Companies regularly get into trouble by failing to set up well-controlled and thorough off-boarding personnel procedures – particularly when it comes to senior or privileged users. Proper processes with verification of completion on user accounts, data, assets, etc. is critical. Also, don’t ignore the consequences of adding roles and responsibilities to remaining employees who may shoulder added responsibilities following a staff layoff. There are risks in maintaining segregation of duties and inadvertently creating ‘super users.’ This could pose an insider threat risk or present targets of opportunity for attackers looking to exploit ‘novices’ in new roles they have taken on. Commodity Malware and Tools Dominate Threat actor groups operate a profitable business selling increasingly complex malware and tools to would-be attackers, a trend that will continue in 2023, making it even harder for forensic investigators to determine the origin of attacks. All of which further underscores the importance of better threat intelligence to understand why certain actors are likely to target specific organizations and what malware and tools they might deploy. Supply Chain Is the Place to Be Cyber attackers stick with what works. So, after the run of big supply chain breaches in the last few years – SolarWinds 2020, Log4Shell 2021 and its variants into 2022 – expect more of the same in the new year. The too-common occurrence of trusted relationship abuse and supply chain attacks is a particular favorite of state-sponsored groups. Look for them to demonstrate patience and remain hidden as they go to great lengths to accomplish their objectives. None of this means that attackers are fated to have the advantage over defenders in 2023. But given their growing sophistication, it’s more important than ever to have fuller awareness of your assets and supply chain vectors. Pay close attention to shared development environments, where you work with 3rd parties and contractors in developing and maintaining your applications. Maintaining oversight over the security and access to these environments is key. Assure development practices and establish adequate segregation of code bases, data, and documentation. It’s hard to suffici | Malware Threat Prediction | ★★★ | |
 |
2022-12-21 00:08:12 | Cisco\'s Talos security bods predict new wave of Excel Hell (lien direct) | Criminals have noticed that spreadsheet's XLL files add custom functionality - including malware It took a few years and one temporary halt, but in July Microsoft finally began blocking certain macros by default in Word, Excel, and PowerPoint, cutting off a popular attack vector for those who target users of Microsoft's Windows OS and Office suite.… | Prediction | ★★★ | |
|
2022-12-21 00:00:00 | Detecting Windows AMSI Bypass Techniques (lien direct) | We look into some of the implementations that cybercriminals use to bypass the Windows Antimalware Scan Interface (AMSI) and how security teams can detect threats attempting to abuse it for compromise with Trend Micro Vision One™. | Prediction | ★★★ | |
|
2022-12-20 20:46:00 | Anomali Cyber Watch: APT5 Exploited Citrix Zero-Days, Azov Data Wiper Features Advanced Anti-Analysis Techniques, Inception APT Targets Russia-Controlled Territories, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Backdoors, Belarus, China, Data wiping, Russia, Ukraine and Zero-days. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
APT5: Citrix ADC Threat Hunting Guidance
(published: December 13, 2022)
On December 13, 2022, the US National Security Agency published a report on the ongoing exploitation of Citrix products. Citrix confirmed that this critical remote code execution vulnerability (CVE-2022-27518, CTX474995) affects Citrix Application Delivery Controller™ (Citrix ADC) and Citrix Gateway versions: 12.1 and 13.0 before 13.0-58.32. Active exploitation of the CVE-2022-27518 zero-day was attributed to China-sponsored APT5 (Keyhole Panda, Manganese, UNC2630) and its custom Tricklancer malware.
Analyst Comment: All customers using the affected builds are urged to install the current build or upgrade to the newest version (13.1 or newer) immediately. Anomali Platform has YARA signatures for the Tricklancer malware, network defenders are encouraged to follow additional NSA hunting suggestions (LINK). Check md5 hashes for key executables of the Citrix ADC appliance. Analyze your off-device logs: look for gaps and mismatches in logs, unauthorized modification of user permissions, unauthorized modifications to the crontab, and other known signs of APT5’s activities.
MITRE ATT&CK: [MITRE ATT&CK] Exploit Public-Facing Application - T1190
Tags: actor:APT5, actor:UNC2630, actor:Manganese, actor:Keyhole Panda, CVE-2022-27518, CTX474995, Citrix ADC, Citrix Gateway, Zero-day, China, source-country:CN
Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
(published: December 12, 2022)
In November 2022, a new cryptojacking campaign was detected by Trend Micro researchers. Unlike previously-recorded campaigns that aim at installing a cryptomining software, this one is utilizing a remote access trojan (RAT): a Linux-targeting version of the open-source Chaos RAT. This Go-based RAT is multi-functional and has the ability to download additional files, run a reverse shell, and take screenshots.
Analyst Comment: Implement timely patching and updating to your systems. Monitor for a sudden increase in resource utilization, track open ports, and check the usage of and changes made to DNS routing.
MITRE ATT&CK: [MITRE ATT&CK] External Remote Services - T1133 | [MITRE ATT&CK] Network Service Scanning - T1046 | [MITRE ATT&CK] Command and Scripting Interpreter - T1059 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] Screen Capture - T1113 | [MITRE ATT&CK] Remote Access Tools - T12 |
Malware Tool Vulnerability Threat Patching Prediction | APT 5 | ★★★ |
 |
2022-12-20 13:42:02 | Codex, ChatGPT… OpenAI, une usine à cyberattaques ? (lien direct) | Vers des cyberattaques pilotées par IA de A à Z ? Trend Micro s'est intéressé à cette possibilité avec deux outils d'OpenAI : Codex et ChatGPT. | Prediction | ChatGPT | ★★ |
 |
2022-12-19 16:10:00 | Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future (lien direct) | Trend Micro's latest research paper analyzed ways in which ransomware groups could evolve to stay on top of strengthened cyber-protection measures | Ransomware Prediction | ★★★ | |
|
2022-12-19 09:11:19 | Trend Micro analyse les nouveaux modes opératoires des cybercriminels, notamment en matière de rançongiciels (lien direct) | Trend Micro Incorporated publie les résultats d'un rapport d'alerte sur l'évolution du marché des rançongiciels. Intitulé, 'The Near and Far Future of Today's Ransomware Groups', ce dernier établit une projection de l'activité des groupes spécialisés dans la cyber-extorsion, que ce soit dans d'autres domaines de la cybercriminalité ou dans l'association avec des gouvernements hostiles ou d'autres groupes issus du crime organisé. - Malwares | Ransomware Prediction | ★ | |
|
2022-12-19 08:53:50 | (Déjà vu) Keeper Security dévoile ses prédictions pour l\'année 2023 (lien direct) | Keeper Security dévoile ses prédictions pour l'année 2023 L'année 2022 fut riche en rebondissements pour le secteur de l'IT. Est-ce que cela se poursuivra en 2023 ? Keeper Security révèle ses cinq prédictions majeures pour l'année à venir en matière de cybersécurité. - Points de Vue | Prediction | ★★ | |
 |
2022-12-19 00:00:00 | Improve Cyber Security Posture with 2023 Predictions (lien direct) | If a stronger cyber security posture is one of your organization's new year's resolutions, focus on what matters with these five essential highlights from the Trend Micro Security Predictions for 2023. | Prediction | ★★ | |
 |
2022-12-16 14:00:35 | 2023 Cybersecurity Trends We\'re Tracking (lien direct) | Cybersecurity doesn't happen in a vacuum. Evolving attack trends, world events, regulatory changes, shifting organizational priorities and many other factors influence enterprise programs. With 2023 just around the corner, cybersecurity teams are considering them all... | Prediction | ★★★ | |
 |
2022-12-16 11:29:25 | Nouvelles formes d\'attaques visant les entreprises et les instances publiques (lien direct) | Les acteurs de la menace vont intensifier les attaques à destination des installations soutenant le travail hybride, des chaînes d'approvisionnement logicielles et du cloud. | Prediction | ★★★ | |
|
2022-12-16 10:02:02 | Risques cyber : Trend Micro identifie les nouvelles formes d\'attaques visant les entreprises et les instances publiques (lien direct) | Risques cyber : Trend Micro identifie les nouvelles formes d'attaques visant les entreprises et les instances publiques Les chercheurs de Trend Micro analysent l'évolution des cybermenaces afin de contribuer à une meilleure adaptation des politiques de sécurité des systèmes d'information - Investigations | Prediction | ★ | |
|
2022-12-16 00:00:00 | Trend Micro Joins Google\'s App Defense Alliance (lien direct) | Trend Micro will be joining Google's App Defense Alliance (ADA) to help improve their ability to identify malicious apps before they are published to the Google Play store. | Prediction | ★★★ | |
 |
2022-12-15 20:51:24 | Expanding the App Defense Alliance (lien direct) | Posted by Brooke Davis, Android Security and Privacy Team The App Defense Alliance launched in 2019 with a mission to protect Android users from bad apps through shared intelligence and coordinated detection between alliance partners. Earlier this year, the App Defense Alliance expanded to include new initiatives outside of malware detection and is now the home for several industry-led collaborations including Malware Mitigation, MASA (Mobile App Security Assessment) & CASA (Cloud App Security Assessment). With a new dedicated landing page at appdefensealliance.dev, the ADA has an expanded mission to protect Android users by removing threats while improving app quality across the ecosystem. Let's walk through some of the latest program updates from the past year, including the addition of new ADA members. Malware MitigationTogether, with the founding ADA members - Google, ESET, Lookout, and Zimperium, the alliance has been able to reduce the risk of app-based malware and better protect Android users. These partners have access to mobile apps as they are being submitted to the Google Play Store and scan thousands of apps daily, acting as another, vital set of eyes prior to an app going live on Play. Knowledge sharing and industry collaboration are important aspects in securing the world from attacks and that's why we're continuing to invest in the program. New ADA MembersWe're excited to see the ADA expand with the additions of McAfee and Trend Micro. Both McAfee and Trend Micro are leaders in the antivirus space and we look forward to their contributions to the program. Mobile App Security Assessment (MASA)With consumers spending four to five hours per day in mobile apps, ensuring the safety of these services is more important than ever. According to Data.ai, the pandemic accelerated existing mobile habits - with app categories like finance growing 25% YoY and users spending over 100 billion hours in shopping apps. That's why the ADA introduced MASA (Mobile App Security Assessment), which allows developers to have their apps independently validated against the Mobile Application Security Verification Standard (MASVS standard) under the OWASP Mobile Application Security project. The project's mission is to “Define the industry standard for mobile application security,” and has been used by both public and private sector organizations as a form of industry best practices when it comes to mobile application security. Developers can work directly with an ADA Authorized Lab to have their apps evaluated against a set of MASVS L1 requirements. Once successful, the app's validation is listed in the recently launched App Validation Directory, which provides users a single place to view all app validations. The Directory also allows users to access more assessment details including validation date, test lab, and a report showing all test steps and requirements. The Directory will be updated over time with new features and search functionality to make it more user friendly. The Google Play Store is the first commercial app store to recognize and display a badge for any app that has completed an independent security review through ADA MASA. The badge is displayed within an app's respective | Malware Guideline Prediction | Uber | ★★ |
|
2022-12-15 16:20:20 | Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps (lien direct) | Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail. | Malware Threat Prediction | ★★★ | |
 |
2022-12-15 15:00:45 | (Déjà vu) #MIWIC2022: Camilla Currin, Trend Micro (lien direct) | Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022's Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the […] | Prediction | ★ | |
|
2022-12-15 13:48:43 | Les prédictions de BeyondTrust pour la cybersécurité en 2023 (lien direct) | Les prédictions de BeyondTrust pour la cybersécurité en 2023 Thomas Manierre, Directeur EMEA Sud de BeyondTrust livre ses prévisions sur les tendances émergentes qui risquent bien de marquer la décennie en cours. - Points de Vue | Prediction | ★★ | |
|
2022-12-15 11:00:00 | Dark Data: What is it? How can you best utilize it? (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Data continues to be a valuable asset for an organization and plays a crucial role in making operational and strategic business decisions. With the growth of hybrid, private, and multi-cloud models, much of the data is stored on these platforms and becomes vulnerable to malicious activities and potential data leaks. Amid the vast volume of data, some of the data remains unknown, untapped, and unused with an organization's architecture. This dark data is generated by users' daily online interactions between several devices and systems. Dark data might seem like a scary term, but it isn't, though it poses some risks. Since its percentage of data is rising more quickly than organizational data, business organizations are getting concerned about it. Hence, to grasp what dark data is and what issues it signifies, it's essential to understand it from a broader perspective. What Is dark data? Dark data is the type of organizational data whose value is not identified; hence, it can be crucial business data or useless data. A research report published by BigID reveals that 84% of organizations are seriously concerned about dark data. This data consists of the additional information collected and stored during daily business activities. But perhaps to your surprise, the organization may be unaware of the dark data and typically doesn't use it. Dark data tends to be unstructured data that contains sensitive and unclassified information. The research report further reveals that eight out of ten organizations consider unstructured data the most critical to handle and secure. Dark data can be classified as follows: Emails, images, audio, video, and social media posts. Application trials including API caches and encryption keys such as VPN or SSH support. Data stored in overlooked virtual images activated or installed in local or cloud infrastructure. Forgotten unstructured data created on various database engines a long time ago. Customers and the company's employees own data on the desktop and mobile devices. The hidden data file in a file system can be in the form of old pictures, scanned documents, pdf forms, notes on MS Word documents, and signed files. Dark data might seem benign, but it holds most of the organization's information. Thus, it can pose significant security risks if it falls into the wrong hands, like leaking a company's sensitive data and damaging its industry reputation. This is particularly alarming for organisations that do not use a reliable VPN or any other security tools to ensure data privacy and safety. How can you utilize dark data to help your business? Dark data seems challenging to handle and involves lengthy manual processes, but companies need to automate these processes. Technological advancements such as the use of AI have made it easier for companies to explore and process unstructured data. Another important use of dark data is its role in boosting AI-powered solutions. As more and more data exists, the information that AI can analyse to produce even deeper insights. Alongside Artificial Intelligence, you can also use Machine Learning technology to discover untapped and unused data and insights. These insights might help organizations make more informed decisions regarding incoming data. Also, it guides them toward taking practical steps in response to their data. Implementing AI and ML systems needs internal structural changes for businesses, costing organizations a great deal of time and money. H | Data Breach Threat Guideline Prediction | ★★★ | |
|
2022-12-15 00:00:00 | Trend Joining App Defense Alliance Announced by Google (lien direct) | Trend Micro's participation in Google's App Defense Alliance will ensure the security of customers by preventing malicious apps from being made available on the Google Play Store. | Prediction | ★★★ | |
|
2022-12-13 10:10:00 | Aussie Data Breaches Surge 489% in Q4 2022 (lien direct) | Country bucks the global trend thanks to high-profile incidents | Prediction | ★★ | |
|
2022-12-13 09:33:52 | Key risk trends for directors and officers in 2023: potential recession, cyber and ESG concerns (lien direct) | Key risk trends for directors and officers in 2023: potential recession, cyber and ESG concerns • Allianz Global Corporate & Specialty (AGCS) highlights macroeconomic risks such as inflation and insolvency and their impact on Directors and Officers (D&O) insurance • Cyber and ESG-related risks are driving an increasing number of lawsuits and litigation against companies and their boards • US remains a securities class action hotspot, despite downward trend in new filings • D&O insurance market seeing a favorable shift for buyers, but inflation and current risk environment means the potential for more frequent and severe losses remains - Opinion | Prediction | ★★ | |
|
2022-12-13 00:00:00 | Forging Ahead in 2023: Insights From Trend Micro\'s 2023 Security Predictions (lien direct) | In 2023, cybercriminals and defenders alike will have to move forward with caution in the face of a business landscape that's fraught with security blindsides and economic ebbs and flows. | Prediction | ★★ | |
|
2022-12-12 19:58:19 | Cybersecurity Trends 2023: Überdenken der Datensicherheit und sicherer Datenaustausch (lien direct) | Cybersicherheit ist seit jeher ein dynamischer Bereich, der von einer sich ständig weiterentwickelnden Bedrohungslandschaft, neu eingeführten Technologien und in letzter Zeit von einer nicht zuletzt durch die Pandemie vorangetriebenen digitalen Transformation beeinflusst wird. Der Aufschwung und die Verlagerung in die Cloud haben eine Umgebung geschaffen, die für IT-Sicherheitsabteilungen weltweit immer komplexer zu verwalten ist. Und all dies wird sich im nächsten Jahr nicht ändern. Im Gegenteil, das Umfeld, in dem der Berufsstand arbeiten muss, wird sich sogar noch stärker verändern, und der Grund dafür liegt in den beiden Haupttrends, die wir sehen werden: Ein Umdenken bei der Datensicherheit und die Einführung einer sicheren gemeinsamen Datennutzung auf der Grundlage offener Standards. - Sonderberichte / Prognosen 2023, Sonderberichte, cybersecurite_home_gauche | Prediction | ★ | |
 |
2022-12-12 18:14:23 | Top 10 Cybersecurity Predictions and Statistics For 2023 (lien direct) | >What you need to know about the trillion-dollar cyber economy over the next 5 years – Steve Morgan, Editor-in-Chief Northport, N.Y. – Dec. 10, 2022 Cybercrime Magazine extrapolates the top 10 market data points from our research in order to summarize the cybersecurity industry through | Prediction | ★★ | |
|
2022-12-12 08:29:23 | Norton Labs dévoile ses prédictions en matière de cybersécurité pour 2023 (lien direct) | Norton Labs dévoile ses prédictions en matière de cybersécurité pour 2023 - Points de Vue | Prediction | ★★ | |
 |
2022-11-02 08:00:00 | Prévisions de cybersécurité mandiante 2023 Mandiant Cyber Security Forecast 2023 (lien direct) |
 Defenders must always be ready for the unexpected-everything from chasing down an alert to containing a compromise. In the cyber security realm, it\'s impossible to predict what we will experience day after day. However, that doesn\'t mean we cannot be ready for the threats that matter most. Organizations can always improve their preparedness and readiness, and part of that involves exploring the trends we are starting to see now so we are ready for them in the year ahead.
To help us clear up some of the fog surrounding 2023, we turned to Mandiant leaders and experts. We already heard from |
Prediction | ★★★ | |
 |
2022-10-25 00:00:00 | Importance des modèles de risque validés par l'assurance pour quantifier le temps de cyber-risque, les modèles de risque de haute qualité deviennent de plus en plus précis en raison de la validation et de l'étalonnage continus. Importance of Insurance-Validated Risk Models to Quantify Cyber RiskOver time, high-quality risk models become increasingly accurate due to continuous validation and calibration.Read More (lien direct) |
By its nature, cyber risk is dynamic. New events happen and evolve all the time, making it difficult for enterprises to financially quantify their financial exposure to cyber attacks. Around two years ago, for example, distributed denial-of-service (DDoS) attacks were making headlines, and now ransomware has come into heightened focus. It\'s reasonable to believe that other types of attacks will emerge in another two years and continue to change thereafter.Yet even though cyber risk evolves, itâs possible to understand what the financial implications of an attack might be by using whatâs known as a cyber risk quantification (CRQ) model. These models analyze past events to predict what the financial impacts of future cyber events might be.But not just any model will do. Enterprises need insurance-validated risk models, meaning the model is strong enough and has both the breadth and depth of data to be trusted to quantify cyber risk across an insurerâs large portfolio. Enterprises need this level of sophisticated models, which are continuously validated at scale, if they want to be prepared. Otherwise, they may be using a stagnant quantification method that limits their ability to account for their financial cyber exposure to current and future new threats.Modeling the UnknownPart of quantifying something dynamic like cyber risk means having a robust modeling framework. Using whatâs known as impact-based modeling allows for quantifying âknown unknowns.â In other words, a modeling framework that can reflect new emerging threats and utilize risk models that tie together multiple areas of risk â for example, certain events affecting an enterprise, the severity of past attacks, the frequency of events, etc. â can come to a conclusion about the financial impact of future events. Even if the specific type of attack remains unknown, enterprises can at least have a sense of what their exposure would look like by relying on impact-based modeling, which provides an estimation for potential financial losses that will be driven by cyber events. âContinuous Validation and Calibration Over time, high-quality risk models become increasingly accurate due to continuous validation and calibration. As new cyber threats emerge, so too does a deeper understanding of event footprints, the technology or third party service provider involved, and the propagation pattern of the infection. While itâs important for companies to be aware of evolving cyber threats and types of attacks from a risk management perspective, such as to educate employees and mitigate attacks, putting a financial quantification on cyber risk is the most efficient way to understand âhowâ the attack landscape can affect a specific company. A $1 million loss, for example, is still $1 million whether it came from ransomware or a DDoS attack. By focusing on an impact-based approach, the emphasis is still on quantifying the loss, rather than trying to predict exactly how cyber events may evolve. A cyber risk quantification model can also be calibrated by looking at what the model projected and seeing how that aligns with events that actually occur over time. Doing so requires data at scale. If you only know the financial implications of events that occurred at, say, three companies, then that doesnât give much information to feed and calibrate the model. Yet if there are thousands of events to analyze, such as by looking across an insurerâs entire portfolio, that provides a much better view into whatâs happening across the cyber risk landscape. From there, this data can be used to improve the model. âBreadth and Depth of Data SourcesAs alluded to, a robust cyber risk quantification model requires data scale. Yet itâs important to have both a significant breadth and depth of data sources. Doing so enables a model to understand whatâs happening across indust | Ransomware Prediction | ★★★ | |
|
2022-09-09 16:48:02 | US Sanctions Iran Over APT Cyberattack Activity (lien direct) | The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities. | Prediction | APT 39 | |
|
2022-07-28 00:00:00 | 2022 semble être sur la cible de l'année la plus basse des violations signalées par les grandes sociétés américaines dans les six premiers mois de 2022, les grandes sociétés américaines [de revenus> 2 milliards] ont déclaré le moins de violations de données au cours des cinq dernières années. 2022 seems to be on target for the lowest year of reported breaches by large US corporationsIn the first six months of 2022, large [Revenue >2bn] US corporations reported the fewest data breaches in the past five years.Read More (lien direct) |
âThe number of data breaches reported in the first 6 months of 2022 has put this year on track to be the lowest year of reports in the last 5 years for large [Revenue >2bn] US corporations. By looking at the rate at which data breach events have been reported so far this year, we predict that the number of events reported is expected to be15-20% of the number of breaches reported in 2021âPossible causes:Increased reporting delays: But the time to report has shown a decreasing trend over the last 4 yearsGenuine improvement in cyber defenses preventing data exfiltration Reduction in reporting requirements, or public disclosure preventionIn this analysis we look at all the reported cyber events which involve data exfiltration (data breach), allocated to the year in which the event started. Comparing the number of events reported at each point during the year then gives us an indication for the rate which can be compared between years.The data and populationThe data collected represents public reports of data breaches from US companies with an annual revenue above $2bn (Excluding public services).The data used includes breach events reported up to end of Q2 2022It is this area where the cyber reporting requirements are highest, there is a high level of data available. It is important to note that this will not be all events which occur, only those disclosed, but by looking for changes in the behavior we can look at the potential causes.Overall Breach CountAs of the end of Q2 2022, we have seen 18 breach reports of events occurring in 2022 compared to the 160 cyber events reported from 2021, and 292 from 2020. While we are only 50% through 2022, the number of events reported so far from the first half is 25% of the 2021 total reported at the same point through 2021. To fully compare 2022 against prior years we need to take into account a number of factors:Events not yet reported: some events have occurred but have not yet been reported either because they have not yet been discovered, or because the have been discovered but not publicly disclosedEvents not yet occurred: events which have yet to occur, in the second half of 2022 (and have not yet been reported)âââHow the year unfoldsTo explore how 2022 is emerging, we can look at the rate at which events are being reported. That is to show not just the total report to date, but how the total number of events reported in a year has emerged from the start of the year. To do this we plot the cumulative number of events reported vs the number of days from the start of each incident year.What we see is an indication of how many incidents have been reported from each year have been reported after the same number of days. A steep curve indicates a greater number of incidents reported per month.** Note that the event counts are lower because we do not have exact disclosure dates for all events.ââFrom the chart we can see that the number of reported cyber incidents after 6 months (180 days) of experience is low for 2022 compared with all other years since 2015. This leads us to believe that 2022 is on track to have a very low number of overall incidents reported.There could be a few explanations for thisReporting Delay: The time taken to report incidents has increased in 2022, and there will be a correction in the later part of the yearCybersecurity Investment: The overall number of incidents reported will be lower due to improvements in security postureRegulatory Action: the overall number of incidents reported will be lower due to changes in how the events are reported (or required to be reported)âReporting DelayTo consider if the low reported number of events in 2022 is being driven by an increase in a delay between a cyber event starting and it being reported, we have looked at the trend over the last 10 yearsThe chart below shows the trend over the last 10 years.âââThere has been a steady reduction in median reporting delay from 204 days in 2017 to 63 days | Data Breach Prediction Cloud | ★★★ | |
 |
2022-05-25 16:54:12 | Utilisation de balises obscurcies dans \\ 'pymafka \\' La chaîne d'approvisionnement d'attaque signale une nouvelle tendance en macOS attaque TTPS Use of Obfuscated Beacons in \\'pymafka\\' Supply Chain Attack Signals a New Trend in macOS Attack TTPs (lien direct) |
Une nouvelle attaque de typosquat contre le référentiel PYPI cible les Mac d'entreprise avec une méthode d'obscurcissement distinctive.
A new typosquatting attack against the PyPI repository targets enterprise Macs with a distinctive obfuscation method. |
Prediction | ★★★ | |
|
2022-01-19 00:00:00 | Quelles tendances émergentes de cybersécurité devraient-elles être conscientes? Alors que le monde devient plus connecté numériquement, les entreprises doivent être conscientes des risques croissants de cybersécurité. What Emerging Cybersecurity Trends Should Enterprises Be Aware Of?As the world becomes more digitally connected, enterprises need to be aware of the growing cybersecurity risks.Read More (lien direct) |
As the world becomes more digitally connected every year â and with the pandemic further accelerating digital transformation â all types of enterprises need to be aware of the growing cybersecurity risks that come with this shift. In Europe, for example, significant attacks on critical sectors more than doubled in 2020 compared to 2019, according to data from the European Union Agency for Cybersecurity, as reported by CNN. In 2021, the picture arguably became even bleaker around the world, with major ransomware attacks causing disruption to companies in industries ranging from energy to meat processing.In the first six months of 2021 alone, ransomware-related reported activity in the U.S. had a higher total value ($590 million) than all ransomware-related reported suspicious activity in the U.S. in 2020, according to the U.S. Department of Treasury\'s Financial Crimes Enforcement Network (FinCEN). The total number of suspicious events filed in the first six months of 2021 in the U.S. also exceeded all of what occurred in the country in 2020 by 30%, the agency reports. Yet itâs not just ransomware thatâs wreaking havoc. Enterprises also need to be prepared for cyber threats like denial of service (DoS) attacks, where a flood of network activity can interrupt servers, thereby causing business interruption. Cisco predicts that distributed denial of service (DDoS) attacks (a subset of DoS, which involves using multiple devices to send a flood of traffic, as opposed to just using one device with a DoS attack) globally will roughly âdouble from 7.9 million in 2018 to 15.4 million by 2023.âIn addition to preparing for these types of cyberattacks, enterprises will also increasingly need to be aware of and comply with privacy-related regulations. As governments around the world try to bolster their cybersecurity responses, they are passing or at least considering new rules and guidance around how companies need to handle sensitive data and privacy issues. Amidst this preparation, enterprises also need to recognize that cybersecurity plans arenât foolproof, especially as attacks evolve. That means assets could be at risk even with solid defenses in place. So, enterprises increasingly need to think about not just how to prevent cyber attacks but also consider the dollar-value cost of risk, given that events will inevitably occur. This process, known as cyber risk quantification â a form of financial quantification â helps enterprises think about and discuss cyber risk in definitive business terms. Knowing how much money is at stake and how different cyber events could affect revenue and profit can help businesses prioritize defenses and take mitigating action like securing cyber insurance. In this report, weâll take a closer look at these emerging cybersecurity trends that enterprises should be aware of. Understanding these areas can help organizations potentially improve their risk management, both from a cybersecurity and overall governance standpoint. ââEvolving Ransomware RisksWhile ransomware is not a new type of threat, the scale and intensity of ransomware continue to broaden. Enterprises large and small, across all types of industries, need to be prepared for these cyber attacks.For one, ransomware-as-a-service, âwhere ransomware variants are licensed to individuals and accomplices to execute attacks,â as Reuters explains, has been on the rise. Based on suspicious activity reports, FinCEN identified 68 ransomware variants in the first half of 2021.âThe resulting emergence of new attackers has led to increased uncertainty and volatility for companies in responding to attacks due to the lack of information on the growing number of ransomware threat actors,â adds Reuters.Part of the problem is also that ransomware attacks arenât just being launched on an ad-hoc basis by individuals. Instead, thereâs in | Ransomware Tool Threat Prediction Cloud | ★★★ | |
|
2022-01-13 11:00:00 | Le parcours du cyber-risque, première partie: où allons-nous d'ici? The Cyber Risk Journey, Part One: Where Do We Go From Here? (lien direct) |
Le cyber-risque peut être un gros point d'arrêt pour les organisations.Heureusement, les conseils d'administration et les hauts dirigeants sont plus engagés que jamais et travaillent à développer une meilleure compréhension de la gestion des cyber-risques au sein de leurs organisations.Plus de dialogue avec la gestion des cadres concernant le cyber-risque et les impacts que les mesures proactives et réactives ont sur un profil de risque d'organisation est une excellente tendance à voir.
Les équipes de cybersécurité-Office en arrière-plan sur les tâches écrasantes de soutenir les opérations quotidiennes tout en étant constamment préparées pour les attaquants dans leur environnement.Équilibrage
Cyber risk can be a big blindspot for organizations. Fortunately, Boards and senior leaders are more engaged than ever before and working to develop a better understanding of how cyber risk is being managed within their organizations. More dialogue with executive management around cyber risk and the impacts proactive and reactive measures have on an organization\'s risk profile is a great trend to see. Cyber security teams-often in the background-take on the overwhelming tasks of supporting day-to-day operations while constantly being prepared for attackers in their environment. Balancing |
Prediction | ★★★ | |
|
2021-12-20 00:00:00 | 7 Rapports qui peuvent vous aider à comprendre l'assurance contre le paysage de cyber-assurance continue de faire face à des marges d'érodage, les assureurs ayant du mal à quantifier les risques 7 Reports That Can Help You Understand the Cyber Insurance LandscapeCyber insurance continues to face eroding margins, with insurers having trouble quantifying the risks enterprises faceRead More (lien direct) |
The explosion of ransomware attacks and cybersecurity risk as a whole have made life tough for so many organizations across industries globally. Enterprises need to face these risks in whatâs often a challenging business market anyway, and turning to potential solutions like cyber insurance comes with its own difficulties. The cyber insurance market continues to harden, with insurers facing eroding margins and often struggling to quantify the risk enterprises face. But itâs not all bad news. Cyber insurance companies and other enterprises who want to know the cyber landscape better have a wide range of resources to turn to. As the market matures, many quality research reports have emerged, including several that provide overviews and predictions for what will happen within cyber insurance and cybersecurity as a whole for 2021 and beyond. But which of these research reports should you read to strengthen your cyber knowledge and feel more prepared for what may come? In this article, weâll provide a brief overview of seven of the top cyber insurance research reports for you to consider diving into more.1) Munich Re: Cyber insurance: Risks and trends 2021In the report âCyber insurance: Risks and trends 2021,â the reinsurer Munich Re shares the results of the companyâs first âGlobal Cyber Risk and Insurance Survey.âSome of the key findings include that amidst rapid digitization within companies, approximately four out of five C-suite executives do not think their company has adequate cyber threat protection. The top cyber threats feared by this group include fraud, data breaches and ransomware. The survey also finds gaps in cyber insurance knowledge, but the market could soon grow, with 35% of C-level respondents likely to soon take out a policy.Munich Re also notes the importance of cyber risk accumulation. While the company mentions its own accumulation models, âit is important to monitor the market and seek external expertise from different vendors in order to assure state of the art accumulation management,â the company says.2) Aon: Cyber Insurance Market Insights Q1 2021In one report from Aon, âCyber Insurance Market Insights Q1 2021,â the firm highlights how the cyber insurance industry is changing amidst evolving cyber risks. In particular, the company highlights how issues such as ransomware, silent cyber exposure and the SolarWinds event have affected the cyber insurance market.With SolarWinds, for example, the âtheft of investigative tools from a globally recognised cyber security and forensics firm is likely to lead to improved hacking tools in the hands of cyber criminals,â notes Aon.Amidst this backdrop, Aon sees more hardening within the market through 2021 and 2022. Insurers are looking closely at their underwriting practices while also assessing retention, limits and premiums to figure out the right mix to make cyber insurance viable. 3) Aon: 2021 Cyber Security Risk ReportAnother report by Aon, the â2021 Cyber Security Risk Report,â focuses more on the overall risk landscape from an enterprise perspective. In particular, Aon highlights four main cyber-related risks facing organizations today:Digitization: As companies rapidly digitize, particularly with Covid-19 changing the way many companies work, only 40% say they have âadequate remote work strategies to manage this risk.âThird-Party Risk: Organizations need to be aware of risks in their supply chains and among the various vendors they work with, yet only 21% have implemented âbaseline measuresâ to oversee third-party risk.Ransomware: Ransomware attacks have been prevalent and damaging recently, and many are unprepared. Less than one-third of organizations say theyâve implemented âadequate business resilience measuresâ to handle this risk.Regulation: As stronger data security laws come into place, o | Ransomware Tool Threat Prediction | ★★★ |
To see everything:
Our RSS (filtrered)
