What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-16 06:15:00 | Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk (lien direct) | The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk. That's according to the 2023 State of Enterprise DFIR survey by Magnet Forensics, a developer of digital investigation solutions.The firm surveyed 492 DFIR professionals in North America and Europe, the Middle East, and Africa working in organizations in industries such as technology, manufacturing, government, telecommunications, and healthcare. Respondents described the current cybercrime landscape as one that is evolving beyond ransomware and taking a toll on their ability to investigate threats and incidents, Magnet Forensics said.To read this article in full, please click here | Ransomware Guideline | ★★ | |
|
2023-02-14 02:00:00 | Measuring cybersecurity: The what, why, and how (lien direct) | A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy. On one hand business leaders struggle to understand information risk (because they usually are from a non-cyber background), while on the other, security practitioners get caught up in too much technical detail which ends up confusing, misinforming, or misleading stakeholders.In an ideal scenario, security practitioners must measure and report cybersecurity in a way that senior executives understand, find useful, satisfy curiosity, and lead to actionable outcomes.What can be measured in cybersecurity? To read this article in full, please click here | Guideline | ★★ | |
|
2023-02-09 08:46:00 | BrandPost: Embrace This Opportunity to Attract New Cybersecurity Talent (lien direct) | Ask nearly any security leader whether they have adequate resources to protect their organization effectively and consistently, and you'll likely hear an emphatic "No.” Given that an estimated 3.4 million people are needed to fill the global cybersecurity workforce gap, it's no surprise that CISOs feel that they need more staff to safeguard their networks, let alone focus on more strategic priorities. And nearly 70% of leaders say this skills gap creates additional cyber risks for their business. To read this article in full, please click here | Guideline | ★ | |
|
2023-02-09 02:00:00 | How to unleash the power of an effective security engineering team (lien direct) | Security teams are comprised primarily of operations, compliance, and policy-related roles. Security engineering teams, on the other hand, are builders. They build services, automate processes, and streamline deployments to support the core security team and its stakeholders. Security engineering teams are typically made up of software and infrastructure engineers, architects, and product managers.The collective security/security engineering team mindset is also that of a builder, quite different from that of a penetration tester or third-party risk management assessor. This presents a challenge to security leaders. As security engineering teams continue to grow in prominence, CISOs need to be intentional with their structure and development.To read this article in full, please click here | Guideline | ★★ | |
|
2023-02-08 07:01:00 | Growing number of endpoint security tools overwhelm users, leaving devices unprotected (lien direct) | Enterprises that use endpoint security and management technologies face a problem of growing marketplace “sprawl,” as new tools proliferate and options multiply, according to a study released today by the Enterprise Services Group.Between the ongoing influence of remote work and IoT, the number and diversity of devices that have to be managed by endpoint security tools is on the rise. As a consequence, the number of available tools to manage them has also risen.An ESG survey of 380 security professionals in North America, commissioned by cybersecurity company Syxsense, showed that companies using larger numbers of different tools to manage their endpoints had larger proportions of unmanaged endpoints, compared to those with fewer. Put simply, the complexity of the current-day device environment is leading to worse security, according to the research.To read this article in full, please click here | Guideline | ★★ | |
|
2023-02-08 05:08:00 | BrandPost: How Do You Protect Your Data in the Age of Hybrid Work? (lien direct) | By Sundaram Lakshmanan, Chief Technology Officer, Lookout We live in an age where hybrid work and bring-your-own-device (BYOD) programs have become the norm. The result is that you're tasked with protecting your data in an environment that's far more complex than in the past. To read this article in full, please click here | Guideline | ★ | |
|
2023-02-02 03:50:00 | Foreign states already using ChatGPT maliciously, UK IT leaders believe (lien direct) | Most UK IT leaders believe that foreign states are already using the ChatGPT chatbot for malicious purposes against other nations. That's according to a new study from BlackBerry, which surveyed 500 UK IT decision makers revealing that, while 60% of respondents see ChatGPT as generally being used for “good” purposes, 72% are concerned by its potential to be used for malicious purposes when it comes to cybersecurity. In fact, almost half (48%) predicted that a successful cyberattack will be credited to the technology within the next 12 months. The findings follow recent research which showed how attackers can use ChatGPT to significantly enhance phishing and business email compromise (BEC) scams.To read this article in full, please click here | Guideline | ChatGPT | ★★★ |
|
2023-02-01 11:00:00 | New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs (lien direct) | A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack Reference (OSC&R) initiative, led by OX Security, evaluates software supply chain security threats, covering a wide range of attack vectors including vulnerabilities in third-party libraries and components, supply chain attacks on build and deployment systems, and compromised or malicious software updates. Cybersecurity professionals among the matrix's founding consortium include representatives from GitLab as well as former leaders from Microsoft, Google Cloud, Check Point Technologies, and OWASP.To read this article in full, please click here | Guideline | ★★★ | |
|
2023-01-19 07:59:00 | BrandPost: Not If, But When: Maintaining Resilience as Threat Actors Adapt (lien direct) | Talos recently published its inaugural 2022 Year-in-Review report. We gathered insight from dozens of subject matter experts all throughout Cisco to tell a data-driven story about the major security events Cisco responded to, trends in the threat landscape, and what it all means for 2023.As we reviewed the major events from this year, one throughline seemed particularly clear: adversaries are adapting to shifts in the geopolitical landscape, actions from law enforcement, and the efforts of defenders. Organizations, IT leaders, and security professionals will need to track and address these shifts in behavior to maintain resilience.To read this article in full, please click here | Threat Guideline | ★★ | |
|
2023-01-19 07:37:00 | Why you don\'t have to fix every vulnerability (lien direct) | The word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.To read this article in full, please click here | Vulnerability Guideline | ★★ | |
|
2023-01-13 10:39:00 | BrandPost: Looking for a Warranty from an MDR Provider? Ask These Key Questions (lien direct) | Managed Detection and Response (MDR) helps ensure organizations are protected against advanced cyberattacks. That protection often comes with a warranty to back up those services.Warranties provide financial protection for organizations if they are the victim of an attack or breach. The policies often cover the costs associated with responding to and recovering from a cybersecurity incident.“The MDR provider will incur costs you would have incurred,” says Sally Adam, Senior Director at Sophos. “The warranty extends a further peace of mind.”But how reliable is the assurance these policies claim to provide? Not all warranties are created equal. How should security leaders who are looking at MDR service warranties evaluate these offerings?To read this article in full, please click here | Guideline | ★★ | |
|
2023-01-12 10:00:00 | BrandPost: How Financial Institutions Can SOAR to Success with Devo SOAR (lien direct) | According to the 2022 IBM Cost of a Data Breach Report, the global average cost of a data breach is $4.35 million. Data breaches in the US are even more costly, averaging over $9 million. However, it isn't just the big players caught in the line of fire. IBM's report also found that 83% of companies will experience a data breach soon, meaning financial institutions of all sizes - from local credit unions to Fortune 500s - are at risk. While ransomware attacks get the most time in the financial headlines, most breaches aren't caused by external factors or threat actors. The majority of system availability problems actually occur due to a lack of staff knowledge and protective protocols, software issues and limited security visibility across the institution. However, “more visibility” is not synonymous with “seeing more alerts.” In fact, the opposite is true. Keep reading to see how Devo SOAR helped a leading US bank streamline its SOC.To read this article in full, please click here | Ransomware Data Breach Threat Guideline | ★★ | |
|
2023-01-10 09:48:00 | BrandPost: The converging future of XDR and Threat Hunting (lien direct) | The cybersecurity challenge for organizations of all sizes continues to get more difficult. Complex threats and a growing cybersecurity skills gap is making life harder for often overworked IT teams. Without automation, they find it difficult to process and act on a steadily increasing flow of data and security alerts from across the network. As a result, many organizations are considering extended detection and response (XDR) tools to make better sense of incoming threat information. The market is projected to reach $2.36 billion by 2027, and small to mid-size enterprises are leading the way.To read this article in full, please click here | Threat Guideline | ★ | |
|
2023-01-09 15:05:00 | BrandPost: TCP Floods Are Again the Leading DDoS Attack Vector (lien direct) | My personal and professional objectives, like those of many other people, are centered around improving on how I get things done. Or, more importantly, about how to do things more efficiently. One of my favorite things to watch on the attention-sucking platform of TikTok or YouTube Shorts are life hacks. Life hacks are supposed to make tasks easier or more efficient to accomplish but, in many cases are simply more complicated.This passion to improve how things are done more efficiently is not isolated to individuals; it spills over into all aspects of our community, including government, retail, service organizations, and the like. And although many of these attempts to be more efficient may help other people, there are also people out there striving to be more efficient in malicious activities.To read this article in full, please click here | Guideline | ★ | |
|
2022-12-20 07:32:00 | BrandPost: Managing Risk Would be Easier if It Weren\'t for People (lien direct) | Businesses are as much at risk from human error as from threat actors. Typos, configuration errors, and other human errors can lead to disaster on the same scale as any modern cyberthreat. Great technology defenses can only get you so far with managing risk.It is generally agreed upon that Zero Trust principles are a more effective approach to securing your organization than defense in depth (though they aren't mutually exclusive). This approach entails defining exactly what user or application has access to what resource, using a validation identity control, and continually validating that the behavior is acceptable. Nearly every organization has a progressive plan for deploying elements that achieve this depending on where they are on their adoption path. However, the technology side of the equation is discrete and primarily solvable. The challenge lies with the keyboard to monitor interface - the human.To read this article in full, please click here | Threat Guideline | ★ | |
|
2022-12-13 15:57:00 | BrandPost: 3 Common DDoS Myths (lien direct) | There are several trends evident in the latest DDoS Threat Intelligence Report from NETSCOUT. These include adaptive distributed denial-of-service (DDoS), direct-path TCP-based DDoS, proliferation of botnets, sociopolitical fallout, and collateral damage. The thing these trends all have in common is they are designed to evade common DDoS defense measures and cause maximum harm to targets and others in their proximity. DDoS always attempts to disrupt, destabilize, and deny availability and often succeeds. The only thing that can prevent its success is a well-designed network with intelligent DDoS mitigation systems (IDMSs). For many organizations, common myths can lead to poor choices and overconfidence when it comes to properly architecting a solution.To read this article in full, please click here | Threat Guideline | ★★ | |
|
2022-12-13 13:04:00 | BrandPost: Securing Operational Technology Environments for Critical Infrastructure (lien direct) | Juniper Networks is applying its industry leading AI-driven capabilities and cloud-native architectures to Critical Infrastructure (CI) networks. We're directly addressing the communications and cybersecurity challenges exposed by the convergence of IT and OT networks alongside the ever-increasing drumbeat of cyber threats from sophisticated, state-sponsored malicious actors. By enabling network architects, builders, and operators to fully support network users, Juniper is empowering network professionals to defend our nation's electric grids, hospitals, water facilities, and other critical infrastructure. The challenge is substantial. Many CI environments have grown organically over decades, leaving the technical debt in the form of legacy communications and layers of undocumented point solutions that represent an unknown amount of cyberattack surface. But that's not where the commonality ends. All CI networks: To read this article in full, please click here | Guideline | ★★ | |
|
2022-12-08 05:35:00 | BrandPost: Want to Help Your Analysts? Embrace Automation and Outsourcing. (lien direct) | While the security tools we choose to invest in can undoubtedly make or break our success, one area we tend to focus less on is the human component of cybersecurity. Yet today, two-thirds of global leaders claim that the global skills shortage creates additional cyber risks for their organization, including 80% who reported experiencing at least one breach during the last 12 months that they attributed to the cybersecurity skills gap.The always-changing threat landscape, with fewer skilled people makes it nearly impossible to keep ahead of threats. That's why it's time to talk about the human element – specifically your Security Operations Center (SOC) analysts – and their role in your cybersecurity framework.To read this article in full, please click here | Threat Guideline | ★★ | |
|
2022-12-05 02:00:00 | When blaming the user for a security breach is unfair – or just wrong (lien direct) | In his career in IT security leadership, Aaron de Montmorency has seen a lot - an employee phished on their first day by someone impersonating the CEO, an HR department head asked to change the company's direct deposit information by a bogus CFO, not to mention multichannel criminal engagement with threat actors attacking from social media to email to SMS text.In these cases, the users almost fell for it, but something didn't feel right. So, they manually verified by calling the executives who were being impersonated. De Montmorency, director of IT, security, and compliance with Tacoma, Washington-based Elevate Health, praises the instincts that stopped the attacks from causing financial or reputational damage. Yet, he contends that expecting users to be the frontline defense against rampant phishing, pharming, whaling, and other credential-based attacks increasingly taking place over out-of-band channels is a recipe for disaster.To read this article in full, please click here | Threat Guideline | ★★★ | |
|
2022-12-02 04:33:00 | BrandPost: Improving Cyber Hygiene with Multi-Factor Authentication and Cyber Awareness (lien direct) | Using multi-factor authentication (MFA) is one of the key components of an organizations Identity and Access Management (IAM) program to maintain a strong cybersecurity posture. Having multiple layers to verify users is important, but MFA fatigue is also real and can be exploited by hackers.Enabling MFA for all accounts is a best practice for all organizations, but the specifics of how it is implemented are significant because attackers are developing workarounds. That said, when done correctly – and with the right pieces in place – MFA is an invaluable tool in the cyber toolbox and a key piece of proper cyber hygiene. This is a primary reason why MFA was a key topic for this year's cybersecurity awareness month. For leaders and executives, the key is to ensure employees are trained to understand the importance of the security tools – like MFA – available to them while also making the process easy for them.To read this article in full, please click here | Tool Guideline | ★★ | |
|
2022-11-28 12:04:00 | BrandPost: 5 Reasons to Protect the Performance and Security of Your Pharmaceutical Business (lien direct) | One of the greatest lessons resulting from the COVID-19 pandemic is to expect the unexpected and proactively prepare for future unknowns. Like many others, the pharmaceutical industry has been revolutionized by accelerated digital transformation over the last few years. Research has shown that pharma leaders investing in the Internet of Things (IoT) are better equipped to overcome unforeseen challenges.For these proactive pharmaceutical leaders, two major areas have become increasingly important: preventing network outages and increasing security against cyberattacks. The 2021 State of Pharmaceuticals and Cybersecurity Report from Fortinet found that in the last year, 40% of businesses experienced outages affecting productivity, safety, compliance, revenue, or brand image. These outages are no small glitches: Industry experts estimate the total downtime cost (TDC) of a production disruption ranges from $100,000 to $500,000 per hour. A few disruptions a year can have a massive effect on the bottom line. This necessitates network and application performance management to minimize downtime.To read this article in full, please click here | Guideline | ★★ | |
|
2022-11-22 02:00:00 | Know thy enemy: thinking like a hacker can boost cybersecurity strategy (lien direct) | As group leader for Cyber Adversary Engagement at MITRE Corp., Maretta Morovitz sees value in getting to know the enemy – she can use knowledge about cyber adversaries to distract, trick, and deflect them and develop strategies to help keep threat actors from getting whatever they're after.That could mean placing decoys and lures that exploit their expectations for what an attacker will find when they first hack into an environment, she says. Or it could mean deliberately disorienting them by creating scenarios that don't match up to those expectations. “It's about how to drive defenses by knowing how the adversaries actually behave,” says Morovitz, who is also group leader for MITRE Engage, a cyber adversary engagement framework.To read this article in full, please click here | Hack Threat Guideline | ★★★ | |
|
2022-11-21 11:59:00 | BrandPost: 6 Questions to Ask Before You Hire a Managed Security Services Provider (lien direct) | Gartner forecasts that information security spending will reach $187 billion in 2023, an increase of 11.1% from 2022. In tandem with this spending, the analyst firm alsopredicts that by 2025, a single centralized cybersecurity function will not be agile enough to meet the needs of a digital organization.To read this article in full, please click here | Guideline | ||
|
2022-11-18 03:57:00 | Noname Security releases Recon attack simulator (lien direct) | As breaches increase and companies scramble to go from a defensive to an offensive approach, API-focused Noname Security has launched Recon, whice simulates an attacker performing reconnaissance on an organization's domains.Recon works from a root-level domain to find other domains, shadow domains, sub-domains, APIs, vulnerabilities, and public issues that put the organization at risk, according to Noname. “Then we start looking at, both actively and passively looking at any API-related information pertaining to those domains,” Troy Leilard, regional solution architect lead ANZ, tells CSO.To read this article in full, please click here | Guideline | ||
|
2022-11-15 02:00:00 | Build a mature approach for better cybersecurity vendor evaluation (lien direct) | Seasoned CISO Mike Manrod knows the value of a good cybersecurity vendor evaluation. He recalls that in a past job he inherited some very expensive vaporware under a long-term services agreement. His predecessor had purchased an “innovative” beta identity and access management platform but hadn't done any analysis on the product, simply accepting the vendor's claims of its efficacy. It was a dud.Inversely, as CISO at his current company Grand Canyon Education, Manrod set his team up to evaluate an allegedly “brilliant” web application security product only to discover through testing that its client-side validation was easy to bypass and thus subvert the product. That basic test saved them from making an expensive mistake. “Startups are trysforming, and sometimes they go back to the drawing board. Nothing wrong there, but if we as security leaders purchase something that's not ready yet, that's on us,” he says.To read this article in full, please click here | Guideline | ||
|
2022-11-09 09:35:00 | GitHub releases new SDLC security features including private vulnerability reporting (lien direct) | GitHub has announced new security features across its platform to help protect the software development lifecycle (SDLC). These include private vulnerability reporting, CodeQL vulnerability scanning support for the Ruby programming language, and two new security overview options. The world's leading development platform said these updates make securing the SDLC end-to-end easier and more seamless for developers. The releases come as SDLC cybersecurity remains high on the agenda with research revealing an increase of almost 800% in software supply chain attacks.To read this article in full, please click here | Vulnerability Guideline | ||
|
2022-11-08 07:46:00 | BrandPost: 4 Reasons SMBs Should Consider an MSP for Threat Hunting (lien direct) | In today's complex, ever-changing cybersecurity landscape, organizations need a strong, layered defense that spans everything from endpoints to the network core. Sometimes, however, that's not enough. Cybercriminals continuously evolve their strategies and tactics and can evade detection by even well-constructed defenses. But if attackers have already penetrated your network, how can you find them?Threat hunting is a human-led activity that supplements your existing defensive measures. Put simply, threat hunters start by assuming your network has already been breached. By monitoring everyday activities across your network and investigating possible anomalies, threat hunters seek to find any yet-to-be-discovered malicious activities that could lead to a full-blown breach or uncover unaddressed vulnerabilities in your security posture.To read this article in full, please click here | Threat Guideline | ||
|
2022-11-03 07:39:00 | Espionage campaign loads VPN spyware on Android devices via social media (lien direct) | A new espionage campaign, dubbed SandStrike, has been detected using malicious VPN apps to load spyware on Android devices, cybersecurity company Kaspersky reports. It's an example of how APT (advanced persistent threat) actors are constantly updating old attack tools and creating new ones to launch new malicious campaigns, particularly against mobile devices.“In their attacks, they use cunning and unexpected methods: SandStrike, attacking users via a VPN service, where victims tried to find protection and security, is an excellent example,” Victor Chebyshev, the lead security researcher at Kaspersky's (Global Research & Analysis Team (GReAT), said in a blog post.To read this article in full, please click here | Guideline | ||
|
2022-11-03 06:00:00 | BrandPost: New Report Finds SOC Leaders and Staff Still Not Aligned (lien direct) | A new SOC Performance Report shows familiar challenges facing staff and leaders since the start of the global pandemic continue to affect SOC performance, including talent shortage and turnover. Based on an independent survey of more than 1,000 global cybersecurity professionals, the report examines current SOC trends and challenges.The report shows that despite agreement on the importance of the SOC to the cyber strategy – lines are drawn between SOC staff and leaders regarding SOC effectiveness. Recognition is Key To read this article in full, please click here | Guideline | ||
|
2022-11-03 06:00:00 | BrandPost: New SOC Performance Report: Security Analysts Are Overworked and Under Resourced (lien direct) | The SOC is the engine that protects organizations worldwide today. Its core mission remains to help the enterprise manage cyber risk. The new Devo SOC Performance Report shows that security professionals behind the scenes are feeling the pain due to too much work and not enough resources.That means that SOC leaders today have a real balancing act when it comes to retaining analysts amid immense talent shortages and turnover. Respondents reported that average time to fill a SOC position is seven months. And 71% of SOC professionals said they're likely to quit their job, with the top reasons being information and work overload, followed by lack of tool integration, and alert fatigue.To read this article in full, please click here | Tool Guideline | ||
|
2022-11-03 04:22:00 | White House ransomware summit highlights need for borderless solutions (lien direct) | The US White House this week convened its Second International Counter Ransomware Initiative Summit (CRI), bringing together leaders from 36 countries and the European Union in person to build on the work of its first ransomware summit in 2021. At a press briefing before the Summit, a White House spokesperson said, "While the United States is facilitating this meeting, we don't view this solely as a US initiative. It's an international partnership that spans most of the world's time zones, and it really reflects the threat that criminals and cyberattacks bring.”To read this article in full, please click here | Ransomware Threat Guideline | ||
|
2022-11-02 02:00:00 | GAO report: government departments need dedicated leaders to oversee privacy goals (lien direct) | The US Government Accountability Office (GAO) released a comprehensive report in late September 2022 that discussed the need for dedicated privacy leadership within the departments and agencies of the executive branch of government if goals surrounding privacy are to be achieved. The report highlighted how this void in leadership was in essence putting at risk well-intentioned plans and procedures for protecting the personal identifiable information (PII) held within those entities.The GAO recommended that Congress consider legislation that would require a dedicated senior-level privacy official be named within these organizations and sent along more than 60 individual recommendations to enhance privacy programs.To read this article in full, please click here | Guideline | ||
|
2022-11-01 02:00:00 | The OSPO – the front line for secure open-source software supply chain governance (lien direct) | Organizations of every shape, size, and sector have embraced open-source software (OSS). The financial, medical, and manufacturing industries – and even national security – now use OSS to power their most critical applications and activities. However, this widespread adoption comes with pitfalls: a corresponding increase of almost 800% in software supply chain attacks according to the State of the Software Supply Chain from Sonatype.With the rapid growth of OSS adoption, organizations have begun to stand up Open Source Program Offices (OSPOs) to help codify strategies around OSS use and contribution and to foster collaboration with the broader OSS community. These OSPO's often have key responsibilities such as cultivating an OSS strategy, leading its execution, and facilitating the use of OSS products and services across an enterprise.To read this article in full, please click here | Guideline | ||
|
2022-10-25 02:00:00 | Blockchain security companies tackle cryptocurrency theft, ransom tracing (lien direct) | According to data from the Rekt leaderboard, cybercriminals have stolen as much as $3 billion of investor funds through 141 various cryptocurrency exploits since January, putting 2022 on track to top 2021 levels of digital currency malfeasance. Comparitech's cryptocurrency heists tracker indicates that since 2011, hackers have stolen $7.9 billion in cryptocurrency worth about $45.5 billion in today's value.Along with the increased dollar amounts of cryptocurrency thefts, the scams, hacks, and exploits of cryptocurrency, Web3 (a decentralized view of the web that incorporates blockchain technologies and token-based economics), and blockchain-related organizations are growing bolder and more lucrative for malicious hackers even as the value of cryptocurrencies stagnates. This month alone, Binance saw its BNB chain drained of $586 million, close to the all-time most significant cryptocurrency theft of $624 million from the Ronin Network in March 2022.To read this article in full, please click here | Guideline | ||
|
2022-10-20 10:28:00 | With Conti gone, LockBit takes lead of the ransomware threat landscape (lien direct) | The number of ransomware attacks observed over the previous three months declined compared to the previous quarter, according to reports from two threat intelligence companies. However, the gap left by the Conti gang has been filled by other players, with LockBit cementing itself in the top position and likely to serve as a future source for ransomware spin-offs.From July to September, security firm Intel 471 counted 455 attacks from 27 ransomware variants, with LockBit 3.0 being responsible for 192 of them (42%). Meanwhile, security firm Digital Shadows tracked around 600 ransomware victims over the same time period, with LockBit accounting for 35% of them.To read this article in full, please click here | Ransomware Threat Guideline | ||
|
2022-10-17 02:00:00 | Top skill-building resources and advice for CISOs (lien direct) | The role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge and experience as a cybersecurity professional, others think leadership skills such as being able to communicate with boards are what matters most.Ultimately, the hiring organisations will define what it needs in terms of cybersecurity to find the right person. In finance and insurance, for example, there will be specific rules that must be followed in different countries and cybersecurity leaders in such organisations may even be liable. In telecommunications, the skills required are likely to be more technical, whereas in government knowledge around governance and risk are top of the list.To read this article in full, please click here | Guideline | ||
|
2022-10-12 04:10:00 | Information overload, burnout, talent retention impacting SOC performance (lien direct) | While most security teams believe that security operations centers (SOCs) play a pivotal role in cybersecurity programs, several challenges are impacting SOC performance within businesses, according to a new report. Among these are information overload, worker burnout, and talent retention. The data comes from cybersecurity firm Devo following an independent survey of global SOC leaders (553) and staff members (547), and it adds evidence to reports of security operations becoming harder for teams to perform.SOC teams face numerous pain points, leaders and staff consider quitting In its 2022 Devo SOC Performance Report, the firm discovered that SOC professionals experience significant challenges while performing their duties as SOC leaders and their teams wrestle with several ongoing issues that hamper performance. What's more, Devo's findings suggest that some of the key SOC complications facing organizations date back to the start of the global COVID-19 pandemic in early 2020.To read this article in full, please click here | Guideline | ||
|
2022-10-07 07:01:00 | BrandPost: Why a Risk-Based Cybersecurity Strategy is the Way to Go (lien direct) | Business leaders spend most of their time conducting risk/reward analyses of virtually every decision they make. Will expanding the sales staff generate enough profit to more than pay for the added costs? Can our new product launch hit the market before the competitors shift their own strategies? Do we know enough about the geopolitical climate in a new market to justify the added costs and hassles in compliance and governance? Cybersecurity is another critical area where risk must be constantly assessed. The risk of unanticipated service interruptions-not to mention the many direct and indirect costs of data loss-is substantial. Virtually everything an organization does today-from billing customers and creating marketing programs to answering police calls and ensuring the cleanliness of waterways-is digitized. Add in the new reality of entirely new classes of digital endpoints and you can see that hackers have more opportunity than ever to wreak havoc.To read this article in full, please click here | Guideline | ||
|
2022-10-07 02:00:00 | 3 actions Latin American leaders must take to reduce risk of cyberattacks (lien direct) | We have witnessed increased cyberattacks on the Latin American region in recent days. Mexico's President Obrador confirmed that its government has suffered what is perhaps a sensitive attack on its intelligence and armed forces. Chilean Armed Forces suffered a similar attack and its judiciary system was also compromised. The Colombian National Institute for Drug and Food Surveillance (INVIMA) was also attacked. Moreover, there was an attempt to breach systems at the Ministry of Health of Costa Rica, a country that was the victim of a large ransomware attack this year.To read this article in full, please click here | Ransomware Guideline | ||
|
2022-10-04 11:47:00 | Tenable aims to unify your cybersecurity with exposure management platform (lien direct) | Tenable today announced the general availability of Tenable One, a unified exposure management platform designed to meet the changing needs of the modern cybersecurity professional by offering a holistic view of both on-premises and cloud-based attack surfaces.The modern cybersecurity attack surface is complex, fast-changing, and involves a panoply of different target systems and users that are all interconnected in a range of ways. Modern cybersecurity measures, on the other hand, are, all too often, architected just as they have been in the past, leading to major challenges in combating threats, according to a white paper Tenable released along with its new product.To read this article in full, please click here | Guideline | ||
|
2022-09-29 02:00:00 | 22 notable government cybersecurity initiatives in 2022 (lien direct) | Cybersecurity continues to be high on the agenda of governments across the globe, with both national and local levels increasingly working to counter cybersecurity threats. Much like last year, 2022 has seen significant, government-led initiatives launched to help to address diverse security issues.Here are 22 notable cybersecurity initiatives introduced around the world in 2022.February Israel commits to IDB cybersecurity initiative in Latin America, Caribbean The Israeli government announced that it will join the Inter-American Development Bank (IDB) to establish a new cybersecurity initiative, committing $2 million USD to help strengthen cybersecurity capabilities in Latin America and the Caribbean (LAC). Israel's funding would aid in building cyber capacity across the region by giving officials and policymakers access to forefront practices and world-leading knowledge and expertise, the government stated. “The cybersecurity initiative is paving the way for the safe and secure digitalization of Latin America and the Caribbean, one of the key elements for growth in the post-COVID era,” said Matan Lev-Ari, Israel's representative on the IDB's Board.To read this article in full, please click here | Guideline | ||
|
2022-09-26 08:23:00 | Jamf buys ZecOps to bring high-end security to Apple enterprise (lien direct) | ZecOps protects world-leading enterprises, governments, and individuals; Jamf has acquired it to help secure the enterprise. | Guideline | ||
|
2022-09-23 13:42:00 | SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware (lien direct) | Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for specific terms that are relevant to their work. Clicking on the malicious search results, which are artificially pushed higher in ranking, lead visitors to a known JavaScript malware downloader."Our findings suggest the campaign may have foreign intelligence service influence through analysis of the blog post subjects," researchers from security firm Deepwatch said in a new report. "The threat actors used blog post titles that an individual would search for whose organization may be of interest to a foreign intelligence service e.g., 'Confidentiality Agreement for Interpreters.' The Threat Intel Team discovered the threat actors highly likely created 192 blog posts on one site."To read this article in full, please click here | Malware Threat Guideline | ||
|
2022-09-19 02:00:00 | International cooperation is key to fighting threat actors and cybercrime (lien direct) | In this era of cybersecurity, when nation-state digital attacks and cybercrime quickly cut across country borders and create global crises, international cooperation has become an urgent priority. The need for global collaboration to cope with various pressing threats, from electronic espionage to ransomware attacks on critical infrastructure, is imperative to prevent economic and social disasters, top cybersecurity professionals and government officials say.At this year's Billington Cybersecurity Summit, leaders from across the globe gathered to discuss the importance of international partnerships in managing the persistent threats governments must address. The near-total digitalization of every aspect of society that exposes virtually all public and private sector services to escalating cyber threats dictates a more robust, collective defense. Moreover, as cyber risks intensify and multiply, governments worldwide are stepping up their own independent efforts to protect against the rising tide of digital threats.To read this article in full, please click here | Ransomware Threat Guideline | ||
|
2022-09-16 06:00:00 | BrandPost: Tips for Improving Security Visibility (lien direct) | One of today's biggest security gaps is visibility into your data - knowing what's happening before it's too late. Bad actors rely on staying hidden in the noise of logs, systems, tools, teams, processes and silos. Improving visibility is vital for security practitioners to ensure they aren't missing things that could prove crucial to the security of their organization.According to a recent industry survey, 80% of organizations that lack visibility into their assets report roughly three times as many cybersecurity incidents. And when asked to identify the biggest cause of SOC ineffectiveness, 65% of leaders cited “visibility into the attack surface.”To read this article in full, please click here | Guideline | ||
|
2022-09-15 02:00:00 | Russia\'s cyber future connected at the waist to Soviet military industrial complex (lien direct) | The Center for European Policy Analysis (CEPA) recently published a 38-page study, Russian Cyberwarfare: Unpacking the Kremlin's Capabilities by two esteemed researchers, Irina Borogan and Andrei Soldatov. The opening premise is that Russia has not demonstrated its cyber warfare adroitness in support of its invasion of Ukraine. Whether the Russians tried, and their efforts failed due to the capabilities of Ukraine's cyber defenders or because leadership meddling disrupted the execution strategies of the professional cyber warriors, hasn't yet been revealed. What is evident is that the Ukraine example has called into question the Russian playbook being technologically focused and suggests that the political quotient is much more in play than perhaps previously suggested.To read this article in full, please click here | Guideline | ★★★★ | |
|
2022-09-06 03:00:00 | BrandPost: How Leading Companies Secure a Hybrid Workforce (lien direct) | This is the first in a three-part series that details using security service edge (SSE) to modernize enterprise cybersecurity. In this article, we focus on how SSE can secure a hybrid workforce in which users connect from both the office and remote locations while accessing applications that reside either in the data center or the cloud. SSE is a new framework that breaks network configuration from security capabilities. Under the security capabilities, three key solutions - ZTNA, CASB, and SWG - are consolidated into one offering, now named SSE.To read this article in full, please click here | Guideline | ||
|
2022-09-01 06:13:00 | BrandPost: How Hardened VMs Can Help with Cloud Security (lien direct) | Regardless of whether you're operating in the cloud or on-premises, it's important to harden your system by taking steps to limit potential security weaknesses. Most operating systems and other computer applications are developed with a focus on convenience over security. Implementing secure configurations can help harden your systems by disabling unnecessary ports or services, eliminating unneeded programs, and limiting administrative privileges. By working with cybersecurity experts around the world, the Center for Internet Security (CIS) leads the development of secure configuration settings for over 100 technologies and platforms. These community-driven secure configuration guidelines (called CIS Benchmarks) are available to download for free in PDF format.To read this article in full, please click here | Guideline | ||
|
2022-08-30 02:00:00 | Key takeaways from the Open Cybersecurity Schema Format (lien direct) | One of the most pervasive challenges in the current cybersecurity environment is an overabundance of tooling vendors, all of which produce telemetry or data, often in their own native or nuanced schema or format. As cybersecurity's visibility has risen in organizations, so has the number of cybersecurity vendors and tools that teams need to integrate, implement and govern. Cybersecurity professionals must spend time getting tools to work together as a cohesive portfolio, which detracts from their efforts to identify and address cybersecurity vulnerabilities and threats.The problem isn't going unnoticed. Recently Amazon Web Services (AWS) along with other leaders such as Splunk, CrowdStrike, Palo Alto, Rapid7, and JupiterOne announced the release of the Open Cybersecurity Schema Framework (OCSF) project. The announcement acknowledges the problem of security professionals needing to wrestle with proprietary data formats and outputs rather than their actual roles of risks and threats. This is problematic given the industry is already facing significant workforce challenges, burnout and fatigue. By standardizing on security product schemas and formats, security practitioners can spend more time addressing threats that pose risks to organizations.To read this article in full, please click here | Guideline | ||
|
2022-08-25 11:15:00 | BrandPost: How Can CISOs Tackle the SOC Talent Shortage? (lien direct) | Security operations centers – the units that manage overall cybersecurity within an organization – have been getting a workout during COVID-19. Many organizations moved their SOC staff to remote work within days of coronavirus being declared a pandemic.This shift to remote work has put a spotlight on three inter-related issues for business and cybersecurity leaders in modernizing SOCs to meet the needs of today's workplace. These include The need for more extensive automation Expanding the use of machine learning and artificial intelligence Adapting practices for hiring, training, and retaining cybersecurity personnel Keeping the SOC properly staffed is a challenge in the best of times because of the ongoing cybersecurity skills gap. With the pandemic affecting corporate profits, CISOs are worried about maintaining staffing levels and ensuring that management continues to make the SOC a top priority.To read this article in full, please click here | Guideline |
To see everything:
Our RSS (filtrered)
