A joint cybersecurity alert warned that hackers breached multiple federal agencies via remote monitoring and management software in a widespread helpdesk-themed phishing campaign.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Ticketmaster executives have been brought in front of a Senate Judiciary Committee and claims now that a bot army were both purchasing tickets and attempting to breach the servers simultaneously.
A wanted Swiss hacker accessed a federal No Fly List containing millions of records that was sitting on an unsecured server operated by a regional airline company.
The Hive ransomware threat appears to be very much in retreat as the US Department of Justice recently announced the seizure of the group's decryption keys and infrastructure, including its public-facing website, by law enforcement operations.
Hackers exfiltrated not just internal game cheats, but the source code that underpins this system for certain Riot Games titles, including League of Legends. This creates the possibility of new game cheats and exploits being developed.
Not all security awareness training programs achieve desired results. Here are items to consider when setting up your security awareness training program.
A ransomware attack on KFC, Pizza Hut, and Taco Bell parent company Yum! Brands shut down 300 restaurants in the United Kingdom and leaked the company's corporate data.
T-Mobile has begun notifying 37 million prepaid and post subscribers whose personal information was accessed by unauthorized bad actors in an unsecured API data breach.
Software supply chain attacks are among the most destructive strategies used by cybercriminals today. 59% of companies that have suffered a supply chain attack reported significant operational disruption, according to BlackBerry research.
GoTo says that the stolen information varies by product, but encryption keys that were also taken in the hack will grant access to "a portion" of the encrypted backups that were stolen.