The annual Verizon DBIR provides further confirmation that attackers are showing a renewed interest in social engineering, particularly in conjunction with business email compromise (BEC) attacks. And the average financial damage of a ransomware attack has doubled and is almost certain to cost organizations at least $1 million to remediate.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Prior to its seizure in April 2022, RaidForums was one of the biggest hacking forums catering to cybercriminals that trade in stolen data. A new competitor is looking to make a name for itself by exposing some 478,000 former RaidForums members.
A growing number of organizations are beginning to recognize the potential that AI has to dramatically improve the process of cybersecurity training by improving efficiency in areas like content development, analytics, and enhanced accessibility.
Supply chain security is in the news once again as a cyber attack on Zellis, a UK-based payroll provider, has led to the compromise of numerous organizations. Among the biggest names impacted by the attack are the BBC, British Airways and major UK drugstore chain Boots.
AI-based information risk assessment is allowing companies to mitigate potential security risks and even predict future attacks with greater speed and accuracy than they could ever achieve through manual processes.
One of North America's largest Medicaid and CHIP dental care providers has suffered a massive data breach of highly sensitive patient information, thought to be perpetrated by the LockBit ransomware group.
Zero trust has firmly inserted itself into modern cybersecurity strategies but the perceived value of zero trust can vary widely, Organizations need to strike a balance between uninformed action and over-preparation when launching their zero trust strategy.
Free VPN app SuperVPN data leak exposed over 360 million records that could identify users. The app has over 100 million downloads on Google Play and Apple's App Store.
46% of cybersecurity professionals in a recent survey said their stress level has increased in the past 12 months, and an almost identical percentage – in the same study – indicated they’ve considered quitting the industry because of the stress level.
Popular mini-game module found in over 100 Android apps, pitched to developers as a legitimate marketing SDK meant to improve user engagement and attention, has been found to have spyware capability hidden in it.










