Unknown hackers reportedly breached AT&T customer email accounts for months via an API security issue to conduct a massive crypto theft scheme estimated at nearly $20 million.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Many countries now mandate that its citizens’ data must stay in the country. This is counter to the spirit of globalization and adds layers of complexity to delivering IT services and security. It is time to put data at the center of modern security programs.
Attackers approach targets for account takeover pretending to be a member of the Meta tech support team, using Facebook profiles that they have created that have a post history that makes it appear as if they are a legitimate employee.
SaaS applications are not going anywhere, and we must face the fact that they have access to our company’s most sensitive data. With SaaS, the shadow IT challenge has expanded and deepened even further.
A Vietnamese threat actor infected at least 500,000 devices worldwide within three months in a malverposting campaign leveraging inappropriate Facebook Ads.
West-Mark has numerous government contracts that require us to comply with the most current NIST cybersecurity guidelines. A key component is adopting a modern approach to password security that screens new passwords against those known to be commonly used, expected, or compromised.
Pan-European air traffic control agency Eurocontrol confirms that a cyber attack by pro-Russian hackers Killnet interrupted its website and web availability, making operations “difficult.”
U.S. legal professional organization, the American Bar Association (ABA), has notified over 1.4 million members that a recent data breach exposed user credentials.
Vice Society ransomware group has published a treasure trove of sensitive internal documents and employee data stolen during the CommScope ransomware attack. CommScope's customers include hospitals, schools and U.S. federal agencies.
Companies that are downsizing, or still planning to, must have an insider threat program in place or run the risk of falling victim to a massive cyberattack that could cripple the business for months to come, ultimately making the cost reductions a worthless exercise.










