As email usage expands annually, so do email-borne threats, with three-quarters of IT security leaders anticipating a severe email security incident in the next 12 months.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Theft of LastPass’s decrypted password vaults has been tracked to a DevOps engineer. Attackers reportedly targeted a vulnerability in a media software package on the employee's home computer.
From Uber to MailChimp, even the most technologically advanced and capable companies seem to struggle with keeping sensitive data safe and secure. And much of it comes down to one major data security pitfall – authorization oversight.
Dole Food Company has confirmed a ransomware attack that disrupted regional operations. Leaked memo shows that production was temporarily halted in several plants and deliveries suspended.
For two weeks, a misconfigured email server on the Microsoft Azure government cloud exposed thousands of sensitive military emails from the U.S. Special Operations Command (USSOCOM) branch.
76% of ransomware attacks in 2022 were tied to a known vulnerability that was made public between 2010 and 2019, and old vulnerabilities that were discovered as far back as 2015 are still commonly exploited.
While it’s been two years since the enactment of Biden's Cybersecurity Act of 2021, it still remains critical today. The Order’s contents include emphasizing the production of an SBOM, which uplifts a key cybersecurity standard into a national standard and is relevant for all businesses.
A supply chain attack on a business partner will cost semiconductor giant Applied Materials $250 million in the coming quarter due to disruption of upcoming shipments. Ransomware attack on MKS Instruments is suspected to be the cause.
Hackers compromised the Namecheap email system to send DHL and MetaMask phishing emails targeting wallet credentials. The company takes full responsibility after initially blaming a third party.
Twitter cites abuse of the text messaging 2FA option by bad actors as the reason for the change in policy. The service will still allow free use of authentication apps or hardware security keys as an additional account security layer.









