Digital city services of Antwerp, Belgium, suffered disruption after a ransomware attack compromised IT provider Digipolis, impacting critical departments including police and fire.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
While the transition to passwordless security procedures is already underway, adoption is still limited mainly in larger companies in certain industries. There are many steps that can (and should) be taken to accelerate the authentication journey to make passwordless authentication mainstream.
A new report from Tenable explores the concerns implicit in the emerging virtual reality market, which is expected by some analysts to be worth as much as $800 billion by 2024, and highlights what are likely to be the biggest metaverse security threats.
While User Behavior Analytics is about a single baseline for each activity and an analysis of each activity on its own, User Journey Analytics looks at sequences of activities and learns for each user the complete set of typical user journeys in an application. This enables extremely accurate detection.
The FBI and Europol seized 48 internet domains for DDoS-for-hire services in a multi-prong operation, charged six administrators with cybercrimes, and obtained customer databases.
Credentials are everywhere, they are a demonstrated weak link in organizational security, and malicious actors have demonstrated that they prefer using them over approaches. As a result, credentials are both the best and the last chance to catch adversaries.
Developers have been increasingly targeted by attackers. Compromising a single developer enables attackers to embed malicious code into a company's products. If that product is then used by other companies, the malware can spread to their systems in a supply chain attack.
XIoT devices are laden with security risks. 68% have a known vulnerability with a CVSS score of at least 8 and 18% are carrying a vulnerability of at least 9. And the average organization has three to five XIoT devices per employee.
Mapping toxic combinations and implementing separation of duties rules doesn’t have to be a painful process. Strong, regularly maintained SOD controls can help organizations identify and remediate those toxic combinations in an efficient and straightforward manner, limiting the potential damage of fraud and identity-based attacks.
Security practitioners responding to State of AWS Log Management survey have identified the following top challenges with logging in AWS: redirecting AWS logs, log correlation, too many alerts, and missing segmentation.










