Long the weakest link in networks, smart devices and similar connected devices could soon be forced to bolster their defenses by the EU Cyber Resilience Act, requiring design-level security and ongoing patching.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Study on security priorities found that 90% of IT and security decision-makers believed their organizations failed to address cybersecurity risks.
Cybercriminals are using social engineering to target company employees on social media, which remains a weak point even if a company takes every precaution necessary to protect in-house information.
Study found that four of ten employees engaged in risky online behavior to avoid the stress caused by complex authentication requirements. Login challenges forced employees to cross the line between work and personal life.
A confirmed cyber attack on Rockstar led to the GTA6 leak of in-game videos via the internal Slack channel. The hacker claims that they are also sitting on stolen source code and asking for a ransom.
For the developers who take their time to painstakingly code, test, deploy and publish software for public use, any compromise to the process can ruin the entire project. To be effective at securing your software supply chain, you cannot afford to be myopic or take a shortcut in the process.
The government is addressing software supply chain security with new requirements. The OMB has issued a new memorandum that sets a year-long framework for vendors to provide assurances of secure software development.
Vendor impersonation attack is making the rounds, and what’s new is that the brands and reputations of cybersecurity providers are being leveraged as part of these attacks, where the ultimate goal is to deposit malware into your production environment.
A data breach of the third largest storage space provider and popular moving company, U-Haul, exposed sensitive customer data in the contractual information of 2.2 million users over five months.
The United States Department of Justice (DOJ) has indicted three Iranian hackers for a campaign of attacks dating back to 2020, including critical infrastructure companies and government agencies.










