There is an increasing overlap of cyber and physical security breaches, crime and espionage. Cybercriminals slip between the gaps of those tasked with physical, information and cyber security, as they often do not coordinate their activities and see their realms as completely separate.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Hackers stole up to $30 million in the Crypto.com hack associated with 2FA bypass, forcing the exchange to refund the victims and migrate to a new 2FA infrastructure.
If you are an online business accepting transactions from your customers, you run the risk of facing fraudsters. The sooner you are able to protect your operations from fraud and scams — the better.
When athletes arrive at the 2022 Winter Olympics they will be required to download an app called MY2022. Meant for contact tracing purposes, it will be packed with some unexpected extras: security flaws and possible censorship features.
New CMMC 2.0 pares down the scope of the original requirements, allowing greater flexibility and relaxing the rules for DoD contractors and subcontractors who do not directly handle sensitive or classified information.
Which? discovered various online banking security issues that could allow fraudsters to pull off successful scams, and noted banks could do more to protect customers from potential fraud.
While roughly half of all businesses are using some type of monitoring tool to detect insider threats, the truth is that none of the most commonly deployed solutions can entirely prevent leaks of sensitive documents.
Agencies published a list of tactics, techniques, and procedures used by Russian APTs and mitigations to protect critical infrastructure networks from state-sponsored attacks.
The REvil ransomware gang has been a point of special focus for international law enforcement and possibly been dealt a fatal blow as Russian authorities have rounded up 14 members residing in the country.
EA introduced new security measures to prevent account takeover attacks after hackers successfully breached high-profile players’ accounts via phishing and social engineering attacks.










