Palo Alto Networks identified a Chinese cyber espionage campaign targeting 370 critical infrastructure, education, healthcare, and technology organizations through vulnerable Zoho servers.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
A blast of thousands of fake emails from the FBI named security professional Vinny Troia as a criminal. Troia believes the perpetrator is affiliated with several different criminal groups and also running a “white hat” security firm in Canada.
Costco sent a data breach notification to its customers after discovering a credit card skimmer at one of its stores. Several customers complained of unauthorized transactions.
Integrated, confidential health screening is one of the top priorities, combined with touchless entry. Intercom access control can also help facilitate social distancing and remote access management. Leading intercom systems suppliers are gearing up for the New Normal.
A new ransomware reporting bill introduced to the House of Representatives proposes putting new requirements on financial institutions, some of which are likely to be controversial. Any payment of over $100,000 would require the victim to first obtain special permission from the US Treasury.
Fraudsters are continuously looking for security loopholes to compromise data. Learn more about International Fraud Awareness week and what you can do to protect your business’s sensitive data using tokenization.
APAC organizations are 80% more likely than the global average to be the target of a cyber-attack. How do organizations achieve cyber resilience as ransomware attacks shift to RansomOps?
Traditional form of security awareness training rarely achieves what it’s set out to do. Instead, valuable time is taken out of employees’ days to complete training that positions them as the problem, thereby reinforcing a negative stigma and undermining the entire process.
After its infrastructure went offline in October, there was widespread speculation that the REvil ransomware group was done for good. The likelihood of that increased with last week's apprehension of affiliates along with the seizure of $6.1 million.
Since ransomware attacks have evolved from a ‘spray and pray’ tactic to a meticulously planned event, businesses need to be better prepared. What is the missing link that can nudge a novice business towards becoming a cybersecurity grandmaster with foresight and adequate visibility across security vulnerabilities?










