CISA has released a new cybersecurity checklist as a primer for an expected uptick in hacking ahead of the 2024 presidential election, composed of just four pages of information that does not pack any surprises.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Unit 29155's actions since 2020 include cyber attacks on a number of federal agencies and critical infrastructure companies in a variety of countries. But the group seems to have switched most of its focus to Ukraine in the weeks prior to the 2022 military invasion.
Major elections are being held around the world, and many with razor thin margins promise to be contentious, emotive and hard-fought. Proponents of particular candidates and parties are using active disinformation campaigns to spread lies, innuendos and misinformation, to promote their candidate and disincentivize their opponent’s supporters from voting.
Further review of the information leaked in the recent Disney data breach has turned up sensitive and detailed financial and business strategy information, according to a new report from the Wall Street Journal.
Car rental company Avis has suffered a data breach impacting nearly 300,000 customers after an unauthorized third party accessed a business application.
The FBI has warned crypto companies of sophisticated social engineering attacks by North Korean hackers targeting employees to install malware leading to crypto theft.
A CEO’s involvement shouldn’t only come as a last resort. CEOs should take a proactive stance to highlight that security is also in the business’s best interest and can be balanced with the overarching goals of the business. With the CEO on board, the spotlight then shifts back to the CISO who must then begin work to create a security-focused organization.
Transport for London (TfL) is responding to a cyber attack that affected its crucial IT systems, disrupting Dial-a-Ride and other services and forcing staff to work from home.
A new strategy report from the White House Office of the National Cyber Director (ONCD) is addressing some established issues with internet routing security. The BGP security plan calls for adoption of the Resource Public Key Infrastructure (RPKI).
Off-airport parking operator Park ‘N Fly has experienced a data breach that impacted a million customers after a threat actor compromised the company’s virtual private network.










