Flagstar Bank suffered a MOVEit data breach via a third-party payment processor and mobile banking services provider, impacting over 800,000 customers in the US.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
A skill-based hiring culture enforces the premise that anyone can become a cyber professional with the right training and techniques. Certification training programs can be tailored to allow non-traditional candidates to align their soft skills with impactful cyber roles.
Cloudflare reports attackers using the HTTP/2 protocol zero-day vulnerability to conduct over 1,100 DDoS attacks at over 10 million requests per second since August, and 184 broke the previous record of 71 million requests. At its peak, 200 million requests per second was observed.
Software supply chain attacks have spiked significantly year-over-year. Sonatype logged over 245,032 malicious packages in open source projects available to public download in 2023, double the number seen from 2019 to 2022. In total, one in eight open source downloads poses a risk.
Israel-Hamas conflict draws in an international coalition of hackers conducting cyber attacks in support of both sides. Report finds that there are about 100 hacker groups that have involved themselves thus far, and that the number skews heavily to Palestine supporters (at 77).
There’s an on-going battle between competing priorities being waged every day in enterprises globally, and it’s been going on for decades. Cyber security teams are concerned with unpatched vulnerabilities and the breaches they risk, while IT professionals are driven by operational availability, the lack of which jeopardizes the business’ ability to operate.
Lyca Mobile said the service disruption caused by the cyber attack “impacted some national and international calling” in all 60 countries in which it operated except for the United States, Australia, Ukraine and Tunisia.
There are geographical safe havens where brands and consumers can shop online in relative peace. Europe and APAC are leading the charge in implementing strict security methods for online buying.
Sony Interactive Entertainment has confirmed a MOVEit data breach that leaked the personal information of current and former employees and their family members.
A credential stuffing attack on biotechnology firm 23andMe has resulted in a data theft incident exposing millions of genetic profiles and personal data records.










