Apr 21st saw much anticipated release of the MITRE ATT&CK® Evaluation framework. With many vendors claiming success in MITRE ATT&CK latest Evaluation results, it may be difficult to read between the noise and discover which solution makes most sense for your organization.
All about Virtualization and Cloud Security | Recent Articles:
23% of infosec professionals say that cybersecurity incidents experienced by their organization have increased since transitioning to remote work. At the same time, almost half say they have been taken off some or all of their typical security duties to assist with other IT-related tasks.
Cyber Resilience - Safeguarding Your Digital Transformation with Detection and Response
The economics behind the current COVID-19 pandemic creates gateways for possible cybersecurity intrusions, and consumers and small business owners (SMB) are among the most affected, according to a survey from IBM Security and Morning Consult.
There has been a steady rise in COVID-19 scams and attacks since the novel coronavirus pandemic went global in February. Traditional cybercriminals, as well as APT groups, have been exploiting the situation and will likely continue until COVID-19 is no longer a front-page news item. The attack techniques look familiar: phishing, vishing, malicious apps, malicious domains, and crafty SEO techniques, along with social engineering techniques designed to entice people to click on links or attachments to install malware or steal login credentials.
A critical vulnerability has been patched in the Microsoft Teams work collaboration platform after security researchers discovered a way in which hackers could compromise accounts and steal data with something as seemingly harmless as an animated .GIF image.
Amid the turmoil and confusion surrounding the COVID-19 pandemic, companies were forced to hastily implement solutions that could allow employees to shift to telework overnight, creating extensive opportunities for bad actors and insider threats to flourish.
Ransomware attacks are more common than previously thought in the small and medium business (SMB) community, with 46% of SMBs reporting falling victim to the data-crippling malware. 73% of those targeted have actually paid a ransom, new research shows.
Companies with an online presence are directly affected by bad bot traffic, forcing them to divert essential resources to deal with a problem that’s becoming increasingly larger. Just in 2019, 24.1% of the entire Internet traffic came from bad bot traffic.
According to the Protenus Breach Barometer report, there’s been a steady increase in healthcare related data breaches over recent years. Last year, there were 572 healthcare data breaches within U.S.-based healthcare industry. That’s up from 450 in 2016. When it comes to patient records leaked, they rose as well, reaching 41 million in 2019 from 15 million in 2018. According to the report, at least since 2016, there has been one healthcare data breach reported a day.
As the coronavirus pandemic forces enterprises to reshape their strategies, remote is slowly becoming the new normal. Platforms once united under a single firewall have now turned into scattered endpoints, and coherent threat defenses have to cover more ground than ever. While security experts struggle to keep threats at bay, one thing is becoming clear: your data is not safe anymore!
The new business realities created by the coronavirus pandemic include unprecedented numbers of people working from home or from other remote locations.
Enterprise endpoints (laptops, workstations, servers, mailboxes, etc.) have historically been a primary vector of cyberattacks that led to major security incidents and breaches. The latest Verizon Data Breach Investigations Report testifies that user devices were involved in 30% and servers – in 63% of data breaches. Ponemon Institute’s 2020 “Study on the State of Endpoint Security Risk” covering 671 IT security professionals reports that 68% of organizations suffered “an endpoint attack that compromised data assets and/or IT infrastructure in the last 2 years.”
As bad actors ramp up phishing campaigns against remote workers, Chief Information Officers (CIOs) across the globe are finding that their employees are using previously undiscovered computing devices daily or weekly.
If you think the COVID-19 epidemic means a respite from cyberattacks against companies, you’d be wrong. If anything, the situation is worse, as organizations divert resources to other parts of the business, leaving their infrastructure exposed. And the proof of that is the flurry of attacks against hospitals.
In a bid to stem the spread of COVID-19 and protect their business, companies are making a major shift to remote work. But their increased reliance on cloud applications is prompting deep concern among many IT and cloud professionals about the security of their environments.
Most enterprises believe embracing the public cloud is critical to innovation, but few are equipped to operate in the cloud securely, according to a new report.
A lot of organizations rely heavily on their security operations centers (SOCs) to maintain a strong cyber security posture. But just how effective are these centralized units that are designed to deal with security issues on an organizational level?
Business owners are concerned that remote working will lead to more cyberattacks. Ironically, though, nearly 40% of small business owners feel that economic uncertainty will prevent them from making necessary cybersecurity investments to prevent the very cyber incidents they fear.
The COVID-19 epidemic has sent the world into a frenzy. With so many companies choosing to send their employees to work from home, the job of the security department has become all the more important.
A new report out from CyberEdge Group showed that ransomware attacks broke the record books again last year as criminals were carried to more profitable highs by two new prevailing trends. The first trend is that ransom payers are more successfully recovering their data, which leads to the second trend, namely that more organizations are paying off the ransoms when they're attacked.
- Managed detection and response services vary widely so carefully evaluate competencies against your needs
- MDR delivery and execution success depends on the service provider’s people, processes, and technology
- Effective response requires game-planning pre-approved actions and escalations for foreseeable events
Business Email Compromise (BEC) scams are on the rise and have already generated actual losses totaling $2.1 billion in the past five years. Now, the FBI has issued yet another warning regarding the impersonation of a couple of popular cloud-based email services used in BEC scams.
It's only been a couple weeks since our team at Business Insights predicted that healthcare organizations would still be targeted by cybercriminals amid the COVID-19 outbreak. The prognostications are proving sadly accurate. Pandemic or no, healthcare cyberattacks keep coming—in spite of some cybercriminals' promises to the contrary.
Studies focused on cybersecurity as a profession find each year that skills in the area are rare, and expensive at that. This year is no different. While IT leaders are starting to take steps to mitigate this issue, organizations worldwide remain at risk for doing too little, too late.
As more and more ransomware victims recover their data by paying up, the extortion payments made to ruthless cybercrooks are motivating the ransomware industry, new research suggests.
In September 2016, the United States internet infrastructure took a heavy blow that left many of the Fortune 500 businesses in digital darkness. The attack, initially pinned on a hostile nation-state, was in fact the work of teenagers wielding a botnet of about 100,000 IoT devices.
- EternalDarkness or SMBGhost is the latest vulnerability affecting the Microsoft SMB protocol which was first reported in March 2020
- This is high-severity threat because SMB vulnerabilities very-often are quickly adopted by “wormified” malicious attacks. As-of publishing of this post, PoCs exist for DoS and local privilege escalation
- Bitdefender Hypervisor Introspection stops the local privilege escalation 0-day attack without any additional configurations or updates. See the Demo below.
Enterprise governance, risk, and compliance programs are designed, in important part, to ensure that companies stay on track and manage risk and uncertainty. Many organizations, due to the COVID-19 pandemic, are now finding whether their risk management and cybersecurity plans will work as intended.
Last Monday, Microsoft published a security advisory detailing a new font-parsing remote code-execution vulnerability targeting Windows 7 devices.
While the COVID-19 is confining workers to home and keeping offices empty, cybercriminals and other bad actors have no compulsion in continuing their DDoS attacks. The only difference appears to be in the scale of attacks, which are slowly moving from large to small targets. On top of that, an increase in attacks aimed at VPN providers is expected.