- More attacks aimed at exploiting unpatched year-old vulnerabilities
- An increase in stealth/covert execution tactics
- APT-hackers-for-hire becoming the new norm
Cloud breaches continue to riddle organizations’ threat landscape, with misconfigured cloud storage services and poor security practices leading to more than 200 breaches in the past two years, according to the latest Accurics report.
A new report published by KnowBe4 delves into the top security challenges and issues that IT professionals and UK-based organizations face, including attack types, security initiatives and organizational limits.
With 2020 just weeks away, here at Bitdefender we wanted to share our forecast for the year to come. That said, here are our top predictions for the cybersecurity space in 2020 and what we should be looking out for.
WannaCry is still fresh in our memory, reminding organizations of how distractive an unpatched vulnerability can be especially if weaponized as a wormable threat that delivers ransomware. BlueKeep has been estimated to have the same disruptive potential as EternalBlue (the exploit responsible for WannaCry) if sporting worm-like behavior, especially since RDP is a commonly used service in organizations, allowing IT and security teams to remotely dial into machines.
Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc without ever making a full-blown appearance.
After 40 percent of UK businesses reported data breaches or security incidents in the past year, the government wants to completely “design out” complex cyber risks and attacks. To achieve this and strengthen national infrastructure and consumer security, officials plan to issue an impressive challenge to enterprises across the UK.
/may%202018/guy_with_servers.jpg)
The popularity of container technology has grown fast in software engineering, but 60 percent of organizations suffered at least one container-related security incident in 2018, mostly caused by the advancement of DevOps teams, according to Tripwire’s State of Container Security Report. 71 percent anticipate an increase in container security incidents in 2019, most likely raising the costs of hybrid cloud security.
Key infrastructures are in the crossfire of cyberwarfare. Growing threats and sophisticated nation-state attacks backed by North Korea, China and Russia jeopardize public safety and national security. Which one is the bigger threat?
The lack of political leadership to face targeted attacks is contributing to the poor job the UK is doing on its national security strategy, says a UK government report discussing the cyber security of the nation’s critical national infrastructure.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
