Data Breaches

How to survive below the cybersecurity poverty line

The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy Nather in 2011, and the concept is just as relevant today as it was then (if not more so). It has widely become the benchmark for acceptable cybersecurity, often associated with factors such as company…

Read More

Economic headwinds could deepen the cybersecurity skills shortage

According to the most recent research report from ESG and the Information System Security Association International (ISSA), 57% of organizations claim that they’ve been impacted by the global cybersecurity skills shortage, while 44% of organizations believe the skills shortage has gotten worse over the past few years. The result? Increasing workloads on existing cybersecurity staff, job requisitions open for weeks or months, and high burnout rates and attrition for cybersecurity professionals. (ESG and ISSA will update…

Read More

Hackers abuse legitimate remote monitoring and management tools in attacks

Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization’s network and systems might not raise suspicion. Researchers from Cisco Talos reported this week that one particular commercial RMM tool called Syncro was observed in a…

Read More

FBI takes down Hive ransomware group in an undercover operation

The US Department of Justice (DOJ) along with international partners have taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive’s computer networks, capturing its decryption keys, and offering them to victims worldwide, preventing victims from having to pay the $130 million in ransom demanded, DOJ said in a release on Thursday.  “Last night, the Justice Department dismantled an international ransomware network responsible for extorting and…

Read More

IOTW: Hackers steal the data of 37 million T-Mobile customers

T-Mobile, the Deutsche Telekom-owned mobile communications brand, has suffered a data breach that exposed the records of 37 million customers. The breach was first discovered by T-Mobile on January 5 after the company noticed “unusual activity” on its American networks and was then reported to the general public on January 19. The company said that it believed the hacker had gained access to customer information “using a single Application Programming Interface (or API)”. T-Mobile said…

Read More

Recent legal developments bode well for security researchers, but challenges remain

Despite the hoodie-wearing bad guy image, most hackers are bona fide security researchers protecting users by probing and testing the security configurations of digital networks and assets. Yet the law has often failed to distinguish between malicious hackers and good-faith security researchers. This failure to distinguish between the two hacker camps has, however, improved over the past two years, according to Harley Geiger, an attorney with Venable LLP, who serves as counsel in the Privacy…

Read More

9 API security tools on the frontlines of cybersecurity

Application programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile computing, neither of which could probably exist in its current form without APIs holding everything together or managing much of backend functionality. Because of their reliability and simplicity, APIs have become ubiquitous across the computing landscape. Most organizations probably don’t even know how many APIs…

Read More

Experian Glitch Exposing Credit Files Lasted 47 Days

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month. This week, however, Experian acknowledged that the security failure persisted for nearly seven weeks, between…

Read More

Attackers move away from Office macros to LNK files for malware delivery

For years attackers have used Office documents with malicious macros as one of the primary methods of infecting computers with malware. Microsoft finally took steps to disable such scripts by default in documents downloaded from the internet, forcing many groups to change tactics and increasingly choose LNK (shortcut) files as a delivery mechanism. This trend has led to the creation of paid tools and services dedicated to building malicious LNK files. Some of these builders…

Read More

Top tips for employee cyber security training

In this article, Cyber Security Hub explores the best ways to educate employees on email-based cyber attacks and how to ensure they follow cyber security safety practices.  When surveyed by Cyber Security Hub for its Mid-Year Market report 2022, three in four cyber security experts said email-based threat vectors social engineering and phishing attacks were ‘the most dangerous threat’ to cyber security.  One of the reasons why these threats are so dangerous is because of…

Read More