Data Breaches

Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation

Ransomware was again the top attack type in 2021, with manufacturing replacing financial services as the top industry in a Brooks Jon Hocut, director of information security for Brooks ssailants’ crosshairs—representing 23.2% of the global attacks remediated last year by IBM Security’s X-Force, according to the company’s Threat Intelligence Index 2022 report. With news like this, it is not surprising that “ransomware is the threat that keeps me up the most at night,” says Jon…

Read More

Ransomware attack knocks Rackspace’s Exchange servers offline

Cloud services and hosting provider Rackspace Technology acknowledged Tuesday that a recent incident that took most of its Hosted Exchange email server business offline was the product of a ransomware attack. The company shut the service down last Friday. It was not, initially, clear what had caused the outage, but Rackspace quickly moved to shift Exchange customers over to Microsoft 365, as this part of the company’s infrastructure was apparently unaffected. Rackpsace offers migration to…

Read More

Flaws in MegaRAC baseband management firmware impact many server brands

Researchers have found three vulnerabilities in AMI MegaRAC, a baseband management controller (BMC) firmware used by multiple server manufacturers. If exploited, the flaws could allow attackers to remotely control servers, deploy malware and firmware implants, or trigger damaging actions that leave them inoperable. BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are…

Read More

Action1 launches threat actor filtering to block remote management platform abuse

Action1 has announced new AI-based threat actor filtering to detect and block abuse of its remote management platform. The cloud-native patch management, remote access, and remote monitoring and management (RMM) firm stated its platform has been upgraded to spot abnormal user behavior and automatically block threat actors to prevent attackers exploiting its tool to carry out malicious activity. The release comes amid a trend of hackers misusing legitimate systems management platforms to deploy ransomware or…

Read More

The global state of the cyber security industry 2022

Introduction to cyber security in 2022 Cyber security is central to operational success Cyber security practitioners entered 2022 under the shadow of the Log4Shell vulnerability. The vulnerability sent shockwaves throughout the cyber security world and has continued to be used by threat actors. Just months into 2022, statements from government organizations such as the Cybersecurity and Infrastructure Security Agency (CISA) in the US and the UK’s National Cyber Security Centre (NCSC) called on organizations, especially…

Read More

What you should know when considering cyber insurance in 2023

As the frequency and severity of ransomware, phishing, and denial of service attacks has increased, so has demand for cyber insurance. About $6.5 billion in direct written premiums were recorded in 2021, a 61% increase over the prior year, according to an October 2022 memorandum from the National Association of Insurance Commissioners. “Some companies see it as essential to their risk management strategy,” says Heather Engel, managing partner at advisory firm Strategic Cyber Partners. However, experts say…

Read More

The cybersecurity challenges and opportunities of digital twins

Digital twins are a digital representation of objects, structures or systems that give organizations greater insight into the life cycle of these objects, but this same level of insight and control can also open doors for malicious attackers. Digital twins can be created for any physical infrastructure that includes individual components of an engine, turbine and other equipment, or entire factories, and data centers. “What makes a digital twin different from just your normal model…

Read More

The changing role of the MITRE ATT@CK framework

Since its creation in 2013, the MITRE ATT&CK framework has been of interest to security operations professionals. In the early years, the security operations center (SOC) team used MITRE as a reference architecture, comparing alerts and threat intelligence nuggets with the taxonomy’s breakdown of adversary tactics and techniques. Based on ESG research, MITRE ATT&CK usage has reached an inflection point. Security teams not only recognize its value as a security operations foundation but also want…

Read More

Palo Alto Networks looks to shore up healthcare IoT security

Palo Alto Networks today rolled out a new Medical IoT Security offering, designed to provide improved visibility, automated monitoring, and more for hitherto vulnerable healthcare IoT frameworks, thanks to machine learning and adherence to zero-trust principles. Medical device security is a serious problem for most organizations in healthcare, with a long string of reported vulnerabilities in the area stretching back for years. Fundamentally, experts agree, a large part of the problem is that many connected…

Read More

FCC’s proposal to strengthen emergency alert security might not go far enough

In October, the US Federal Communications Commission (FCC) launched a notice of proposed rulemaking (NPRM) to strengthen the security of the nation’s emergency alert system (EAS) and wireless emergency alerts (WEA). These systems warn the public about emergencies through alerts on their televisions, radios, and wireless phones via AM, FM, satellite radio, broadcast, cable, and satellite TV. Although EAS Participants are required to broadcast presidential alerts, they voluntarily participate in broadcasting state and local EAS…

Read More