You are here

Home » Cybersecurity

Cybersecurity

Verizon’s 2023 Data Breach Investigations Report (2023 DBIR)

Verizon just released its 2023 Verizon Data Breach Investigations Report, the 16th edition of this widely anticipated report catalogs and analyzes the past year’s trends in cyber crime. The report provides deep insight exploring the most common, most dangerous, and fastest-growing attack trends wielded against organizations worldwide. One of the most important findings is that the median cost per ransomware incident more than doubled over the past two years.

Security Awareness – Threat Actor’s Use of RomCom Backdoor Highlights a Growing Shift in Cyber Criminals’ Goals

New evidence indicates the threat actor associated with the RomCom backdoor is not only motivated by financial gain but is increasingly targeting entities likely for geopolitical purposes. Security researchers at Trend Micro assess that the use of the RomCom backdoor in recent attacks, including on water and energy utilities, suggests the threat actor’s motives have changed since October 2022.

Ransomware Awareness – Ransomware Actors Overwhelmingly Target Backups First Once Inside Compromised Network

Veeam has released its 2023 Ransomware Trends Report which, among its many findings, states that in 93 percent of attacks, threat actors target an organization’s backup files. This targeting is generally successful, disrupting the victim’s ability to recover 75 percent of the time. These results underline the critical importance of robust backup procedures in mitigating ransomware due to the importance attackers place on negating them.

Security Awareness – Password Protected Files Becoming Increasingly Popular Method to Bypass Traditional Email Security

Infosecurity Magazine has written an article discussing threat actors increasing use of password-protected files as an attack vector, while also providing methods to mitigate against this threat activity. This technique has become an increasingly popular way of delivering malware, as it allows threat actors to utilize filesharing channels beyond email, such as SMS, workplace collaboration tools, or social media messaging, to drop payloads.

Canadian Centre for Cyber Security – Preparedness, Resilience, and Security Awareness Resources - (Updated June 1, 2023)

The Canadian Centre for Cyber Security (CCCS) continues to publish cybersecurity guidance documents that offer practical cyber hygiene best practices and enterprise preparedness and resilience resources. WaterISAC is sharing these resources to assist network defenders and help strengthen their cybersecurity posture. Members are encouraged to reference CCCS for on-going guidance publications and updates.

June 1, 2023

Threat Awareness – Phishing Attack Employs Encrypted File Attachments to Steal Microsoft Account Credentials

Threat actors have recently been observed utilizing encrypted attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways, according to security researchers at Trustwave.

Security Awareness – File Extensions as Top-Level Domains Could Cause Confusion and may Become Potential Exploitation Vector

Researchers at Trend Micro posted a blog analyzing security risks emanating from recent activity by Google which created Top-Level Domains (TLDs) that are mostly known for being well-known file extensions. There has been some debate among the security community on whether concerns over this action are warranted. Nonetheless, members are encouraged to share this development with users who might be quick to click.  

Pages

Subscribe to Cybersecurity