You are here

Home

Cybersecurity

Cyber Resilience – Asset Visibility is Key First Step in Overall Cybersecurity

Understanding all the systems and devices that make up your organization’s network is a critical first step in establishing a cyber risk management strategy. Since you cannot defend or secure what you do not know you have, performing asset inventories to gain network visibility is critical for all organizations large and small. According to Tenable, organizations that have full network visibility “are better positioned to understand where the greatest risks are within their environment and start taking the necessary steps to mitigate risk where it matters most.”

Security Awareness – Half of Firms Report Supply Chain Ransomware Compromise

More than half of companies surveyed worldwide know a partner or vendor that has been impacted by ransomware. Still, few organizations are working to address supply chain vulnerabilities, according to a new report from Trend Micro. To conduct its study, Trend Micro survey around 3000 IT leaders across 26 countries. Among other findings, the report discovered that around 25 percent of all data breaches are due to ransomware.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 8, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

Security Awareness – Brand Impersonation and Social Engineering Still a Favorite Combination for Credential Phishing

Security researchers at Armorblox observed a recent phishing campaign utilizing a very convincing brand impersonation of American Express to fool victims and steal credentials. The phish includes an attachment purporting to be an urgent message informing the recipient that their account will be suspended unless they perform a mandatory account verification.

Security Awareness – Zero-Day Vulnerabilities Are Increasing

The number of zero-day vulnerabilities is increasing and heightening the risk to organizations of a potential compromise. Indeed, according to a report from Mandiant, the amount of zero-days being exploited in the wild in 2021 increased by more than 100 percent compared to the previous year. State-sponsored attackers continue to be the main actor exploiting these vulnerabilities. However, a third of adversaries abusing zero-days were financially motivated cybercriminals. The most frequent zero-day exploits included Microsoft, Apple, and Google products.

Security Awareness – Report Identifies Ransomware Threat Actors Preferred Targets

The cybersecurity firm Barracuda recently published its annual threat research report, which examined ransomware attack patterns to determine the most targeted industries. The report analyzed 106 publicized ransomware attacks between August 2021 and July 2022 and found critical infrastructure and municipalities were among the top five industries targeted, along with the financial, healthcare, and education sectors.

Pages

Subscribe to Cybersecurity