You are here

Home » Cybersecurity

Cybersecurity

Cyber Resilience – Asset Visibility is Key First Step in Overall Cybersecurity

Understanding all the systems and devices that make up your organization’s network is a critical first step in establishing a cyber risk management strategy. Since you cannot defend or secure what you do not know you have, performing asset inventories to gain network visibility is critical for all organizations large and small. According to Tenable, organizations that have full network visibility “are better positioned to understand where the greatest risks are within their environment and start taking the necessary steps to mitigate risk where it matters most.”

Security Awareness – Half of Firms Report Supply Chain Ransomware Compromise

More than half of companies surveyed worldwide know a partner or vendor that has been impacted by ransomware. Still, few organizations are working to address supply chain vulnerabilities, according to a new report from Trend Micro. To conduct its study, Trend Micro survey around 3000 IT leaders across 26 countries. Among other findings, the report discovered that around 25 percent of all data breaches are due to ransomware.

National Insider Threat Awareness Month 2022: Critical Thinking in Digital Spaces

September is National Insider Threat Awareness Month (NITAM), a time dedicated to spreading awareness in government and industry about the risks posed by insider threats and the role of insider threat programs. This year’s theme is “Critical Thinking in Digital Spaces,” which encourages engaging in critical thinking to recognize and avoid falling victim to insider threats.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 8, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

Security Awareness – Brand Impersonation and Social Engineering Still a Favorite Combination for Credential Phishing

Security researchers at Armorblox observed a recent phishing campaign utilizing a very convincing brand impersonation of American Express to fool victims and steal credentials. The phish includes an attachment purporting to be an urgent message informing the recipient that their account will be suspended unless they perform a mandatory account verification.

Security Awareness – Zero-Day Vulnerabilities Are Increasing

The number of zero-day vulnerabilities is increasing and heightening the risk to organizations of a potential compromise. Indeed, according to a report from Mandiant, the amount of zero-days being exploited in the wild in 2021 increased by more than 100 percent compared to the previous year. State-sponsored attackers continue to be the main actor exploiting these vulnerabilities. However, a third of adversaries abusing zero-days were financially motivated cybercriminals. The most frequent zero-day exploits included Microsoft, Apple, and Google products.

Pages

Subscribe to Cybersecurity