From Chinese cyberspies breaching US telecoms to ruthless ransomware gangs disrupting health care for millions of people, 2024 saw some of the worst hacks, breaches, and data leaks ever.

About 75% of healthcare sector entities that suffered a ransomware attack over the past year were targeted on a weekend or holiday, highlighting the need for organizations to bolster their staffing and related strategies during these vulnerable times, said Jeff Wichman, director of incident response at security firm Semperis. "In reality we should be staffing up, because if the attackers know for a fact that on weekends we, as us citizens, take time off. Organizations should be staffing up into the holiday season. Not down," he said.

The cybersecurity sector is going through a transformative period, with industry professionals in a constant cat-and-mouse race against cybercriminals’ evolving tactics and use of innovative AI tools. Throughout 2024, Infosecurity spoke to numerous cybersecurity leaders to hear their perspectives on what they consider to be the biggest successes they think the cybersecurity industry is experiencing today.

Donald Trump helped create the US government’s cybersecurity agency during his first term as president. Six years later, employees of that agency are afraid of what he’ll do with it once he retakes office.

Companies are rethinking their cloud strategies, seeking a balance between cloud use and on-premises infrastructure. Many organizations have found long-term cloud costs higher than expected, prompting a shift towards hybrid or on-premises solutions — the “Cloud Exit.” Cloud exit allows businesses to regain control, reduce dependence on major cloud providers, and lower costs. Security vulnerabilities and performance issues, such as outages, fuel concerns over excessive reliance on cloud services.

Apple has urged customers to apply emergency security updates, which fixes two actively exploited vulnerabilities on its devices.

More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany—and the Pentagon is powerless to stop it. “Nearly every weekday morning, a device leaves a two-story home near Wiesbaden, Germany, and makes a 15-minute commute along a major autobahn. By around 7 am, it arrives at Lucius D. Clay Kaserne—the US Army’s European headquarters and a key hub for US intelligence operations…Whoever they are, the device they’re carrying with them everywhere is putting US national security at risk….”

As organizations rush to embrace artificial intelligence (AI), many are overlooking a crucial element that could make or break their AI initiatives: effective information management. In this post, I'll explore why information lifecycle management is not just important, but essential for successful and ethical AI implementation.

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.

According to experts, data centers may run out of power in the next two years. The prediction may cause execs to reconsider how they are investing in and managing their digital infrastructure. This BlogBytes article will examine the ‘power’ concern and give some insight on how to protect your data assets with help from LTO technology.

As we’ve made our way through 2024, it’s helpful to consider the events of the past couple years and developing trends in the cybersecurity industry. After receiving input from industry experts and doing analysis of the year’s driving forces, Chad Kime has derived five major cybersecurity trends. We need to consider how each of these trends may affect our organizations and allocate our budgets and resources accordingly.

A growing number of US small businesses are taking preventative security measures, despite the share suffering a data or security breach surging to 81% last year, according to the Identity Theft Resource Center (ITRC).

The number of ransomware payments being made in 2024 (16.3%) more than doubled on the previous year (6.9%), according to new research from cybersecurity provider Hornetsecurity. Data loss has also increased dramatically, from 17.2% in 2023 to 30.2% in 2024. Alarmingly, 5% of organizations reported a complete loss of all affected data.

These trends come as data recovery rates have hit a new low. The increasing sophistication of cyber-attacks has meant that the data recovery rate for businesses hit by ransomware has dropped from 87.4% in 2021 to just 66.3% this year.

The top cyber defense agency in the United States is opening up an election operations war room to provide frontline support across the country and help combat potential threats in the final days of the 2024 presidential election. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said Wednesday her agency is establishing the temporary office to coordinate with local election officials and surge resources wherever needed leading up to Election Day.

Global threat actors have been ramping up attacks on government targets, with a triple-digit annual increase in malware-driven attempts to compromise victims in the first three months of the year, according to SonicWall. The security vendor’s analysis is based on attacks it blocked for customers. Alongside the 236% year-on-year (YoY) increase in Q1 2024, it recorded a 27% annual increase in government attacks in the month leading up to the US election.

No one disputes that this particularly heinous brand of cybercrime is a scourge across societies. But eliminating the problem, or even putting a dent in it, has proven to be a huge challenge that, so far, has seemingly evaded everyone. As soon as law enforcement disrupts one menace, three or four new ransomware groups spring up in its place because it's still a very lucrative business. Last year alone, the FBI received 2,825 reports of ransomware infections accounting for more than $59.6 million in losses. One solution suggested by White House cyber boss Anne Neuberger involves eliminating insurance reimbursements for extortion payments.

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies.

Secure mail provider Proton teamed up with Constella Intelligence to search on the dark web for over 16,000 publicly available email addresses associated with congressional staff. It found that 3191 staff had their emails leaked to the dark web after third-party data breaches, with 1848 of these listed alongside plaintext passwords. A larger number (2975) had passwords exposed, although they weren’t stored in plaintext for all to see.

Secure communications in an age of network insecurity has focused mostly on encryption and fears of surveillance tracking. But as this week revealed to the dismay of terrorists and criminals alike, no OpSec measure is bulletproof to the effects of a corrupted supply chain.

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies.

Small and medium-sized businesses (SMBs) face significant challenges when it comes to implementing an effective and robust cybersecurity framework. These mostly come down to resources. Without the cash, revenues, and staffing levels that large corporations enjoy, the decision to make significant investments in security may require cutbacks in investments that directly support ongoing operations and growth. On the other hand, SMBs are typically far more agile, flexible, and capable of rapid innovation and change than larger organizations. This means that once they design a cybersecurity framework that fits their needs—and doesn’t demand excessive resources—they can then implement it very quickly.

The three companies behind the LTO Consortium recently released the latest annual report on magnetic tape technology shipments, which set a new storage capacity record in 2023. the LTO members-- Hewlett Packard Enterprise, IBM, and Quantum Corporation – jointly stated jointly said that tape media shipped to market have now reached 152.9 exabytes of total (compressed) capacity, with 1 exabyte being equal to 1 million terabytes or 1 billion gigabytes.

If there was ever a technology buzzword that drove more intrigue, polarization, and old-fashioned coattail riders than the phrase "generative AI," I haven't heard it yet. It's everywhere. But more importantly for defenders, generative artificial intelligence (GenAI) is now a friend of the enterprise, which of course also means it's quickly becoming a sidekick for attackers looking to advance their course across hybrid environments. So, for defenders, does that mean the only way to fight AI is with AI?

The FBI had a loose hard disk disposal problem that auditors say put classified information at risk. U.S. Department of Justice auditors in Wednesday report said an in-person review of the facility the FBI uses to destroy old hard drives uncovered problems including lax physical security and cardboard boxes filled with unlabeled hard drives.

Almost a third (31%) of global organizations suffered a breach of data in their SaaS applications last year, as they struggled to gain visibility and control over their cloud environment, according to AppOmni. The security vendor polled 644 enterprises with 2500+ employees in six countries – the US, the UK, France, Germany, Japan and Australia – to compile its State of SaaS Security 2024 Report. The five percentage-point increase in the share of breached respondents this year could be explained by several contributing factors highlighted in the study.

Ransomware payments in 2024 are on track to once again hit a record total value, even as fewer victims are choosing to pay attackers, Chainalysis found in its 2024 Crypto Crime Mid-year Update published last week. The blockchain intelligence firm revealed in a report published earlier this year that total ransomware payments exceeded $1 billion globally for the first time in 2023, and its mid-year report published Thursday indicated 2024 is also on track to hit, or even exceed, last year’s numbers.

Pulitzer Prize-winning business journalist Byron V. Acohido: “I recently learned all about the state-of-the art of phishing attacks – the hard way. An email arrived from the head of a PR firm whom I’ve known for 20 years asking me to click on a link to check out a proposal. Foolishly, I did so all too quickly. Within a few minutes, many of my contacts, and even strangers, were receiving a similar malicious email from me…

In the early hours of Friday, companies in Australia running Microsoft’s Windows operating system started reporting devices showing Blue Screens of Death (BSODs). Shortly after, reports of disruptions started flooding in from around the world, including from the UK, India, Germany, the Netherlands, and the US: TV station Sky News went offline, and US airlines United, Delta, and American Airlines issued a “global ground stop” on all flights.

Within a day of the global outage linked to a CrowdStrike faulty software update that leaves Windows systems displaying the dreaded "blue screen of death," cybercriminals launched deceptive websites with domain names that include keywords such as "CrowdStrike" and "blue screen." Hackers are hoping to attract unsuspecting users searching for IT fixes for the outage, according to CISA, other government agencies and security researchers.

By: Priscilla Emery on July 23rd, 2024: I want to share my thoughts on the ongoing debate within the information management industry about how to effectively sell the value of investing in information management. Some argue that the focus should be on business outcomes and solving the problems that keep decision-makers up at night, while others emphasize the importance of compliance and risk mitigation.

The number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months, according to the Identity Theft Resource Center (ITRC). The non-profit compiled the figures for its H1 2024 Data Breach Analysis from publicly reported breaches in the US. It claimed the Q2 increase in victim numbers was due to the impact of a small number of large breaches, and impacted organizations like Prudential Financial and Infosys McCamish System revising victim counts up from tens of thousands to millions of customers.

The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger the vulnerability to launch phishing attacks. The researchers demonstrated the bug exploitation to TechCrunch, Kokorin told TechCrunch that he reported the bug to Microsoft, but the company replied that it couldn’t reproduce his findings. Then Kokorin disclosed the flaw on X. The researcher explained that the vulnerability works when an attacker sends an email to Outlook accounts.

More than nine in 10 (92%) organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023, according to a new report by Barracuda. Scamming and phishing continued to make up the vast majority (86%) of social engineering attacks last year. There were some notable trends in how attackers are targeting users via social engineering techniques:

Using multifactor authentication wherever possible remains a must-have security defense, not least because it makes network penetration more time-consuming and difficult for attackers to achieve. Even so, MFA isn't foolproof, and attackers have been refining their tactics for bypassing or defeating the security control to gain remote access to a victim's network. Cisco Talos in a Tuesday blog post said that during the first quarter of this year, nearly half of all security incidents it helped investigate involved MFA. Specifically, 21% of the attacks it probed involved improperly implemented MFA, and 25% involved push-based attacks, in which attackers attempt to trick users into accepting a push notification sent to their MFA-enabled device.

The US government has banned cybersecurity provider Kaspersky from selling its products in the country because of the company’s alleged links to the Russian regime. On June 20, 2024, the US Department of Commerce’s Bureau of Industry and Security (BIS) issued a Final Determination prohibiting Kaspersky Lab, Inc., the US subsidiary of the Russian cybersecurity firm, from providing any products or services in the US. Kaspersky Lab, Inc., its affiliates, subsidiaries and resellers, will no longer be able to sell Kaspersky’s software within the US or provide updates to software already in use. The BIS has set a deadline of September 29, 2024, giving US consumers and businesses time to switch to alternative cybersecurity solutions. Commerce Secretary Gina Raimondo added that the US must act against Russia’s "capacity and intent to collect and weaponize the personal information of Americans.”

Cybersecurity is difficult for small businesses, but there is help and support so that even the smallest organization can stay on top of essential security. Being a smaller organization has many benefits and challenges at the best of times. It can often be a tricky issue from a cybersecurity perspective. On one hand you’re probably too small to have a dedicated cyber function – it may well even be a stretch to afford a full-time IT manager. Yet on the other side of the coin, in everything but the smallest company the potential impact of a cyber-attack can be devastating in terms of financial or reputational damage, or even job losses if things go really bad.

Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info. Online storage service Dropbox is warning customers of a data breach by a threat actor that accessed customer credentials and authentication data of one of its cloud-based services. The breach occurred when an unauthorized user gained access to the Dropbox Sign (formerly HelloSign) production environment, something administrators became aware of on April 24, according to a blog post published on May 1. Dropbox Sign is an online service for signing and storing contracts, nondisclosure agreements, tax forms, and other documents using legally binding e-signatures.

A US-led law enforcement operation has successfully disrupted the 911 S5 botnet, believed to be the world’s largest ever botnet. The 911 S5 botnet is a global network of millions of compromised residential Windows computers used to facilitate cyber-attacks, large scale fraud, child exploitation and other serious criminal activity. The network of devices was associated with more than 19 million unique IP addresses, including 613,841 IP addresses located in the US. Cybercriminals were allowed to purchase access to these infected IP addresses to conduct various criminal activities. The US Department of Justice (DoJ) also announced the arrest of a Chinese national, YunHe Wang, 35, on charges relating to the creation and operation of 911 S5.

Trellix research exposes the dangers of fake antivirus websites disguised as legitimate security software but harbouring malware. Learn how to identify these scams and protect yourself from threats like identity theft and ransomware attacks.

A new study by CyberSN warns that the overall number of cybersecurity job postings in the US decreased by 22% from 2022 to 2023. The cyber job platform provider added that this decline is alarming and could impact national security, as some of these roles are essential for maintaining organizational and national cyber defenses.

Strong passwords—those that are long, random, and unique—are essential to your personal cybersecurity, especially as advancements in computer processing speed and power continually make it easier for threat actors to crack passwords that do not meet these requirements. However, it is not practical for a person to remember all of their passwords. Password managers were created to solve this problem, helping you to formulate strong passwords and “remember” them.

The absence of competent security operations staff at small and medium-sized businesses (SMBs) is the reason behind the surge in cyber attacks against them, a report has revealed. Findings of the report by cybersecurity firm, Sophos, revealed that nearly 50 per cent of malware detections for SMBs were keyloggers, spyware, and stealers, malware that attackers use to steal data and credentials.

Magnetic tape was first used to record computer data way back in 1951. If you see the tape decks that feature in ‘computers’ in vintage movies, it’s hard to believe the medium is still around… let alone at the cutting edge of data storage. In fact, magnetic tape is thriving with strong sales of LTO Ultrium, the current de facto standard.

Employee fraud grew significantly last year thanks to the opportunities afforded by remote working and the pressures of a cost-of-living crisis in the UK, according to Cifas. The anti-fraud non-profit claimed that the number of individuals recorded in its cross-sector Insider Threat Database (ITD) increased 14% year-on-year (YoY) in 2023, with the most common reason being “dishonest action to obtain benefit by theft or deception” (49%).

The biggest challenge to spotting a threat is knowing what to look for. The greatest challenge for most organizations who are trying to identify insider threats, is visibility into employee behavior and actions. Without it, you lack context to understand whether activity is beneficial or harmful to the organization. This ebook provides guidance around the steps necessary to spot insider threats both proactively and reactively, including how to : Define insider risk, Monitor leading indicators and Look for active indicators.

The U.S. National Institute of Standards and Technology (NIST) has long been a useful source of resources to help cybersecurity teams evaluate needs, plan investments, and implement best practices. In 2013 it published the NIST Cybersecurity Framework (CSF) as the primary repository for guidance on establishing effective cybersecurity practices. Now comes the news that the updating process is complete and CSF 2.0 has been officially published. So, let’s have a look at what’s changed and how those changes may affect your efforts to understand, implement, and maintain cybersecurity best practices.

Just 3% of organizations are resilient against modern cybersecurity threats, according to Cisco’s 2024 Cybersecurity Readiness Index. This represented a significant decline in the proportion of global organizations that had a ‘mature’ level of readiness compared to last year, when 15% were ranked mature.

Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database.

World Backup Day is an annual reminder of how important it is to have an up-to-date, readily accessible copy of everything that matters to your business. Resilient backups allow you to recover more quickly from data damage, disruption, or loss, particularly if a ransomware attack has resulted in encrypted or deleted files. These are well-known and widely reported benefits of backups — but there’s more. Immutable data backups can also protect you from the underrated threats of data tampering and malicious insiders, unpredictable activities that can significantly damage brand trust and reputation if they’re not addressed.

Microsoft Copilot is a state-of-the-art generative AI tool integrated into Microsoft 365, designed to assist users in content creation. It operates by harnessing a wide array of data sources, including emails, documents, and calendar meetings, as input for generating text-based content. Copilot‘s reliance on various data sources introduces the risk of generating content based on sensitive data, passwords, or personally identifiable information (PII). For example, imagine Copilot inadvertently generating an email that includes sensitive customer information, such as credit card details, without proper review, posing a risk of unintentional data exposure. In scenarios where companies serve multiple clients, Copilot might negligently generate content that contains or is based on data from one client while preparing content for another.

If you’ve used ChatGPT, you know how powerful and helpful it can be. For the security conscious enterprise, however, there are some red flags. Large corporations like JP Morgan Chase and Verizon are blocking employees from accessing the popular AI chatbot. Even Microsoft, one of Open AI’s largest investors, temporarily restricted access to ChatGPT recently. This is interesting news, especially considering Microsoft is rolling out its own AI chatbot for the enterprise called Copilot. It’s already available for Windows users, with enterprise rollouts not far behind. Like ChatGPT, Copilot can be a wonderful tool, but it introduces some notable risks for the enterprise.

Revisions to the New York State Department of Financial Services (NYSDFS) Part 500 cybersecurity regulation are now final — just in time for 2024 budgets. While some of the more prescriptive elements of the proposed rule have given way to a more flexible, risk-based approach, most of the rule’s revisions remain intact. The final rule retains enhanced requirements for governance, risk assessments, password and data management, as well as the net-new requirements for asset inventory, business continuity and disaster recovery (BCDR), and independent audits.

A strange and somewhat sad LockBit-related situation has developed over the last few days. @LockBitSupp, the presumed leader of the prolific LockBit ransomware group, published a formal response to Operation Cronos and the FBI. In a nearly 3,000-word document, LockBitSupp published his account of what happened, what was seized, what remains, and what he learned. We have the background on Operation Cronos and LockBit here. I have paraphrased the notable points in the document and included some direct quotes from the author. This section includes comments from the LockBit response letter, not from Barracuda or other third-party sources.

Many strategies for fighting ransomware, like taking regular backups, are the same no matter where you host data — in the public cloud, in a private data center, or on-prem. However, companies that operate data centers can deploy some special practices that may reduce their risk of falling victim to ransomware attacks. When you control all aspects of your infrastructure and hosting facility, you can do things to mitigate ransomware threats that wouldn't be possible elsewhere.

“…because (use of Generative AI and Large Language Models) is so easy, 2024 will be the year that English becomes the best programming language for evil…”

To stay on top of both old and new challenges, IT chiefs should evaluate their current business and technology strategies and, when necessary, adjust them to address rapidly evolving technology, business, and economic practices. The following 10 priorities should be at the top of your list.

A survey of 1,500 IT (1,000) and IT security (500) decision-makers found more than half (52%) worked for organizations that experienced a cyberattack that prevented access to data within the past 12 months, with 85% of them admitting they paid ransoms to access data. Conducted by the market research firm Vanson Bourne on behalf of Dell Technologies, the survey also found three-quarters (75%) of respondents worried existing data protection measures are unable to cope with ransomware threats. Well over two-thirds (69%) were not very confident they could reliably recover in the event of a destructive cyberattack, the survey found.

As the Security and Exchange Commission (SEC) gets tough on businesses’ cybersecurity posture, IT security leaders will need to beef up incident response plans—a notable challenge for organizations currently lacking in this area. As of December 18, 2023, publicly traded organizations must begin complying with the SEC disclosure regulations unveiled in July, which mandate disclosure of “material” threat incidents within four days.

Hackers broke into the SEC's X account to falsely post that Bitcoin ETFs were approved, causing $90 million in liquidations.

Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? •What should I be most concerned about – and focus on – in 2024?

A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world.

By the end of the decade, ‘cold’ or inactive data could represent the majority of Enterprise data stored1. But how best to preserve and protect this valuable data for years, even decades, while reducing storage costs, addressing environmental, social and governance goals and strengthening cybersecurity? The answer is with LTO tape technology. With current LTO-9 tape systems, you can securely store over 25 Petabytes* of data in a single data center rack, at a fraction of the cost and power of disk-based storage2. So bring your archives down to size with innovative and sustainable LTO technology. Big data has never felt so small.

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction — such as a link to a civil claim filed in federal court — as reasonably likely to provide notice of the lawsuit to the defendant. Experts say the development could make it easier for victims of crypto heists to recover stolen funds through the courts without having to wait years for law enforcement to take notice or help.

Google says the Chrome Safety Check feature will work in the background to check if passwords saved in the web browser have been compromised. Chrome will also alert desktop users if they're using extensions flagged as dangerous (taken down from the Chrome Web Store), the latest Chrome version, or if Safe Browsing is enabled to block websites on Google's list of potentially unsafe sites.

2023 saw a big focus on innovation, spurred in large part by the attention focused on generative AI (genAI) and the impact it may have on business in both the short and long term. In 2024, as more organizations embrace rapid experimentation and launch new genAI initiatives (along with their interconnected risks), they will need to balance that speed of innovation with governance and greater accountability.

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up, just as they have, year-to-year, for the past 20 years. With that in mind, Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind:

Foreign interference actors, mostly operating out of Russia, Iran, and China, are ramping up efforts to influence US audiences ahead of 2024's national elections. One prime example is Doppelganger, a Russia-based influence operation that has established several inauthentic news sites and social media accounts to disseminate stories designed to stoke political and social divisions in the US in the run-up to the elections.

For those in charge of industry standards, ensuring rules are up to date and fit for purpose is a constant battle against time. And when it comes to addressing the risk of payment card data theft, the stakes couldn’t be higher. That’s why the latest version of the Payment Card Industry Data Security Standard (PCI DSS) is a big deal. Going into effect March 31, 2024, PCI DSS 4.0 introduces a host of new requirements for organizations that process card data.

Lobbyists for U.S. hospitals oppose a Biden administration proposal for mandatory cybersecurity requirements and possible financial disincentives for organizations that fail to meet those expectations. Industry experts contend that some type of government actions are needed for raising the bar on cybersecurity in the healthcare sector.

Federal regulators mandated that, starting Dec. 18, companies listed on stock market exchanges must determine whether a cyber incident is "material," and if so, disclose it within four business days. Small businesses have until June 15 to comply with the rule.

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.

Cyber insurance has become a critical form of protection for companies as the number of cyberattacks (and their complexity and effectiveness) increases. While this type of liability insurance can help companies recover from an attack – particularly if customers were affected and are also seeking compensation – MSPs and end users may want to consider other types of financial protection in addition to cyber insurance. One emerging offering is a cyber warranty.

Cyber Monday Kicks Off Holiday Shopping Season With E-Commerce Security Risks

Following a hiatus, the Cybersecurity Insurance and Data Analysis Working Group will relaunch in December to determine which security measures are most effective to reduce risk.

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account.

Data theft and data exfiltration are often used interchangeably, but they shouldn’t be. Understanding what each term refers to is important for anyone responsible for protecting an organization’s data. The distinction clarifies the scope and range of options for different approaches to protecting data.

Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look up the SSN or background report on virtually any American. For prices ranging from $8 to $40 and payable via virtual currency, the bot will return detailed consumer background reports automatically in just a few moments.

A cloud migration backlash, of sorts, is playing out. Many companies, indeed, are shifting to cloud-hosted IT infrastructure, and beyond that, to containerization and serverless architectures. However, a “back-migration,” as Michiel De Lepper, global enablement manager, at London-based Runecast, puts it, is also ramping up. This is because certain workloads are proving to be too costly to run in the cloud — resource-intensive AI modeling being the prime example.

The U.S. Securities and Exchange Commission in late October charged SolarWinds and its CISO with fraud and internal control failures. Many organizations are reckless in making statements to the market to preserve their company's stock prices, not realizing the potential for regulatory action, said Paul Dunlop, COO at Fraud Doctor, and Steve Hindle, founder of Achilles Shield.

Ransomware resilience relies not on a single tool, but on several layered protections. Offline backups are a critical layer in a ransomware protection strategy.

As artificial intelligence (AI) technology continues to evolve, cybercriminals are beginning to explore the full potential of these advances. Previously, some of the gating factors of ransomware were around the expertise and volume of work required to launch a successful attack. Even though ransomware-as-a-service (RaaS) existed where some or all the ransomware attack could be jobbed out to a ransomware provider, that meant a would-be ransomware attacker would have to trust another criminal, the RaaS provider. For ransomware attackers that were able to do the work themselves, there was a lot of manual work required, which limited the scope, effectiveness, and volume of the attacks. With AI in the picture, many of these limitations are lifted. 

A cyberattack on a shared IT services organization is forcing five member hospitals in Ontario to cancel or reschedule patient appointments and steer nonemergency patients to other facilities.

Share this list of phishing techniques, detection and prevention tips, and best practices to help employees avoid falling victim to phishing schemes. Only 58% of users know what phishing is, according to a Proofpoint survey -- a staggering gap considering phishing attacks are so common and becoming increasingly sophisticated. The same survey found 84% of organizations faced at least one successful phishing attack in 2022, with 54% of organizations experiencing three or more successful incidents.

Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say.

The odds of a CISO encountering a major cyberattack are about as high as it can get with 9 in 10 CISOs reporting at least one disruptive attack during the last year, according to Splunk research released Tuesday. Almost half of the 350 security executives surveyed said their organizations were hit by multiple disruptive cyberattacks during the last year. At that level of ransom payment activity, CISOs have to operate under the assumption that ransom payments are effectively part of the job.

As our society transforms into a more connected world, an essential component of this shift is the need for safe and secure driving experiences on our roads. The recent hacking of a Tesla in under two minutes by France security firm Synacktiv demonstrates how serious a concern this is—attackers were able to breach the cyber controls of the vehicle to carry out a number of malicious acts, including opening the trunk of the vehicle while in motion and accessing the infotainment system.

A six-month study of federal government cybersecurity suggests the Department of Homeland Security could play a more prominent role in securing civilian networks, in a report that touts a "more centralized defensive strategy."

Artificial Intelligence (AI) is being considered for use in many segments of the storage marketplace. A new report is available that discusses in detail AI in data storage. What does the AI storage landscape look like? What are the opportunities for AI in storage? How will AI usage affect data security and costs? Read on to see highlights from a massive AI storage study.

The Cybersecurity and Infrastructure Security Agency (CISA) is advising organizations to implement a series of steps to thwart social engineering and phishing attacks that span everything from making sure Domain-based Message Authentication, Reporting, and Conformance (DMARC) for received emails is turned on to defining denylists at the email gateway and enabling firewall rules to prevent malware infestations. Recognizing that most cyberattacks can be traced back to stolen credentials, CISA is also encouraging organizations to regularly train end users to both identify suspicious emails and links and document and report them as part of an incident response plan.

Most cyberattacks today begin with system intrusion. This occurs when an attacker uses stolen credentials, phishing attacks, or other means to gain access to your system. Once inside, they, or the malware they place there, can go undetected for long periods of time — often for months — during which time they perform careful reconnaissance. They can take the time to understand your network architecture, scan for unprotected ports, discover where critical, high-value data is stored, exfiltrate that data, identify users with high access privileges, and much more.

The CIA triad is a helpful security model for protecting data. The name refers to the three related pillars of confidentiality, integrity, and availability. The triad plays a crucial role in keeping data safe and secure from growing cyber threats. When a data or security breach occurs, it is often because the victim has not fully executed one or more of these three pillars.

A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world.

Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Nonprofits are equally at risk, and often lack cybersecurity measures. According to Board Effect, 80% of nonprofits do not have a cybersecurity plan in place. If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Here is a 1 Page (simple) Plan; a Very Good Read:

In this instance, both were victims of a Scattered Spider /ALPHV cyberattack. Caesars quickly negotiated with the cyberattackers, and handed over a $15 million ransom payout, which allowed it to proceed with business in relatively short order. MGM meanwhile flatly refused to pay, and just announced that its operations have been recovered after 10+ days of casino and hotel operational downtime (tens of millions of dollars in lost revenue later). While it's tempting to make a judgment as to which approach is better…

Creating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry. Cutting against the grain, Flexxon, a Singapore-based supplier of NAND memory drives and storage devices, arrived at Black Hat USA 2023 calling for a distinctive hardware approach to repelling cyber attacks.

You probably already know that the image of cybercriminals as lone hackers toiling away in a basement somewhere on their own — whether for their own amusement, to earn glory among other hackers, or to sabotage or steal from specific targets — is a very long way from the modern reality. Today, cybercriminal gangs are organized and sophisticated, operating more like modern software companies or traditional organized crime families. Or to be more precise, traditional organized crime has moved into the cybercrime space, driving out the older “mom-and-pop” operators.

When it comes to writing customer case studies, I always look for the human angle — a personal experience that readers can relate to. It’s not always easy to find, but when I spoke to Lacey Gosch about her experiences as Assistant Superintendent of Technology at Judson Independent School District, the human angle on her story was front and center.

“Multiple billions of people and sensors and systems connected in billions of global networks have generated and will continue to generate immense quantities of data.” This quote comes from a new white paper penned by John Monroe of Furthur Market Research called Storage Management in an Age of Minimal Data Deletion. The paper examines the usage, forecasts and strategies for managing the ever increasing quantities of information. This BlogBytes article will review some of the key findings from this must read captivating research. Let’s dive in!

One day Connor Tumbleson got an email saying his identity has been stolen. And this was one of the strangest days he’s ever had.

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.