Thousands of US Congress Emails Exposed to Takeover

Secure mail provider Proton teamed up with Constella Intelligence to search on the dark web for over 16,000 publicly available email addresses associated with congressional staff. It found that 3191 staff had their emails leaked to the dark web after third-party data breaches, with 1848 of these listed alongside plaintext passwords. A larger number (2975) had passwords exposed, although they weren’t stored in plaintext for all to see.


2024 Cybersecurity Laws & Regulations

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies.


SMBs: How to build a robust cybersecurity framework

Small and medium-sized businesses (SMBs) face significant challenges when it comes to implementing an effective and robust cybersecurity framework. These mostly come down to resources. Without the cash, revenues, and staffing levels that large corporations enjoy, the decision to make significant investments in security may require cutbacks in investments that directly support ongoing operations and growth. On the other hand, SMBs are typically far more agile, flexible, and capable of rapid innovation and change than larger organizations. This means that once they design a cybersecurity framework that fits their needs—and doesn’t demand excessive resources—they can then implement it very quickly.


Magnetic technology is so dead, it's setting new records in global storage capabilities

The three companies behind the LTO Consortium recently released the latest annual report on magnetic tape technology shipments, which set a new storage capacity record in 2023. the LTO members-- Hewlett Packard Enterprise, IBM, and Quantum Corporation – jointly stated jointly said that tape media shipped to market have now reached 152.9 exabytes of total (compressed) capacity, with 1 exabyte being equal to 1 million terabytes or 1 billion gigabytes.


While GenAI tools increase the speed at which employees and organizations can operate, they also afford adversaries the same luxury.

If there was ever a technology buzzword that drove more intrigue, polarization, and old-fashioned coattail riders than the phrase "generative AI," I haven't heard it yet. It's everywhere. But more importantly for defenders, generative artificial intelligence (GenAI) is now a friend of the enterprise, which of course also means it's quickly becoming a sidekick for attackers looking to advance their course across hybrid environments. So, for defenders, does that mean the only way to fight AI is with AI?


Auditors Uncover Lax FBI Hard Drive Disposal Practices

The FBI had a loose hard disk disposal problem that auditors say put classified information at risk. U.S. Department of Justice auditors in Wednesday report said an in-person review of the facility the FBI uses to destroy old hard drives uncovered problems including lax physical security and cardboard boxes filled with unlabeled hard drives.


A Third of Organizations Suffer SaaS Data Breaches

Almost a third (31%) of global organizations suffered a breach of data in their SaaS applications last year, as they struggled to gain visibility and control over their cloud environment, according to AppOmni. The security vendor polled 644 enterprises with 2500+ employees in six countries – the US, the UK, France, Germany, Japan and Australia – to compile its State of SaaS Security 2024 Report. The five percentage-point increase in the share of breached respondents this year could be explained by several contributing factors highlighted in the study.


Ransomware on track for record profits, even as fewer victims pay

Ransomware payments in 2024 are on track to once again hit a record total value, even as fewer victims are choosing to pay attackers, Chainalysis found in its 2024 Crypto Crime Mid-year Update published last week. The blockchain intelligence firm revealed in a report published earlier this year that total ransomware payments exceeded $1 billion globally for the first time in 2023, and its mid-year report published Thursday indicated 2024 is also on track to hit, or even exceed, last year’s numbers.


Black Hat Fireside Chat: User feedback, AI-infused email security are both required to deter phishing

Pulitzer Prize-winning business journalist Byron V. Acohido: “I recently learned all about the state-of-the art of phishing attacks – the hard way. An email arrived from the head of a PR firm whom I’ve known for 20 years asking me to click on a link to check out a proposal. Foolishly, I did so all too quickly. Within a few minutes, many of my contacts, and even strangers, were receiving a similar malicious email from me…


Huge Microsoft Outage Caused by CrowdStrike Takes Down Computers Around the World

In the early hours of Friday, companies in Australia running Microsoft’s Windows operating system started reporting devices showing Blue Screens of Death (BSODs). Shortly after, reports of disruptions started flooding in from around the world, including from the UK, India, Germany, the Netherlands, and the US: TV station Sky News went offline, and US airlines United, Delta, and American Airlines issued a “global ground stop” on all flights.


Fake Websites, Phishing Appear in Wake of CrowdStrike Outage

Within a day of the global outage linked to a CrowdStrike faulty software update that leaves Windows systems displaying the dreaded "blue screen of death," cybercriminals launched deceptive websites with domain names that include keywords such as "CrowdStrike" and "blue screen." Hackers are hoping to attract unsuspecting users searching for IT fixes for the outage, according to CISA, other government agencies and security researchers.


The Value of Information Management: Compliance versus Business Outcomes

By: Priscilla Emery on July 23rd, 2024: I want to share my thoughts on the ongoing debate within the information management industry about how to effectively sell the value of investing in information management. Some argue that the focus should be on business outcomes and solving the problems that keep decision-makers up at night, while others emphasize the importance of compliance and risk mitigation.


US Data Breach Victim Numbers Surge 1170% Annually

The number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months, according to the Identity Theft Resource Center (ITRC). The non-profit compiled the figures for its H1 2024 Data Breach Analysis from publicly reported breaches in the US. It claimed the Q2 increase in victim numbers was due to the impact of a small number of large breaches, and impacted organizations like Prudential Financial and Infosys McCamish System revising victim counts up from tens of thousands to millions of customers.


AN UNPATCHED BUG ALLOWS ANYONE TO IMPERSONATE MICROSOFT CORPORATE EMAIL ACCOUNTS

The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger the vulnerability to launch phishing attacks. The researchers demonstrated the bug exploitation to TechCrunch, Kokorin told TechCrunch that he reported the bug to Microsoft, but the company replied that it couldn’t reproduce his findings. Then Kokorin disclosed the flaw on X. The researcher explained that the vulnerability works when an attacker sends an email to Outlook accounts.


92% of Organizations Hit by Credential Compromise from Social Engineering Attacks

More than nine in 10 (92%) organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023, according to a new report by Barracuda. Scamming and phishing continued to make up the vast majority (86%) of social engineering attacks last year. There were some notable trends in how attackers are targeting users via social engineering techniques:


Multifactor Authentication Bypass: Attackers Refine Tactics

Using multifactor authentication wherever possible remains a must-have security defense, not least because it makes network penetration more time-consuming and difficult for attackers to achieve. Even so, MFA isn't foolproof, and attackers have been refining their tactics for bypassing or defeating the security control to gain remote access to a victim's network. Cisco Talos in a Tuesday blog post said that during the first quarter of this year, nearly half of all security incidents it helped investigate involved MFA. Specifically, 21% of the attacks it probed involved improperly implemented MFA, and 25% involved push-based attacks, in which attackers attempt to trick users into accepting a push notification sent to their MFA-enabled device.


US Bans Kaspersky Over Alleged Kremlin Links

The US government has banned cybersecurity provider Kaspersky from selling its products in the country because of the company’s alleged links to the Russian regime. On June 20, 2024, the US Department of Commerce’s Bureau of Industry and Security (BIS) issued a Final Determination prohibiting Kaspersky Lab, Inc., the US subsidiary of the Russian cybersecurity firm, from providing any products or services in the US. Kaspersky Lab, Inc., its affiliates, subsidiaries and resellers, will no longer be able to sell Kaspersky’s software within the US or provide updates to software already in use. The BIS has set a deadline of September 29, 2024, giving US consumers and businesses time to switch to alternative cybersecurity solutions. Commerce Secretary Gina Raimondo added that the US must act against Russia’s "capacity and intent to collect and weaponize the personal information of Americans.”


Small Business Security Challenges

Cybersecurity is difficult for small businesses, but there is help and support so that even the smallest organization can stay on top of essential security. Being a smaller organization has many benefits and challenges at the best of times. It can often be a tricky issue from a cybersecurity perspective. On one hand you’re probably too small to have a dedicated cyber function – it may well even be a stretch to afford a full-time IT manager. Yet on the other side of the coin, in everything but the smallest company the potential impact of a cyber-attack can be devastating in terms of financial or reputational damage, or even job losses if things go really bad.


Dropbox Breach Exposes Customer Credentials, Authentication Data

Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info. Online storage service Dropbox is warning customers of a data breach by a threat actor that accessed customer credentials and authentication data of one of its cloud-based services. The breach occurred when an unauthorized user gained access to the Dropbox Sign (formerly HelloSign) production environment, something administrators became aware of on April 24, according to a blog post published on May 1. Dropbox Sign is an online service for signing and storing contracts, nondisclosure agreements, tax forms, and other documents using legally binding e-signatures.


US-Led Operation Takes Down World’s Largest Botnet

A US-led law enforcement operation has successfully disrupted the 911 S5 botnet, believed to be the world’s largest ever botnet. The 911 S5 botnet is a global network of millions of compromised residential Windows computers used to facilitate cyber-attacks, large scale fraud, child exploitation and other serious criminal activity. The network of devices was associated with more than 19 million unique IP addresses, including 613,841 IP addresses located in the US. Cybercriminals were allowed to purchase access to these infected IP addresses to conduct various criminal activities. The US Department of Justice (DoJ) also announced the arrest of a Chinese national, YunHe Wang, 35, on charges relating to the creation and operation of 911 S5.


Alarming Decline in Cybersecurity Job Postings in the US

A new study by CyberSN warns that the overall number of cybersecurity job postings in the US decreased by 22% from 2022 to 2023. The cyber job platform provider added that this decline is alarming and could impact national security, as some of these roles are essential for maintaining organizational and national cyber defenses.


Cyb3R_Sm@rT!: Use a Password Manager to Create and “Remember” Strong Passwords

Strong passwords—those that are long, random, and unique—are essential to your personal cybersecurity, especially as advancements in computer processing speed and power continually make it easier for threat actors to crack passwords that do not meet these requirements. However, it is not practical for a person to remember all of their passwords. Password managers were created to solve this problem, helping you to formulate strong passwords and “remember” them.


Underinvestment In Cybersecurity Fuelling Cyber Attacks In SMEs Sector

The absence of competent security operations staff at small and medium-sized businesses (SMBs) is the reason behind the surge in cyber attacks against them, a report has revealed. Findings of the report by cybersecurity firm, Sophos, revealed that nearly 50 per cent of malware detections for SMBs were keyloggers, spyware, and stealers, malware that attackers use to steal data and credentials.


7 reasons why LTO won’t die

Magnetic tape was first used to record computer data way back in 1951. If you see the tape decks that feature in ‘computers’ in vintage movies, it’s hard to believe the medium is still around… let alone at the cutting edge of data storage. In fact, magnetic tape is thriving with strong sales of LTO Ultrium, the current de facto standard.


Insider Threats Surge 14% Annually as Cost-of-Living Crisis Bites

Employee fraud grew significantly last year thanks to the opportunities afforded by remote working and the pressures of a cost-of-living crisis in the UK, according to Cifas. The anti-fraud non-profit claimed that the number of individuals recorded in its cross-sector Insider Threat Database (ITD) increased 14% year-on-year (YoY) in 2023, with the most common reason being “dishonest action to obtain benefit by theft or deception” (49%).


Three Ways to Spot Insider Risk…

The biggest challenge to spotting a threat is knowing what to look for. The greatest challenge for most organizations who are trying to identify insider threats, is visibility into employee behavior and actions. Without it, you lack context to understand whether activity is beneficial or harmful to the organization. This ebook provides guidance around the steps necessary to spot insider threats both proactively and reactively, including how to : Define insider risk, Monitor leading indicators and Look for active indicators.


NIST releases updated Cybersecurity Framework 2.0…

The U.S. National Institute of Standards and Technology (NIST) has long been a useful source of resources to help cybersecurity teams evaluate needs, plan investments, and implement best practices. In 2013 it published the NIST Cybersecurity Framework (CSF) as the primary repository for guidance on establishing effective cybersecurity practices. Now comes the news that the updating process is complete and CSF 2.0 has been officially published. So, let’s have a look at what’s changed and how those changes may affect your efforts to understand, implement, and maintain cybersecurity best practices.


Only 3% of Businesses Resilient Against Modern Cyber Threats…

Just 3% of organizations are resilient against modern cybersecurity threats, according to Cisco’s 2024 Cybersecurity Readiness Index. This represented a significant decline in the proportion of global organizations that had a ‘mature’ level of readiness compared to last year, when 15% were ranked mature.


NIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold…

Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database.


Data tampering is an underrated threat — get your backup ready…

World Backup Day is an annual reminder of how important it is to have an up-to-date, readily accessible copy of everything that matters to your business. Resilient backups allow you to recover more quickly from data damage, disruption, or loss, particularly if a ransomware attack has resulted in encrypted or deleted files. These are well-known and widely reported benefits of backups — but there’s more. Immutable data backups can also protect you from the underrated threats of data tampering and malicious insiders, unpredictable activities that can significantly damage brand trust and reputation if they’re not addressed.


Cybersecurity in the Age of Microsoft Copilot: Safeguarding Corporate Communication

Microsoft Copilot is a state-of-the-art generative AI tool integrated into Microsoft 365, designed to assist users in content creation. It operates by harnessing a wide array of data sources, including emails, documents, and calendar meetings, as input for generating text-based content. Copilot‘s reliance on various data sources introduces the risk of generating content based on sensitive data, passwords, or personally identifiable information (PII). For example, imagine Copilot inadvertently generating an email that includes sensitive customer information, such as credit card details, without proper review, posing a risk of unintentional data exposure. In scenarios where companies serve multiple clients, Copilot might negligently generate content that contains or is based on data from one client while preparing content for another.


Too much access? Microsoft Copilot data risks explained

If you’ve used ChatGPT, you know how powerful and helpful it can be. For the security conscious enterprise, however, there are some red flags. Large corporations like JP Morgan Chase and Verizon are blocking employees from accessing the popular AI chatbot. Even Microsoft, one of Open AI’s largest investors, temporarily restricted access to ChatGPT recently. This is interesting news, especially considering Microsoft is rolling out its own AI chatbot for the enterprise called Copilot. It’s already available for Windows users, with enterprise rollouts not far behind. Like ChatGPT, Copilot can be a wonderful tool, but it introduces some notable risks for the enterprise.


Countdown to compliance begins: Time’s up! New York cyber changes are final!

Revisions to the New York State Department of Financial Services (NYSDFS) Part 500 cybersecurity regulation are now final — just in time for 2024 budgets. While some of the more prescriptive elements of the proposed rule have given way to a more flexible, risk-based approach, most of the rule’s revisions remain intact. The final rule retains enhanced requirements for governance, risk assessments, password and data management, as well as the net-new requirements for asset inventory, business continuity and disaster recovery (BCDR), and independent audits.


LockBit to FBI: 'You can't stop me'

A strange and somewhat sad LockBit-related situation has developed over the last few days. @LockBitSupp, the presumed leader of the prolific LockBit ransomware group, published a formal response to Operation Cronos and the FBI. In a nearly 3,000-word document, LockBitSupp published his account of what happened, what was seized, what remains, and what he learned. We have the background on Operation Cronos and LockBit here. I have paraphrased the notable points in the document and included some direct quotes from the author. This section includes comments from the LockBit response letter, not from Barracuda or other third-party sources.


How To Optimize Your Data Center Against Ransomware Attacks

Many strategies for fighting ransomware, like taking regular backups, are the same no matter where you host data — in the public cloud, in a private data center, or on-prem. However, companies that operate data centers can deploy some special practices that may reduce their risk of falling victim to ransomware attacks. When you control all aspects of your infrastructure and hosting facility, you can do things to mitigate ransomware threats that wouldn't be possible elsewhere.


Dell Survey Surfaces Lack of Ransomware Resiliency

A survey of 1,500 IT (1,000) and IT security (500) decision-makers found more than half (52%) worked for organizations that experienced a cyberattack that prevented access to data within the past 12 months, with 85% of them admitting they paid ransoms to access data. Conducted by the market research firm Vanson Bourne on behalf of Dell Technologies, the survey also found three-quarters (75%) of respondents worried existing data protection measures are unable to cope with ransomware threats. Well over two-thirds (69%) were not very confident they could reliably recover in the event of a destructive cyberattack, the survey found.


SEC Cyber Incident Reporting Rules Pressure IT Security Leaders

As the Security and Exchange Commission (SEC) gets tough on businesses’ cybersecurity posture, IT security leaders will need to beef up incident response plans—a notable challenge for organizations currently lacking in this area. As of December 18, 2023, publicly traded organizations must begin complying with the SEC disclosure regulations unveiled in July, which mandate disclosure of “material” threat incidents within four days.


Last Watchdog ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024

Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? •What should I be most concerned about – and focus on – in 2024?


WITH LTO TAPE TECHNOLOGY, BIG DATA NEVER FELT SO SMALL.

By the end of the decade, ‘cold’ or inactive data could represent the majority of Enterprise data stored1. But how best to preserve and protect this valuable data for years, even decades, while reducing storage costs, addressing environmental, social and governance goals and strengthening cybersecurity? The answer is with LTO tape technology. With current LTO-9 tape systems, you can securely store over 25 Petabytes* of data in a single data center rack, at a fraction of the cost and power of disk-based storage2. So bring your archives down to size with innovative and sustainable LTO technology. Big data has never felt so small.


Here’s Some Bitcoin: Oh, and You’ve Been Served!

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction — such as a link to a civil claim filed in federal court — as reasonably likely to provide notice of the lawsuit to the defendant. Experts say the development could make it easier for victims of crypto heists to recover stolen funds through the courts without having to wait years for law enforcement to take notice or help.


Google Chrome now scans for compromised passwords in the background

Google says the Chrome Safety Check feature will work in the background to check if passwords saved in the web browser have been compromised. Chrome will also alert desktop users if they're using extensions flagged as dangerous (taken down from the Chrome Web Store), the latest Chrome version, or if Safe Browsing is enabled to block websites on Google's list of potentially unsafe sites.


Forresters: Predictions 2024: Security And Risk Pros Will Apply Guardrails Beyond Regulatory Mandates

2023 saw a big focus on innovation, spurred in large part by the attention focused on generative AI (genAI) and the impact it may have on business in both the short and long term. In 2024, as more organizations embrace rapid experimentation and launch new genAI initiatives (along with their interconnected risks), they will need to balance that speed of innovation with governance and greater accountability.


Last Watchdog ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up, just as they have, year-to-year, for the past 20 years. With that in mind, Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind:


How Cybercriminals Will Sway 2024 US Elections, Or Try To

Foreign interference actors, mostly operating out of Russia, Iran, and China, are ramping up efforts to influence US audiences ahead of 2024's national elections. One prime example is Doppelganger, a Russia-based influence operation that has established several inauthentic news sites and social media accounts to disseminate stories designed to stoke political and social divisions in the US in the run-up to the elections.


Explore PCI DSS 4.0: The future of cardholder data security

For those in charge of industry standards, ensuring rules are up to date and fit for purpose is a constant battle against time. And when it comes to addressing the risk of payment card data theft, the stakes couldn’t be higher. That’s why the latest version of the Payment Card Industry Data Security Standard (PCI DSS) is a big deal. Going into effect March 31, 2024, PCI DSS 4.0 introduces a host of new requirements for organizations that process card data.


Healthcare Cybersecurity Proposal Stirs Industry Opposition

Lobbyists for U.S. hospitals oppose a Biden administration proposal for mandatory cybersecurity requirements and possible financial disincentives for organizations that fail to meet those expectations. Industry experts contend that some type of government actions are needed for raising the bar on cybersecurity in the healthcare sector.


BlackCat Ransomware Raises Ante After FBI Disruption

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.


Closing the Coverage Gap: Cyber insurance vs. cyber warranties

Cyber insurance has become a critical form of protection for companies as the number of cyberattacks (and their complexity and effectiveness) increases. While this type of liability insurance can help companies recover from an attack – particularly if customers were affected and are also seeking compensation – MSPs and end users may want to consider other types of financial protection in addition to cyber insurance. One emerging offering is a cyber warranty.


It’s Still Easy for Anyone to Become You at Experian

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account.


ID Theft Service Resold Access to USInfoSearch Data

Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look up the SSN or background report on virtually any American. For prices ranging from $8 to $40 and payable via virtual currency, the bot will return detailed consumer background reports automatically in just a few moments.


RSAC Fireside Chat: Dealing with the return of computing workloads to on-premises datacenters

A cloud migration backlash, of sorts, is playing out. Many companies, indeed, are shifting to cloud-hosted IT infrastructure, and beyond that, to containerization and serverless architectures. However, a “back-migration,” as Michiel De Lepper, global enablement manager, at London-based Runecast, puts it, is also ramping up. This is because certain workloads are proving to be too costly to run in the cloud — resource-intensive AI modeling being the prime example.


SolarWinds Ruling: Why CISOs Need to be Aware of Fraud

The U.S. Securities and Exchange Commission in late October charged SolarWinds and its CISO with fraud and internal control failures. Many organizations are reckless in making statements to the market to preserve their company's stock prices, not realizing the potential for regulatory action, said Paul Dunlop, COO at Fraud Doctor, and Steve Hindle, founder of Achilles Shield.


How AI is changing ransomware and how you can adapt to stay protected

As artificial intelligence (AI) technology continues to evolve, cybercriminals are beginning to explore the full potential of these advances. Previously, some of the gating factors of ransomware were around the expertise and volume of work required to launch a successful attack. Even though ransomware-as-a-service (RaaS) existed where some or all the ransomware attack could be jobbed out to a ransomware provider, that meant a would-be ransomware attacker would have to trust another criminal, the RaaS provider. For ransomware attackers that were able to do the work themselves, there was a lot of manual work required, which limited the scope, effectiveness, and volume of the attacks. With AI in the picture, many of these limitations are lifted. 


Top 10 tips for employees to prevent phishing attacks

Share this list of phishing techniques, detection and prevention tips, and best practices to help employees avoid falling victim to phishing schemes. Only 58% of users know what phishing is, according to a Proofpoint survey -- a staggering gap considering phishing attacks are so common and becoming increasingly sophisticated. The same survey found 84% of organizations faced at least one successful phishing attack in 2022, with 54% of organizations experiencing three or more successful incidents.


Most CISOs confront ransomware — and pay ransoms

The odds of a CISO encountering a major cyberattack are about as high as it can get with 9 in 10 CISOs reporting at least one disruptive attack during the last year, according to Splunk research released Tuesday. Almost half of the 350 security executives surveyed said their organizations were hit by multiple disruptive cyberattacks during the last year. At that level of ransom payment activity, CISOs have to operate under the assumption that ransom payments are effectively part of the job.


Autonomous Fleets Are Almost Here. Are They Safe From Cyberattacks?

As our society transforms into a more connected world, an essential component of this shift is the need for safe and secure driving experiences on our roads. The recent hacking of a Tesla in under two minutes by France security firm Synacktiv demonstrates how serious a concern this is—attackers were able to breach the cyber controls of the vehicle to carry out a number of malicious acts, including opening the trunk of the vehicle while in motion and accessing the infotainment system.


NEW REPORT ANALYSES TRENDS IN STORAGE FOR AI

Artificial Intelligence (AI) is being considered for use in many segments of the storage marketplace. A new report is available that discusses in detail AI in data storage. What does the AI storage landscape look like? What are the opportunities for AI in storage? How will AI usage affect data security and costs? Read on to see highlights from a massive AI storage study.


CISA needs to rally citizen cybersecurity army.

The Cybersecurity and Infrastructure Security Agency (CISA) is advising organizations to implement a series of steps to thwart social engineering and phishing attacks that span everything from making sure Domain-based Message Authentication, Reporting, and Conformance (DMARC) for received emails is turned on to defining denylists at the email gateway and enabling firewall rules to prevent malware infestations. Recognizing that most cyberattacks can be traced back to stolen credentials, CISA is also encouraging organizations to regularly train end users to both identify suspicious emails and links and document and report them as part of an incident response plan.


System intrusion: What it is, why it matters, and how to combat it

Most cyberattacks today begin with system intrusion. This occurs when an attacker uses stolen credentials, phishing attacks, or other means to gain access to your system. Once inside, they, or the malware they place there, can go undetected for long periods of time — often for months — during which time they perform careful reconnaissance. They can take the time to understand your network architecture, scan for unprotected ports, discover where critical, high-value data is stored, exfiltrate that data, identify users with high access privileges, and much more.


How the CIA triad helps secure your data

The CIA triad is a helpful security model for protecting data. The name refers to the three related pillars of confidentiality, integrity, and availability. The triad plays a crucial role in keeping data safe and secure from growing cyber threats. When a data or security breach occurs, it is often because the victim has not fully executed one or more of these three pillars.


GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Nonprofits are equally at risk, and often lack cybersecurity measures. According to Board Effect, 80% of nonprofits do not have a cybersecurity plan in place. If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Here is a 1 Page (simple) Plan; a Very Good Read:


MGM, Caesars Cyberattack Responses Required Brutal Choices

In this instance, both were victims of a Scattered Spider /ALPHV cyberattack. Caesars quickly negotiated with the cyberattackers, and handed over a $15 million ransom payout, which allowed it to proceed with business in relatively short order. MGM meanwhile flatly refused to pay, and just announced that its operations have been recovered after 10+ days of casino and hotel operational downtime (tens of millions of dollars in lost revenue later). While it's tempting to make a judgment as to which approach is better…


Black Hat Fireside Chat: Flexxon introduces hardened SSD drives as a last line defense

Creating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry. Cutting against the grain, Flexxon, a Singapore-based supplier of NAND memory drives and storage devices, arrived at Black Hat USA 2023 calling for a distinctive hardware approach to repelling cyber attacks.


Increasing collaboration among cybercrime gangs

You probably already know that the image of cybercriminals as lone hackers toiling away in a basement somewhere on their own — whether for their own amusement, to earn glory among other hackers, or to sabotage or steal from specific targets — is a very long way from the modern reality. Today, cybercriminal gangs are organized and sophisticated, operating more like modern software companies or traditional organized crime families. Or to be more precise, traditional organized crime has moved into the cybercrime space, driving out the older “mom-and-pop” operators.


Case study: How one large school district said “never again” to ransomware

When it comes to writing customer case studies, I always look for the human angle — a personal experience that readers can relate to. It’s not always easy to find, but when I spoke to Lacey Gosch about her experiences as Assistant Superintendent of Technology at Judson Independent School District, the human angle on her story was front and center.


REPORT SHINES A BRIGHT LIGHT ON DATA AND STORAGE

“Multiple billions of people and sensors and systems connected in billions of global networks have generated and will continue to generate immense quantities of data.” This quote comes from a new white paper penned by John Monroe of Furthur Market Research called Storage Management in an Age of Minimal Data Deletion. The paper examines the usage, forecasts and strategies for managing the ever increasing quantities of information. This BlogBytes article will review some of the key findings from this must read captivating research. Let’s dive in!


Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.


More Than Half of Browser Extensions Pose Security Risks

The study showed 51% of all installed extensions were high risk and had the potential to cause extensive damage to the organizations using them. The extensions all had the ability to capture sensitive data from enterprise apps, run malicious JavaScript, and surreptitiously send protected data including banking details and login credentials to external parties.


Ransomware protection for state, local governments (and how to pay for it)

Recent data shows that public-sector organizations are more likely to be hit by ransomware than other sectors; and that when it happens, they are more likely to suffer data loss — and less likely to recover lost data from backups. If you’re responsible for cybersecurity for a state or local government entity, it probably comes as no surprise to you that ransomware attacks against organizations like yours are rapidly increasing in frequency, severity, and effectiveness.


Barracuda XDR Insights: How AI learns your patterns to protect you

In the first half of 2023, Barracuda Managed XDR collected almost a trillion customer IT events, among which it detected and neutralized thousands of high-risk incidents. During those six months, the most widely encountered high-risk incidents — threats that require immediate defensive action — involved some kind of identity abuse. These kinds of attacks have become increasingly sophisticated over time, but they were spotted and blocked by the Managed XDR platform with the aid of AI-based account profiling.


OWASP Top 10 API Security Risks – 2023

This awareness document was first published back in 2019. Since then, the API Security industry has flourished and become more mature. We strongly believe this work has positively contributed to it, due to it being quickly adopted as an industry reference. The primary goal of the OWASP API Security Top 10 is to educate those involved in API development and maintenance, for example, developers, designers, architects, managers, or organizations. You can know more about the API Security Project visiting the project page.


The Role of Tape Backups in Disaster Recovery Planning (DRP)

In today’s business environment, disaster recovery planning is essential to maintain uninterrupted operations. Unforeseen events like natural calamities, cyber intrusions, power failures, and human mistakes can lead to substantial damages in terms of data, efficiency, and profits. Hence, to counter such challenges, companies need to develop a robust disaster recovery strategy that specifies the actions to be taken during a crisis.


DATA ECONOMICS - OPTIMIZING DATA VALUE

Organizations are retaining more and more data for longer periods of time to address regulatory requirements, customer needs and for analytical purposes. A recent report from Solutions North Consulting studies the economic, social and governance impacts of retained data and the benefits of using LTO-9 data storage technology as compared to hard disk and cloud solutions to optimize data value. This BlogBytes will provide key highlights and insights from the study.


AI Will Heighten Cybersecurity Risks for RIAs

Imagine receiving a phone call from someone you believe to be one of your clients. They are asking you to move some money around for them. It sounds like the client. And the voice on the other end is able to answer your simple questions quickly, clearly and accurately. But, before completing the transaction, there's one small detail you should probably know: The voice is artificial and run by scammer who has scraped the unsuspecting client's voice and personal details for their own purposes.


Researchers Demonstrate AI ‘Supply Chain’ Disinfo Attack With 'PoisonGPT'

Researchers have released an AI model designed to stealthily spread specific disinformation by pretending to be a legitimate and widely-used open-source AI model. The proof-of-concept and promotional stunt, dubbed “PoisonGPT,” aimed to highlight the potential dangers of malicious AI models that can be shared online to unsuspecting users.


Joint Guide to Securing Remote Access Software Released by CISA and Partners

While there are beneficial features and legitimate uses of remote access software, malicious actors often exploit these products to evade detection and establish network connections through cloud-hosted infrastructure. By leveraging legitimate remote access software, malicious cyber actors are able to undertake a type of attack called living off the land (LOTL). This guide is particularly relevant given demonstrated use of these techniques by advanced adversaries, as reflected in the recent joint advisory highlighting People’s Republic of China state-sponsored actors using LOTL techniques, including exploitation of remote capabilities to evade detection.