Category: Cybersecurity Insiders

[By John Gallagher, Vice President of Viakoo Labs] Biometric security is often viewed as superior to passwords when it comes to protecting sensitive systems or data. The interface between physical and software security, verified by unique personal identifiers like iris…

Read more →

[By André Ferraz, CEO and Co-Founder of Incognia, the innovator in location identity solutions] Generative artificial intelligence (GenAI) is a hot topic of conversation – particularly the risks it poses to users’ online safety and privacy. With President Biden calling on…

Read more →

Stolen bank account credentials have been a persistent issue in countries like Britain, the United States, Australia, and Canada, often resulting in significant financial losses. However, Singapore’s leading telecommunications company, Singtel, has introduced an innovative solution to combat such phishing…

Read more →

Network security professionals protect the confidentiality, integrity and availability of information across the network. They’re expert at applying strategies, processes and technologies that guard against unauthorized access and harm. Are you ready for a career in network security? ISC2, creator…

Read more →

In recent years, as businesses and individuals increasingly rely on cloud computing services for storage, collaboration, and data processing, cyber-criminals have adapted their tactics to target cloud environments. Cloud malware poses a significant threat to the security and integrity of…

Read more →

In a resurgence of cyber threats, the notorious PLAY Ransomware gang has once again captured headlines. Following an update from the FBI, which identified the Play ransomware gang as responsible for targeting more than 300 organizations, the gang is now…

Read more →

Amid escalating Chinese cyber attacks targeting government infrastructure globally, Google has inaugurated its inaugural Asia-Pacific Cyberdefense center in Tokyo, Japan. This hub is poised to serve as a pivotal nexus for information exchange and research collaboration among businesses, governmental entities,…

Read more →

FINTRAC Canada targeted by a cyber attack FINTRAC, Canada’s financial intelligence agency, has fallen victim to a cyber attack, prompting the shutdown of its computer networks. While the servers of the federal agency have been taken offline, assurances have been…

Read more →

CrowdStrike, an American cybersecurity technology company, has officially announced its acquisition of the Israel-based startup ‘Flow Security’ for $200 million. Flow Security is known as the world’s sole provider of cloud data runtime security solutions, uniquely safeguarding data both at…

Read more →

Shortly after millions of Facebook and Instagram users encountered difficulties accessing their accounts, speculation quickly arose that a state-funded cyberattack might be to blame. Mark Zuckerberg, fresh from a vacation in India, promptly took to Twitter, now X, to assure…

Read more →

In today’s interconnected world, maintaining a pristine digital reputation is paramount. Whether you’re an individual, a business, or an organization, the risk of cyber embarrassment stemming from leaked or improperly disposed of data looms large. From personal photos and sensitive…

Read more →

Hamilton city announces emergency after ransomware attack It seems like there’s a surge in ransomware attacks lately, affecting various sectors from municipal services to healthcare and even international politics. The situation in Hamilton City sounds quite serious, especially with essential…

Read more →

[By Lydia Zhang, President and Co-founder of Ridge Security] Organizations face constant threats from vulnerabilities that can exploit their systems and compromise sensitive data. Common Vulnerabilities and Exposures (CVEs) are one such concern, posing significant risks to organizations of all…

Read more →

North Korea, under the leadership of Kim Jong-un, faces stringent sanctions from Western nations, exacerbating the nation’s dire shortage of semiconductor equipment crucial for its nuclear, satellite, and intelligence operations. In response to this scarcity, North Korea has intensified its…

Read more →

[By Rob McNutt, SVP Network Security at Forescout] The greatest threat to zero trust is not among a group of the usual cybersecurity suspects. It is the marketing hype that has led to unrealistic expectations about its capabilities. The ability…

Read more →

[By Joao Correia, Technical Evangelist at TuxCare (www.tuxcare.com), a global innovator in enterprise-grade cybersecurity for Linux] Today’s threat actors are driven by a variety of potential motivators for attacking systems and networks. They may aim to disrupt entire economies, advocate…

Read more →

In a concerning development for financial security, American Express has announced that its customers’ credit card information has been compromised in a data breach. The breach occurred through a third-party service provider, marking another significant event in a series of…

Read more →

Recently, the FBI initiated a global operation aimed at disrupting the infrastructure utilized by the ALPHV hackers responsible for spreading ransomware. Despite this effort, the criminal group managed to bounce back swiftly and launched even more sophisticated attacks. Just a…

Read more →

In recent years, the landscape of cyber threats has evolved dramatically, with the emergence of AI-powered attacks posing new and formidable challenges. MIT security researchers have made significant strides in simulating cyber-attacks capable of triggering physical damage to vital infrastructure,…

Read more →

It’s quite alarming to hear about the advancements in cyber-attacks, especially those fueled by AI and capable of causing physical damage to critical infrastructure like dams. The intersection of technology and security has always been a double-edged sword, offering both…

Read more →

[by Yoav Kalati] Today, we’re seeing the growing dependence on and adoption of Software as a Service (SaaS) tools by businesses and organizations. However, this increased reliance also has posed challenges on the security front, as threat actors try to…

Read more →

Digital healthcare has been developing rapidly during the last decade: the enactment of the American Reinvestment and Recovery Act (ARRA) in 2009 drove the majority of healthcare organizations in the US to adopt the EHR system, the COVID-19 pandemic boosted…

Read more →

[By Demetris Booth, Product Manager, Cato Networks] The cybersecurity market is brimming with point solutions. Each solution is designed to address a specific risk, a specific security use case and a specific attack vector. This approach is no longer sustainable…

Read more →

Scheduled to take place from July to August this year in Paris, France, the 2024 Summer Olympics are set to be a grand event spread across various stadiums throughout Europe. However, concerns have been raised by Stephane Sejourne, France’s Foreign…

Read more →

The LockBit Ransomware gang, previously subdued by law enforcement agencies worldwide, has resurfaced with its trademark double extortion tactics, targeting businesses with file-encrypting malware attacks. Interestingly, the group’s leader, ‘LockbitSupp,’ has publicly endorsed Donald Trump as the next US President,…

Read more →

In today’s digital landscape, cybersecurity has emerged as not just a necessity but a thriving industry. With cyber threats becoming more sophisticated and pervasive, the demand for robust security measures has skyrocketed, propelling cybersecurity into a realm of unprecedented growth…

Read more →

Data security concerns with Chinese and other nation cars The security of data in cars from China and other nations has become a focal point of concern, prompting action from the United States government. President Joe Biden has signed an…

Read more →

For years, IT experts have emphasized the importance of maintaining backups for data and applications, highlighting their crucial role in swiftly recovering from cyber-attacks. Indeed, having such backup systems in place can preserve data continuity during unexpected incidents, thereby minimizing…

Read more →

A newly emerging ransomware group named Mogilevich has purportedly breached the servers of Epic Games, an American game developer, making off with approximately 200GB of data. Reports indicate that the cybercriminal outfit has set a deadline of March 4th for…

Read more →

In recent years, cloud migration has emerged as a pivotal strategy for organizations seeking to modernize their IT infrastructure, enhance scalability, and streamline operations. While the benefits of cloud adoption are undeniable, the process of transitioning sensitive data to the…

Read more →

Amidst growing concerns over cyber warfare, reports have surfaced regarding Russia’s advancements in artificial intelligence (AI) for spreading misinformation. Under the leadership of Vladimir Putin, Russia has allegedly developed sophisticated AI-based cyber tools aimed at manipulating news narratives, with potential…

Read more →

Amidst the prevailing wave of Artificial Intelligence technology, IBM has aligned itself with the trend by introducing an AI-driven ransomware resilience solution for data storage. This innovative offering is poised to tackle the diverse array of file-encrypting malware prevalent in…

Read more →

APT29 moves from Government infrastructure towards Cloud Service Providers APT29, also known as Midnight Blizard or Cozy Bear and associated with Russian Intelligence, appears to have altered its approach from targeting government infrastructure to focusing on cloud service providers. This…

Read more →

It’s indeed concerning when cybersecurity solutions meant to protect users’ privacy end up compromising it instead. The case of AVAST highlights the importance of transparency and accountability in the handling of user data. Users trust these companies to safeguard their…

Read more →

It’s interesting to see the shift in attitudes towards cloud adoption, especially considering the initial push towards it from figures like former President Trump. The concept of cloud repatriation, where organizations bring their workloads back in-house from third-party cloud services,…

Read more →

Introduction: In our increasingly digital world, managing online accounts and preserving digital legacies has become a critical consideration. When someone passes away, accessing and retrieving data from their Google account can be a sensitive and complex process. This guide aims…

Read more →

[By Darren James, Senior Product Manager, Outpost24] Humans have made unbelievable advancements in science and technology that have stretched the imagination and changed society forever.  But one seemingly mundane, albeit crucial, piece of wisdom continues to elude mankind – proper…

Read more →

In November 2019, the FBI and US-CERT jointly issued a statement advising against ransom payments to hackers, asserting that such payments could embolden cybercriminals and exacerbate cybercrime. They urged victims to instead seek guidance from law enforcement or forensic experts.…

Read more →

[By Chris Debigh-White, Chief Security Officer at Next DLP] The majority of security experts adhere to the “assume breach” paradigm, which recognizes the possibility, if not the inevitability, of an attacker gaining access to an organization. This breach could occur through…

Read more →

Federal Trade Commission Clears X (formerly Twitter) of Data Security Violations Following an investigation into the server operations of X, previously known as Twitter, the Federal Trade Commission (FTC) has announced that Elon Musk’s company has upheld user privacy and…

Read more →

In the modern workplace, the Bring Your Own Device (BYOD) trend has become increasingly prevalent, revolutionizing how businesses operate and employees collaborate. While BYOD offers flexibility and convenience, it also introduces significant security challenges, particularly in the realm of mobile…

Read more →

Toshiba, the Japanese electronics giant, and Orange, a major telecom company, have unveiled breakthroughs in quantum secure data transmission. Their innovation shields information transmitted over fiber optic networks from cyber threats of all kinds. The advancement relies on Quantum Key…

Read more →

When attempting to book a flight ticket on an air travel website, it’s common to encounter a chatbot designed to assist in completing the transaction. However, what happens if this chatbot provides misinformation that could result in costly consequences? This…

Read more →

The digital era: what a time to be alive! It’s easier to stay in contact from a distance, make financial transactions, shop for necessities (or luxuries), and conduct business. Lucky us, right? The answer is undoubtedly yes, with an and……

Read more →

The White House is ramping up its focus on cybersecurity for US ports, signaling a top priority for the Biden administration. An imminent executive order is expected to be signed, aiming to fortify the security infrastructure of national ports against…

Read more →

1. Data Resilience: Data resilience refers to the ability of data to remain available and in-tact despite various challenges or threats. It involves measures to ensure that data is protected from loss, corruption, or unauthorized access. Data resilience strategies typically…

Read more →

In recent years, NSO Group made headlines amid allegations of developing espionage software intended for government use in combating criminal activity. However, the company faced scrutiny for enabling individuals and organizations to spy on rivals, opposition figures, and business associates.…

Read more →

[By Tyler Shields, Vice President at Traceable AI] As we step into 2024, the landscape of API security is at a critical juncture. The previous year witnessed a significant escalation in API-related breaches, impacting diverse organizations and bringing to light…

Read more →

[By Paul Fuegner – QuSecure] The rapid advances we are seeing in emerging technologies like AI, ML and quantum computing will have a devastating impact on organizations not prepared and who have not considered updating existing modes of asymmetric data…

Read more →

[By Doug Dooley, COO, Data Theorem] The rise of OpenAI and new changes with ChatGPT-4 Turbo will help to revolutionize the way financial services organizations take advantage of their data, enabling them to scale their analysis rapidly and stay agile…

Read more →

[By Brett Walkenhorst, Ph.D., CTO, Bastille] Zero Trust has been an important paradigm for advancing network security for almost 15 years, incorporating tenets that move beyond perimeter-based control toward a multi-layered approach that seeks to minimize risk in the modern…

Read more →

[By Brett Bzdafka, principal product manager at Blumira] Businesses today face an ever-increasing number of cyberattacks on average, often posing potential financial impacts in the 7-figure range. Despite this threat, only 55% of organizations have some form of cyber insurance,…

Read more →

Reports from both the University of Cambridge and the University of Manchester have revealed that they’ve fallen victim to a highly sophisticated cyber attack, with the assailants aiming to cripple their IT infrastructure. While the extent of the impact on…

Read more →

[By John Anderson, Enterprise Information Security Manager, Lands’End] Securing electronic messaging services, particularly when utilizing third-party services, is crucial for maintaining the integrity and security of your communications. Limiting who can send on your behalf is crucial to maintaining email…

Read more →

[By Avkash Kathiriya, Senior Vice President, Research and Innovation at Cyware] There was a time when managed security service providers (MSSPs) were perceived as expensive outsourced options to replace or bolster internal security teams with a one-size-fits-all approach. Fortunately, those…

Read more →

The LockBit ransomware gang’s payment website fell under the control of US FBI and UK’s NCA in a joint operation named ‘Operation Cronos,’ utilizing a PHP exploit to disrupt services. Visitors attempting to access the site through Onion browsers are…

Read more →

Two passenger aircraft flying from Thailand to Israel fell victim to cyber hijacking by unidentified anti-social elements, as confirmed by Israel Radio Service Kan Reshet B and reported by The Jerusalem Post. According to sources, two El Al flights en…

Read more →

How many tools do you use to protect your network from cyberattacks? That’s a puzzling question to answer. A typical enterprise Security Operations Center (SOC) employs a diverse array of security tools to safeguard against cyber threats. This includes Security…

Read more →

Ransomania, an Innovative Tool Developed by Cyberint to Combat Ransomware Threats The global menace of ransomware continues to plague companies of all sizes and industries. To effectively counter this threat, it is crucial to raise awareness among individuals and organizations…

Read more →

Protecting against credential stuffing attacks requires a multi-layered approach to security. Here are some effective strategies to defend against such threats: Implement Multi-Factor Authentication (MFA): Require users to provide additional forms of authentication, such as a one-time code sent to…

Read more →

In today’s fast-paced digital world, keeping your IT assets safe is more important than ever. Imagine having a Superhero that can spot and fix problems with your IT infrastructure within the blink of an eye. With cyber threats growing in…

Read more →

[By Shlomi Yanai] It’s rather obvious to most in the IT sector that cybercriminals consistently and successfully exploit stolen or weak online identities to gain unauthorized access to businesses of all types. It’s these identities in an enterprise that are…

Read more →

[By Richard Bird, Chief Security Officer, Traceable] In the wake of the devastating cyber-attack on Kyivstar, Ukraine’s largest telecommunications service provider, it’s time for a blunt conversation in the boardrooms of global enterprises. As someone who has navigated the cybersecurity…

Read more →

In a newly released study from International Data Corporation (IDC) and cybersecurity company Exabeam, research shows companies globally are struggling with visibility when it comes to defending against cyberattacks. Fifty-seven percent of surveyed companies experienced significant security incidents in the…

Read more →

The integration of Artificial Intelligence (AI) tools into our daily routines has become an undeniable global phenomenon. However, as these AI tools undergo version upgrades, users’ concerns regarding data security are on the rise. One notable advancement in AI technology…

Read more →

The Department of State, in its ongoing efforts to combat cybercrime, has announced a $10 million reward for information leading to the apprehension of ALPHV, also known as the Blackcat Ransomware Gang. This significant bounty underscores the severity of the…

Read more →

Whale phishing and Spear phishing are both forms of targeted cyber-attacks aimed at stealing sensitive information or gaining unauthorized access to systems. However, they differ in their targets and scale: 1. Spear Phishing: Target: Spear phishing attacks target specific individuals…

Read more →

The U.S. Securities and Exchange Commission (SEC) has made a significant announcement regarding the security of its X account, affirming the implementation of 2-factor authentication to bolster its defenses. Emphasizing its commitment to fortifying security measures, the SEC aims to…

Read more →

Bank of America Data Breach by Infosys Bank of America (BOA) has filed accusations against Infosys US, alleging a data breach that compromised details of its employees and some customers. The breach report was submitted to the Office of Maine…

Read more →

Southern Water, responsible for managing the UK’s water and waste facilities, made an official statement on February 12, 2024, revealing the impact of a ransomware attack that occurred in the second week of January. The breach potentially affected approximately 5%…

Read more →

In recent times, the criteria for landing coveted job positions have often included a laundry list of prerequisites: educational qualifications, certifications, and substantial prior experience. However, when it comes to the realm of cybersecurity, experts are challenging this traditional mindset,…

Read more →

Maintaining security across multi-cloud environments requires a comprehensive approach that encompasses various aspects of security. Here are some key steps you can take: 1. Centralized Identity and Access Management (IAM): Implement a centralized IAM solution to manage user identities, roles,…

Read more →

Scotland’s police have officially declared a troubling surge in cyber crime within their jurisdiction, indicating a doubling of incidents compared to the previous year. This alarming trend is expected to escalate further in the coming months. The proliferation of technologies…

Read more →

A ransomware assault targeting the Office of Colorado State Public Defender (CSPD) has compelled the IT personnel to shut down the entire computer network as a precautionary measure to contain the malware’s spread. Consequently, only critical response infrastructure and court…

Read more →

Microsoft, the renowned technology giant based in the United States, has recently made headlines due to targeted spear phishing campaigns aimed at thousands of individual accounts utilizing Microsoft 365 and Azure Services. These attacks, which have been active since November…

Read more →

In April 2024, Google has announced a significant move to block all mass emails targeted at its Gmail users. This decision, made official by Alphabet Inc.’s subsidiary, signifies a shift in digital communication practices and imposes stricter regulations on bulk…

Read more →

In today’s digital age, where cyber threats are increasingly sophisticated and prevalent, the role of cybersecurity analysts has become indispensable. These professionals play a crucial role in safeguarding organizations’ digital assets and ensuring the integrity and confidentiality of sensitive information.…

Read more →

Microsoft is gearing up for the forthcoming update to its Windows 11 operating system, tentatively named “Germanium.” Insiders within the company have hinted that this new release, expected in September 2024, will integrate advanced AI security measures, making it highly…

Read more →

A significant cyber-attack has rocked France, with data from over 33 million individuals—roughly half of the country’s population—falling victim to this sophisticated breach earlier this month. This breach marks a potentially unprecedented event in the nation’s history, according to reports.…

Read more →

In today’s digital landscape, the security of application code is paramount to protect sensitive data, prevent unauthorized access, and safeguard against cyber threats. As technology advances, so do the techniques used by malicious actors to exploit vulnerabilities in software. Therefore,…

Read more →

[By Irfan Shakeel, Vice President of Training and Certification Services at OPSWAT] Addressing the cybersecurity skills gap stands out as a paramount challenge in fortifying companies’ cyber resilience today. Especially given that the remedy is neither swift nor straightforward. Transforming…

Read more →

Recent estimates suggest that North Korea has amassed approximately $3 billion through a series of ransomware attacks targeting businesses and other cyber-attacks on cryptocurrency trading platforms. These illicit gains are believed to be directed towards supporting Kim Jong Un’s nuclear…

Read more →

Cohesity, a leading provider of security software, has made a significant public announcement regarding its intention to acquire data security firm Veritas, a move that is poised to elevate the valuation of the combined entity to over $7 billion. This…

Read more →

[By Michael Mumcuoglu, CEO and Co-Founder, CardinalOps] It is worth remembering; cybersecurity professionals inherently win, only when attackers lose. Although it may feel like a victory, we don’t win when we merely maintain operations or even when we put processes in place and…

Read more →

In the year 2023 alone, hackers behind the rampant spread of ransomware amassed a staggering $1 billion in ransom payments, as disclosed by a comprehensive study conducted by blockchain research firm Chainalysis. This alarming figure, equivalent to the annual budget…

Read more →

The allocation of budget for cybersecurity holds paramount importance in the modern digital landscape. In an era where cyber threats loom large and businesses increasingly rely on technology, ensuring adequate financial resources for cybersecurity is critical. Below are several key…

Read more →

DDoS Attack via Compromised Smart Toothbrushes Disrupts Swiss Company’s Network A Swiss company recently faced a significant setback due to a distributed denial of service (DDoS) attack orchestrated through compromised smart toothbrushes. With over 3 million devices affected, the attack…

Read more →

[By Dominik Samociuk, PhD, Head of Security at Future Processing] When more than 6 million articles of ancestry and genetic data were breached from 23 and Me’s secure database, companies were forced to confront and evaluate their own cybersecurity practices…

Read more →

The United States has taken a firm stance on visa restrictions targeting individuals involved in the misuse of commercial spyware. Secretary of State Anthony Blinken announced this statement on February 5, 2024, following a review of legal cases involving forced…

Read more →

In the age of digitization, securing IT assets through insurance coverage presents a challenge, particularly in convincing board members to allocate funds for cybersecurity. However, the investment yields significant benefits, as outlined below: Comprehensive Coverage: Cyber insurance shields businesses from…

Read more →

[By Fernando Martinez, Security Researcher, AT&T Alien Labs] Research from AT&T Alien Labs has identified a campaign to deliver AsyncRAT onto unsuspecting victim systems. For at least 11 months, this threat actor has been working on delivering the Remote Access…

Read more →

In the ongoing discourse surrounding the impact of ChatGPT on our economic and business landscape, both positive and negative opinions have surfaced. However, a recent development introduces a unique perspective, shedding light on data security in relation to OpenAI’s ChatGPT.…

Read more →

In an era where online threats no longer discriminate by business size, Control D, powered by Windscribe VPN‘s robust security expertise, announced today the launch of ‘Control D for Organizations‘. This modern DNS service democratizes cybersecurity, making it accessible to businesses of…

Read more →

Scott Sayce, Global Head of Cyber at Allianz Commercial The newly released Allianz Risk Barometer revealed that Cyber incidents such as ransomware attacks, data breaches, and IT disruptions are the biggest worry for companies globally, as well as in the…

Read more →

AnyDesk, a widely-used platform for remote access software, fell victim to a ransomware attack, exposing its source code and private code sign keys to hackers. The enterprise software company detected malicious activity within its computer networks on a Friday afternoon…

Read more →

In the realm of cybersecurity, understanding the nuances between hashing, salting, and encryption is crucial for safeguarding sensitive data. Each method serves a distinct purpose in protecting information, and grasping their disparities is essential for implementing robust security measures. Hashing:…

Read more →

Interpol, in collaboration with several global law enforcement agencies, initiated Operation Synergia with the aim of apprehending criminals involved in spreading ransomware and conducting malware and phishing attacks. The operation successfully resulted in the seizure of approximately 1300 suspected IP…

Read more →

On February 1, 2024, the globe commemorated International Change Your Password Day, an occasion unfamiliar to many tech enthusiasts regarding its origin. This annual observance was initially established to promote online safety while accessing web services, emphasizing the critical role…

Read more →

Sharing information about cyber attacks provides several benefits to individuals, organizations, and the broader cybersecurity community. Here are some key advantages: 1. Early Threat Detection: Information sharing enables early detection of cyber threats. When organizations share details about the attacks…

Read more →

Following an investigation into the unauthorized use and sale of geolocation data by two companies, the Federal Trade Commission (FTC) in the United States has officially banned the collection and exploitation of such data by companies moving forward. In response…

Read more →