No jitter: Making AI Work for You: The importance of purpose-built AI for CX (March 20th)
IT - Security

Beyond The Basics: Advanced Insights Into Secrets Management Challenges
Security Boulevard, Monday, February 5th, 2024
Cybersecurity is high stakes, and secrets management is the bedrock upon which your security architecture stands. You know the drill - keeping those API keys, connections-strings, and certificates under wraps is crucial.

But let's not beat around the bush; this isn't your typical 'lock it and leave it' scenario; it's about maintaining an impenetrable defense in an era where threats evolve as rapidly as technology.

Whether cloud-based platforms like Kubernetes or traditional IT infrastructures, each presents its unique battlefield. Missteps in managing secrets aren't just errors; they are breaches waiting to happen - a scenario every leader strives to avoid.

Top Trends In Cybersecurity, Ransomware And AI In 2024
Security Boulevard, Monday, February 5th, 2024
According to research from VMware Carbon Black, ransomware attacks surged by 148% during the onset of the COVID-19 pandemic, largely due to the rise in remote work.

Key trends influencing the continuing upsurge in ransomware attacks include:

  • Exploitation of IT outsourcing services: Cybercriminals are targeting managed service providers (MSPs), compromising multiple clients through a single breach.

  • Vulnerable industries under attack: Healthcare, municipalities and educational facilities are increasingly targeted due to pandemic-related vulnerabilities.

  • Evolving ransomware strains and defenses: Detection methods are adapting to new ransomware behaviors, employing improved heuristics and canary files, which serve as digital alarms, deliberately placed in a system to entice hackers or unauthorized users.

  • Rise of ransomware-as-a-service (RaaS): This model enables widespread attacks, complicating efforts to counteract them. According to an independent survey by Sophos, average ransomware payouts have escalated from $812,380 in 2022 to $1,542,333 in 2023.

Preventing Ransomware Attacks

To effectively tackle the rising threat of ransomware, organizations are increasingly turning to comprehensive strategies that encompass various facets of cybersecurity. One key strategy is employee education, fostering a culture of heightened awareness regarding potential cybersecurity threats. This involves recognizing phishing scams and educating staff to discern and dismiss suspicious links or emails, mitigating the risk of unwittingly providing access to malicious entities.

The Spyware Business Is Booming Despite Government Crackdowns
The Register, Wednesday, February 7th, 2024
'Almost zero data being shared across the industry on this particular threat,' we're told

The commercial spyware economy - despite government and big tech's efforts to crack down - appears to be booming.

In addition to the major players like Pegasus developer NSO Group, and Predator maker Intellexa, Google's Threat Analysis Group (TAG) has found "dozens of smaller" commercial surveillance vendors and tracks around 40 such organizations.

Other exploitation supply chain orgs also make money from these nefarious tools - from the initial exploit developers and suppliers on through to the spyware vendors that charge varying amounts depending on what capabilities the customer requests.

In 2023, TAG reports it uncovered 25 zero-days under active exploitation, and 20 of these were abused by commercial surveillance vendors.

The ROI Of Investing In Cybersecurity
TRUFORT, Friday, February 9th, 2024
The need for investing in cybersecurity now, so that a breach doesn't become an organization's funding case, needs to be clear for all stakeholders

Digital transformation drives business operations, and dedicating funds towards cybersecurity has gone from being an IT department issue to an overall strategic business essential. The conversation around cybersecurity investment is shifting, with a growing consensus that waiting for a security breach to justify funding is no longer tenable. Instead, the emphasis is on understanding the return on investment (ROI) of cybersecurity measures and effectively communicating this need to the C-suite to prompt educated investing in preemptive cybersecurity tools and best practices.

Let's consider some of the strategies for security teams in advocating for the critical resources they now require.

Identity Management Is The New Perimeter
Solutions Review, Monday, February 5th, 2024
Sergey Medved of Quest Software examines why, in the wake of SEC charges against SolarWinds, enterprises need to shift their focus to identity management.

Recent SEC charges against the CISO of SolarWinds shook many in the cybersecurity industry as they made real the long-lasting consequences of cyber incidents. The charges also focused attention on the method used to leverage compromised SolarWinds systems way back in 2020: abuse of privileged accounts. Once attackers gained access to the privileged account status of SolarWinds deployments, they were able to do essentially whatever they wanted within numerous SolarWinds customers.

How Cybersecurity Strategies Adapt To Evolving Threats
HelpNet Security, Monday, February 5th, 2024
Cybersecurity strategies are essential components of modern organizations, designed to protect digital assets, sensitive information, and overall business continuity from potential cyber threats.

As technology advances, the complexity and frequency of cyber attacks continue to grow, making it imperative for businesses to develop robust and adaptive cybersecurity strategies.

In this round-up from Help Net Security, cybersecurity experts address various aspects of cybersecurity strategies and challenges.

Hackers backed by China are breaking into the networks of US companies so they are able to launch destructive cyber attacks against critical infrastructure in the event of a major crisis or conflict.

In their attempts to gain access to systems the attackers are paying particular attention to network and IT staff who often hold the keys to the system.

The warning from the National Security Agency (NSA), FBI and the US Cybersecurity and Infrastructure Agency (CISA) is a remarkably detailed breakdown of how a Chinese state-backed group, known as Volt Typhoon, has compromised the networks of multiple critical infrastructure organizations across communications, energy, transportation systems, and water sectors.

Deepfake Video Call Scam Cons Company Out Of $25 Million
readwrite, Monday, February 5th, 2024
A multinational company's Hong Kong office was the victim of an elaborate scam using deepfake video technology to impersonate executives and scam the company out of HK$200 million ($25.6 million), local police reported on Sunday

In what police described as the first scam of its kind in Hong Kong, scammers used deepfake technology to digitally recreate company executives and impersonate them on a video conference call. The technology allowed the scammers to generate fake but convincing representations of targeted individuals that replicated their voices and appearances.

The scam began in mid-January when an employee in the Hong Kong branch's finance department received a phishing message, seemingly from the company's UK-based chief financial officer, reports the South China Moring Post. The message claimed a secret transaction had to be conducted. Although initially doubtful, the employee was convinced after being invited to a video call in which the CFO and other familiar employees appeared to be present.

CSO's Guide: Water-Tight Account Security For Your Company
CSO's Guide, Friday, February 9th, 2024
This essential CSO guide outlines the robust account monitoring, access notifications, multi-factor authentication, deception technology, and user controls crucial for implementing unmatched account security across your organization.

In today's escalating threat landscape, account takeover and credential compromise remain top attack vectors for data breaches. As cybercriminals grow more sophisticated, organizations can no longer rely on outdated authentication practices and loose access governance. CSOs must mandate and implement robust account security to protect critical assets.

This comprehensive guide examines must-have account security measures spanning enhanced authentication policies, user session controls, log auditing, and real-time alerts. Adopting these water-tight protocols allows for catching and stopping account-based attacks early while collecting forensic evidence for future threat hunting.

The commercial spyware industry continues to supply highly advanced surveillance capabilities despite efforts to better regulate it.

Google researchers focused on the most complex hacking threats argued in a report published Tuesday that governments around the world should take more aggressive steps to combat the growth of a commercial spyware industry that is continuing to supply governments with invasive malware used to target journalists, human rights defenders, dissidents and political opponents.

6 Multi-Cloud Identity Management Tips And Best Practices
Search Security, Monday, February 5th, 2024
The more cloud services organizations adopt, the more identity challenges they face. Follow these five tips to improve multi-cloud identity management.

It's common for organizations to use multiple clouds, including a mix of public, private and hybrid. The multi-cloud model introduces added complexity to cloud identity and access management, however, especially with identity now at the forefront of the modern security perimeter.

A number of tips and best practices have emerged that help alleviate these challenges and ensure identities and access controls are secure and effective across cloud environments.

5 Trends & Advances That Are Set To Define Cloud Security In 2024
Data Science Centrsl, Monday, February 5th, 2024
Let's dive into the cloud, but not just any cloud-the cloud of the future, specifically the realm of cloud security in 2024. We're not just talking about your everyday, run-of-the-mill updates here.

We're looking at the big players, the game changers, the trends that are going to set the stage for how we protect our digital skies.

So, grab your virtual umbrella (or shield, for that matter), and let's explore these five trends set to redefine cloud security in 2024.

1. AI & ML: The dynamic duo of defense

2. Zero Trust architecture

3. Enhanced encryption techniques

4. Regulatory compliance as a baseline, not a ceiling

5. The rise of cloud security platforms

Top 2024 Scams: The Top Predicted Scams For This Year
Click Armor, Monday, February 5th, 2024
In the advancing time of AI and technology, it's crucial for every individual to know about the top 2024 scams.

2023 was an intense year for cyber security, with big companies being hit by malware and AI increasing the number of opportunities for cyber criminals. Unfortunately, cyber criminals and scams are only going to get smarter and more common this year.

Whether you are part of the security world or just interested in protecting your personal data, here are the top scams for the year that you should be aware of:

  • Deep fakes
  • Social engineering
  • Trusted organizations phishing scam
  • Job listing scam
  • The Grandparents Scam

In the ever-evolving landscape of digital threats, awareness and vigilance are our greatest defences.

Ransomware Payments In 2023 Hit $1 Billion: Chainalysis
Security Boulevard, Thursday, February 8th, 2024
Ransomware gangs raked in more than $1 billion in ransom payments last year as they exploited security flaws - particularly the vulnerability in the MOVEit file transfer software - and grew their focus on hospitals, schools, and other critical infrastructure.

'2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks - a significant reversal from the decline observed in 2022,' researchers with Chainalysis wrote in a report this week. 'Although 2022 saw a decline in ransomware payment volume, the overall trend line from 2019 to 2023 indicates that ransomware is an escalating problem.'

The report from the blockchain analysis firm echoes themes of the growing number and sophistication of ransomware attacks other cybersecurity vendors saw in 2023. Unit 42, Palo Alto Networks' threat intelligence arm, said in a report this week that the number of victims reported on ransomware leak site in 2023 jumped 49% year-over-year and that at least two dozen new groups emerged, driven by the amount of money to be had.

See all Archived IT - Security articles See all articles from this issue