Information security - Articles - Page 62

Outsourcing Data: Don't Take a Fairytale Approach

Leveraging breached data to unmask cybercriminals

October 16, 2020

How are threat actors so successful? They gather breached data and information from open sources – think social media profiles or even voting records – to build digital profiles of individuals with just a few clicks. This can then lead to, among other attacks, phishing scams such as business email compromise, potentially inflicting a significant financial toll on an organization.

Norway blames Russia for cyberattack on parliament

October 15, 2020

Norway has blamed Russia for the August cyberattack that targeted the email system of the country's parliament. "Based on the information the government has, it is our view that Russia is responsible for these activities," Foreign Minister Ine Eriksen Soreide said in a statement, the Moscow Times reports.

Education & Training

Compelling insights into career hackers

In 39 seconds, there will be another web application attack.

Ashish Gupta

October 14, 2020

It is well known that today we live in an unprecedented time with rampant cybercrime. And now that the COVID-19 pandemic has created unparalleled challenges including worldwide unemployment and a massive financial crisis, ironically one of the industries that has flourished is the $5.2 trillion economy of cybercrime.

NJOHSP promotes cyber safety for cybersecurity awareness month

October 14, 2020

The New Jersey Office of Homeland Security and Preparedness (NJOHSP) reaffirmed its commitment to keep the State cyber safe after Governor Phil Murphy proclaimed October as Cybersecurity Awareness Month on October 2. NJOHSP and its cyber division, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), are also participating in National Cybersecurity Awareness Month (NCSAM).

Remote work lingers: Top 3 ways to keep employee devices secure

National Cybersecurity Awareness Month: Securing Devices at Home and Work

Will Bass

October 14, 2020

Today, as an increasing number of organizations, including top tech companies like Google, Twitter and Facebook, have announced extended remote work plans, IT teams must ensure employee devices are secured to sustain the long haul. With IT burnout high, user awareness low, and malicious activity rising, this is often easier said than done. Here are top three tips for IT teams to ensure employee devices remain secure as remote work looms.

How cyberattackers use Microsoft Office 365 tools against organizations to steal data

October 13, 2020

Vectra released its 2020 Spotlight Report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

5 minutes with Satya Gupta: The surge of remote work and its impact on critical infrastructure organizations

Maria Henriquez

October 13, 2020

Meet Satya Gupta, Virsec’s visionary, who has more than 25 years of expertise in embedded systems, network security and systems architecture. Here, we talk to Gupta about the impact that COVID-19 and remote work policies has had on the industrial and critical infrastructure organizations.

APT actors chaining vulnerabilities against SLTT, critical infrastructure and elections organizations

October 13, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory regarding advanced persistent threat (APT) actors chaining vulnerabilities — a commonly used tactic exploiting multiple vulnerabilities in the course of a single intrusion — in an attempt to compromise federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations.

Threat actors, TA505 and MERCURY, exploiting ZeroLogon to attack and gain account control privileges

October 12, 2020

Microsoft recently warned that more cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks. Threat actor TA505, a financially motivated threat group that has been active since at least 2014, is now exploiting this vulnerability.

Rise in mercenary hacking groups and cyber espionage

October 8, 2020

As the 2020 U.S. presidential election nears, there has been a rise in mercenary hacking groups and cyber espionage. Some say this a direct result of the current administrations’ increasingly isolationist global foreign policy, and that the U.S.’ status in the global cyber domain should be a major discussion point before November.