The year 2020 isn’t over yet, but so far, it’s been unprecedented from a threat landscape point of view – including the impact of the global pandemic and social movements on the cybersecurity landscape. The threat researchers at FortiGuard Labs have taken a good hard look at what was happening over the first six months of 2020 from a cybersecurity perspective, and we’ve identified some key trends that the industry needs to be aware of.
The novel coronavirus has forever changed how and where we work. As many organizations adopt new solutions and collaboration tools (e.g., Microsoft Teams, Slack or Zoom) to accommodate employees and customers during this critical period, such fast-paced digital transformation has also exposed several shortcomings associated with our remote workforce’s home networks and routers.
The Duesseldorf University Clinic in Germany was hit by a ransomware attack last week that forced staffers to direct emergency patients elsewhere. The cyberattack “crippled the entire IT network of the hospital." As a result, a woman seeking emergency treatment for a life-threatening condition died after she had to be taken to another city for treatment, according to several outlets.
Ninety-three percent of IT leaders surveyed said that their organization had suffered data breaches through outbound email in the last 12 months. On average, the Egress 2020 Outbound Email Data Breach Report found, an email data breach happens approximately every 12 working hours.
Digital Shadows has analyzed the cybercriminal marketplace landscape following the Empire Market exit scam. The company’s research has identified a number of currently available dark web marketplaces popular within the cybercriminal community. Noting the impact of the closure of Empire Market, some marketplaces, such as Icarus Market, have seen a major spike in listings, from 25,000 to 35,000 in the last month.
New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts.
On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.
U.S. federal agencies revealed criminal charges against five computer hackers, all of whom were residents and nationals of the People’s Republic of China (PRC). All were charged of computer intrusions affecting over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.
The need for cybersecurity in the financial services industry has never been greater. Financial Institutions (FIs) have been and will continue to be the subject of cyberattacks by adversaries of all varieties. The old adage “why do you rob banks....because that’s where the money is” holds in this domain as well. In 2019, 86 percent of breaches were financially motivated, and the records exposed in all breaches increased by 284 percent. And if that’s not enough for FIs to worry about, consider that the average cost of a breach as disclosed by public firms in 2019 was $116 million. Given the magnitude of this issue, these are the top trends seen in cybersecurity this year.
vpnMentor’s research team recently received a report from an anonymous ethical hacker about a massive data leak exposing users of over 70 adult dating and e-commerce websites from around the world.
