Due to its popularity as an embedded protocol operating in devices across the industrial control systems (ICS) domain, the Claroty Research Team decided to analyze the Open Platform Communications (OPC) for security vulnerabilities and implementation issues. In a blog, they shared some details about a number of vulnerabilities that emerged from their intensive investigation of the protocol.
NCC Group and Fox-IT have been tracking a threat group - Chimera - with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry.
U.S. cybersecurity company Malwarebytes is the latest victim in a string of attacks targeting top security firms. In a statement from the company, the hackers breached the internal systems by way of a dormant email protection product within their Office 365 tenant that allowed access to a limited subset of internal company emails.
Most bot mitigation solutions rely on rules and risk scores, which use information from the past, even when paired with advanced machine learning or AI capabilities. Since bot operators are continually inventing new ways to evade detection, using historical data fails to detect and stop bots never seen before. As a result, retailers and e-commerce companies can’t keep up with the evolving nature of bot operators’ techniques, tools, and tactics. This is evidenced by the record volume of “Grinch” bots that we saw over the holidays.
As Data Privacy Day approaches this week, new research conducted by ISACA reveals critical skills gaps and insufficient training. The survey report, Privacy in Practice 2021: Data Privacy Trends, Forecasts and Challenges, also explores past and future trends in privacy, offering insights into privacy workforce and skills, the use of privacy by design, and the organizational structure and composition of privacy teams.
According to Digital Shadows’ Photon Research Team in Q4 2020, six groups made up 84% of alerts —Maze, Egregor, Conti, Sodinokibi, DoppelPaymer, and NetWalker— from the ransomware data leak sites Digital Shadows monitors.
Untangle Inc. announced the results for its annual Voice of the Channel and 2021 Predictions Report. The report surveyed Untangle’s global network of Channel Partners to better understand current trends and barriers faced when protecting clients against emerging cybersecurity threats and other customer barriers within the market.
Cisco published the 2021 Data Privacy Benchmark Study, its fourth annual look into corporate privacy practices worldwide, which found enhanced importance of privacy protections during the pandemic and increasing benefits for businesses that adopt strong privacy measures.
In order to report on how secure the average American’s password is, the Safety.com research team conducted a survey of 1,210 US residents about the length and complexity of their passwords: 67.3% of survey respondents said their average password was equal to or less than eight characters long; 7.8% of respondents said their average password was less than five characters long; 19.3% of respondents said their average password was fifteen characters or more; Adults younger than 25 and older than 55 were amongst the groups with the shortest passwords.
According to Kroll, a Division of Duff & Phelps, ransomware was the most observed threat in 2020, accounting for over one-third of all cases as of September 1, 2020. Notably, Kroll found that Ryuk and Sodinokibi, perennially the most observed variants in Kroll’s cases, were joined by Maze as the top three ransomware variants so far in 2020. To get some insight on ransomware trends in 2021, as well as how cybercriminals execute this type of attack, we spoke to Wade Lance, Field CTO of Illusive Networks.
