COVID made “flatten the curve” a household phrase in 2020, but did you know the concept also applies to vulnerability exploits? It turns out that what’s past is prologue in exploit trends. By tracking which attacks are being exploited the most, organizations discover important information to help proactively determine their vulnerability and risk. But it is also important to track attacks where activity has increased the most within a specified timeframe. It only takes one critical exploit to cause significant damage and, once inside the network, the attacker will need to move laterally and probably deploy additional exploits. That’s why understanding which exploits have the greatest likelihood of arriving on the network’s doorstep helps organizations prioritize patch management and risk assessment. This remains top of mind as cyber adversaries continue to maximize vulnerabilities, as we have recently seen with DearCry ransomware, for example.
RiskRecon, a Mastercard Company, and the Cyentia Institute published “From Uncertainty to Understanding: The Value of Better Data in Third-Party Risk Assessments.” To help organizations choose the best data to power their third-party risk models, RiskRecon partnered with Cyentia Institute to conduct the research study that quantifies how high-fidelity data turns risk assessments from an exercise of uncertainty to one of understanding.
Semperis announced the appointment of James (Jim) W. Doggett Jr. as chief information security officer (CISO). A longtime partner at Ernst & Young (EY) LLP and a veteran security and risk executive, Doggett will be responsible for managing Semperis’ cybersecurity posture and information and risk management program, along with helping customers improve the resiliency of their foundational identity systems.
Almost every American adult knows that cyberattacks and breaches are ubiquitous and have primarily targeted companies and government entities. They might even know that the single most common breach these days is ransomware, a malicious process by which hackers dismantle computer systems and don’t fix them until a ransom is paid. Few, however, are aware that ransomware is targeting a new set of highly vulnerable victims en masse. In recent months, the majority of successful ransomware attacks have struck K-12 schools nationwide, casting a whole new light on the number of Americans highly susceptible to a cyberattack.
Colonial Pipeline, which operates the biggest gasoline conduit to the East Coast, said it has no estimate on when it could restart the 5,500-mile pipeline that it shut Friday after a cyberattack. The company took systems offline to contain the threat, temporarily halting all pipeline operations and affecting some IT system. In a statement, the company said the Colonial Pipeline operations team is developing a system restart plan, and while their mainlines remain offline, some smaller lateral lines between terminals and delivery points are now operational.
News quickly spread about a vulnerable call recording app for iPhone named “Call Recorder,” or “Acr call recorder,” as its listing in the Apple App Store states. TechCrunch was the first outlet to flag a design flaw with the mobile application’s API when it obtained call recordings from AWS S3 cloud storage to prove it was insecure and therefore open to API-based attacks. The weaknesses exhibited by the mobile app represent a vital shift occurring in cybersecurity towards the importance of the protection and hardening of APIs. From this instance alone, we can learn a number of valuable lessons as API attacks are set to rise drastically this year. Most of the issues in the Call Recorder vulnerability map directly to the OWASP API Security Top 10, a list that captures the most common API mistakes. This document is a great reference for DevOps and security teams that are looking to implement strong API security that can be applied to both web and mobile application systems, including those in the cloud.
In a blog post commemorating World Password Day, Google announced the move to make users sign in via a second step after entering a password, such as a mobile app.
Global insurance company AXA said Thursday it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals.
Peloton’s leaky API has allowed any hacker to obtain any user’s account data — even if that user had set their profile to private.
The vulnerability, which was discovered by security research firm Pen Test Partners, allowed requests to go through for Peloton user account data without checking to make sure the request was authenticated. As a result, the exposed API could let anyone access any Peloton user’s age, gender, city, weight, workout stats, and birthday.
RSS
