Verizon’s 2020 Cyber-Espionage Report (CER) draws from seven years of Verizon Data Breach Investigations Report (DBIR) content, and more than 14 years of Verizon Threat Research Advisory Center (VTRAC) Cyber-Espionage data breach response expertise. The CER serves as a guide for cybersecurity professionals looking to bolster their organization’s cyber defense and posture and incident response (IR) capabilities against cyberattacks.
ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.
Generali Global Assistance released the findings of its fourth annual Holiday Shopping ID Theft survey. The survey examines consumer sentiment on retail data breaches and the identity theft risks holiday shopping poses.
Digital Shadows has identified a post on the English-speaking cybercriminal forum, RaidForums, alleging to possess a complete 2020 Wisconsin voter database. The author of the post provided a free download link to a database containing statewide voter and absentee data acquired from the "Badger Voters" site, a website established by the State of Wisconsin Elections Commission.
Cellebrite recently published a new white paper with IDC, “Policing 2025: Envisioning a New Framework for Investigations.” In the IDC White Paper, IDC proposes a methodology for public safety organizations to digitally transform.
The Q3 2020 Threat Landscape Report by Nuspire demonstrates threat actors becoming even more ruthless. Throughout Q3, hackers shifted focus from home networks to overburdened public entities, including the education sector and the Election Assistance Commission (EAC). Malware campaigns, like Emotet, utilized these events as phishing lure themes to assist in delivery.
Financial services firms are reportedly hit by security incidents 300 times more frequently than other businesses, according to ID Theft Resource Center. To help financial planners protect their data and comply with the cybersecurity requirements established by the Securities and Exchange Commission (SEC) and FINRA, the Financial Planning Association (FPA) today launched Cybersecurity for Financial Planners: An FPA Certificate Program.
RSS
