Remote work is testing organizations, putting their IT departments under great stress. Like employees, many companies were unprepared for the many challenges of this seismic shift, one of which has been the dramatic changes in network and enterprise boundaries. Suddenly, securing endpoints became — and continues to be — a top concern.
The Internet of Things (IoT) is transforming our homes, businesses and public spaces – mostly for the better – but without proper precautions IoT devices can be an attractive target for malicious actors and cyberattacks. Security threats involving IoT devices often stem from the fact that many IoT devices usually have single-purpose designs and may lack broader capabilities to defend themselves in a hostile environment. For example, a door bell, a toaster or a washing machine frequently do not contain as much storage, memory and processing capability as a typical laptop computer.
In June, Apple announced iOS 14 updates that, among other changes, would require apps to ask users for permission to collect and share data with developers. As a result, Facebook has just announced it would no longer collect the identifier for advertisers (IDFA) on their own apps on iPhones.
Risk Based Security's Q1 2020 Vulnerability report, for the first time in years, saw a decline in the quantity of vulnerabilities being reported. However, the latest trends indicate we may be back on track to see the same amount of vulnerabilities, or even more, than last year. Why might this be the case? One possible reason: the Vulnerability Fujiwhara Effect.
The Center for Internet Security, Inc. (CIS®) released its Community Defense Model (CDM). The model shows that the CIS Controls® (Controls) – a prioritized and prescriptive set of safeguards that mitigate the most common cyberattacks against systems and networks – mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.
New Digital Shadows research provides a breakdown of the traffic data behind the top cybercriminal forums and how they square up against each other. The research was inspired by a June 2020 post on the English-language cybercriminal carding forum Altenen announcing a “big victory” for the site in terms of its website traffic rank statistics. This piqued the interest of the Digital Shadows research team who compared how the statistics aligned with their pre-existing perceptions of these sites, whether they show any trends they were previously unaware of, and if there was anything that would indicate deceptive tactics behind these numbers.
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM) are issuing a joint technical alert about an ongoing automated teller machine (ATM) cash-out scheme by North Korean government cyber actors – referred to by the U.S. government as “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks.”