The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory regarding advanced persistent threat (APT) actors chaining vulnerabilities — a commonly used tactic exploiting multiple vulnerabilities in the course of a single intrusion — in an attempt to compromise federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations.
Data from 25,000 small-to-midsize organizations reveals ransomware as the top cyber insurance incident in the first half of the year, with the average ransomware demand increasing 100% from 2019 through Q1 2020
October 13, 2020
Coalition announced the results of its H1 2020 Cyber Insurance Claims Report. The report explores top cybersecurity trends and threats facing organizations today, in addition to data showing the impact of COVID-19 on cyber insurance claims. The report garners insights from the incidents reported across 25,000 small and midsize organizations.
It sounds simple: a company must be a safe place to work, and people will want to work for companies that make them feel safe. Companies have a duty of care and responsibility to keep employees safe, even as many work remotely. But as enterprises undergo digital transformation, physical security has at times been left behind (with legacy and outdated technology systems) despite a rise in threatening events and its increasing importance for corporations. Embracing digital protective intelligence and making safety a priority is not just a way to support wise corporate values, but given the potential loss of life and the cultural, bottom line and brand reputation damage that could occur, must be a mandate for modern business operations.
Ahead of Amazon Prime Day, a highly-anticipated two-day online event, Bolster Research analyzed hundreds of millions of web pages and tracked the number of new phishing and fraudulent sites using the Amazon brand and logos. T
BlackBerry released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT. In the report, BlackBerry researchers link the cyberespionage threat group to a staggering number of ongoing attacks against government officials and industry titans, while also unveiling the group’s vast network of disinformation assets aimed at furthering particular political causes and hampering NGOs.
Microsoft recently warned that more cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.
Threat actor TA505, a financially motivated threat group that has been active since at least 2014, is now exploiting this vulnerability.
The Department of Justice announced that six men have been arrested and charged federally with conspiring to kidnap the Governor of Michigan, Gretchen Whitmer. According to a complaint, this group used operational security measures, including communicating by encrypted messaging platforms and used code words and phrases in an attempt to avoid detection by law enforcement.
The National Security Agency announced the official launch of the Center for Cybersecurity Standards (CCSS) in the Cybersecurity Directorate. This office will lead NSA’s Cybersecurity mission to engage with standards bodies to communicate security requirements and influence standards to secure our National Security Systems and provide support to the Defense Industrial Base (DIB).
McAfee and the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC) released a new research study, MITRE ATT&CK as a Framework for Cloud Threat Investigation, developed by CLTC researchers. The report focuses on threat investigation in the cloud through the lens of the most widely adopted framework, MITRE ATT&CK.
Acting Secretary of Homeland Security Chad F. Wolf released the Department of Homeland Security’s (DHS) Homeland Threat Assessment (HTA). This first-of-its-kind report synthesizes threat information across DHS including intelligence and operational components.