Security News > 2021

As COVID-19 spread across the world, organizations found themselves more exposed to cyber threats than ever before and the cybersecurity skills gap became even more obvious. Even though - according to the² 2020 Cybersecurity Workforce Study - progress has been made in decreasing the cybersecurity workforce gap from 4 million to 3.1 million, more than half of the study's respondents still said that cybersecurity staff shortages are putting their organizations at risk.

To select a suitable SOAR solution for your business, you need to think about a variety of factors. A focus SOAR should integrate with the existing security solutions, IT infrastructure and technology in an organization and act like a centralized hub for the whole security environment by increasing collaboration and orchestrating all the elements as if they are all part of the same solution.

In other words, the investment in most security awareness programs is window dressing - something that looks good but is a false front. Human actions account for 90% of all security incidents, so CISOs can quantifiably reduce their overall security incidents by upgrading the "Human firewall."

Based on the analysis of more than 500 attacks observed during Group-IB's own incident response engagements and cyber threat intelligence activity, researchers estimate that the number of ransomware attacks grew by more than 150% in 2020. In 2020, ransomware attacks on average caused 18 days of downtime for the affected companies, while the average ransom amount increased almost twofold.

The Biden administration has urged users of Microsoft's Exchange mail and messaging server to ensure they have not fallen victim to the recently-detected "Hafnium" attack on Exchange Server that Microsoft says originated in China. Microsoft revealed the attack last week and released Exchange security updates.

Consumers have faced a lot of change over the past year with the shift to a digital-first lifestyle, and tax season with increasing risks is no exception. According to the IRS, Criminal Investigation identified $2.3 billion in tax fraud schemes during FY2020.

Dubbed "Earth Vetala" by Trend Micro, the latest finding expands on previous research published by Anomali last month, which found evidence of malicious activity aimed at UAE and Kuwait government agencies by exploiting ScreenConnect remote management tool. The cybersecurity firm linked the ongoing attacks with moderate confidence to a threat actor widely tracked as MuddyWater, an Iranian hacker group known for its offensives primarily against Middle Eastern nations.

Motus released a report which examines the trends that will influence remote work in 2021 and beyond. "Over the past year, organizations have quickly and successfully adapted to remote work and proved that the workforce is fully capable of operating successfully in a remote environment. Today, nearly 56% of employees have remote-compatible jobs, setting the stage for an enduring remote workforce."

Nimble, highly skilled criminal hackers believed to operate out of Eastern Europe hacked dozens of companies and government agencies on at least four continents by breaking into a single product they all used. Operating system companies such as Microsoft have long been bull's-eyes - with untold thousands of installations of its Exchange email server being violated globally in the past few weeks, mostly after the company issued a patch and disclosed that Chinese state hackers had penetrated the program.

The new app expands Tufin's vulnerability management capabilities with automated vulnerability checks prior to approving network access changes. When combined with the Vulnerability Mitigation App, Tufin delivers a vulnerability management solution that allows customers to maintain additional control over their attack surface when making network changes.