Security News

More than half of large companies are not effectively stopping cyberattacks, finding and fixing breaches quickly or reducing the impact of breaches, according to a new research study from Accenture. "Accenture's State of Cybersecurity Resilience 2021 study explored the extent to which organizations prioritize security, the effectiveness of current security efforts and how their security investments are performing. The pandemic served as"a breeding ground for new attacks,'' according to the study, which was based on a survey of more than 4,700 executives globally.

The Identity Theft Resource Center (ITRC) has published a report on the impacts of identity crimes and cyberattacks on small businesses. There is little information about how small businesses are impacted by the rise in identity crimes and cyberattacks.

The attack took place on October 30th, causing regional health systems to shut down their networks and cancel thousands of medical appointments. This outage affected health systems in Central Health, Eastern Health, Western Health, and the Labrador-Grenfell Regional Health authorities.

An attack on the fuel distribution chain in Iran reportedly forced the shutdown of a network of filling stations Tuesday, leaving motorists stranded at pumps across the country and unable to fill up their tanks. The incident disabled government-issued electronic cards providing subsidies that many Iranians use to purchase fuel at discounted prices, according to a report in The Times of Israel, which said that the Iran Supreme National Security Council confirmed the attack.

Not to mention, today's corporate perimeter involves the cloud and mobile and remote assets too, and there could be hidden assets you're not aware of. I don't need to know all your assets or everything about your security strategy.

Following the recent international law enforcement effort that dismantled the infrastructure for the REvil ransomware group, fellow cybercrime group Groove called for revenge - encouraging the wider cyber extortionist community to band together to target U.S. interests. At a time when the U.S. is leading the international law enforcement effort to make splashy busts and shows of force against cybercriminals, this seems like a bold bet by Groove.

The SolarWinds attackers - an advanced persistent threat known as Nobelium - have started a new wave of supply-chain intrusions, this time using the technology reseller/service provider community to attack their targets. "While the SolarWinds supply-chain attack involved malicious code inserted in legitimate software, most of this recent intrusion activity has involved leveraging stolen identities and the networks of technology solutions, services and reseller companies in North America and Europe to ultimately access the environments of organizations that are targeted by the Russian government."

Your small business is doing OK. You hope this year's Christmas season will be a blockbuster. Jim Bowers, security architect at TBI, believes even the smallest of companies should have a cybersecurity incident-response plan, designed to help those responding to a cybersecurity event in a meaningful way.

The launch of a standing offer to pay for Windows virtual private network software zero-day exploits came to light this week, even as the U.S. mulls new regulations on the export of tools that could be used in cyberattacks against the U.S. or its interests. The U.S. Department of Commerce Bureau of Industry and Security has announced new regulations on the export of "Certain items" that could be used in cyberattacks.

The University of Sunderland in the UK has announced extensive operational issues that have taken most of its IT systems down, attributing the problem to a cyber-attack. University updateThe University continues to experience extensive IT issues which has all the hallmarks of a cyber-attack.