Security News

In 2019, security teams made progress in the adoption of perimeter-less security while hackers increased the use of fileless malware and IoT malware. The 2020 SonicWall Cyber Threat Report highlights tactics hackers are using to get unauthorized access to data as well as what security teams are doing to protect it.

Gov. John Bel Edwards called on Louisiana's local government leaders Wednesday to protect their data, reminding them of recent cyberattacks across the state and saying they're likely to face such a strike in the future. "You may not have been hit yet in your town or in your city. But it's a question of when, not if," the Democratic governor told a luncheon crowd of the Louisiana Municipal Association.

Beyond these high-profile instances, various journalists and human rights activists have been targeted globally after a WhatsApp zero-day vulnerability was exploited by attackers who were able to inject spyware onto victims' phones. Vanunu, head of products vulnerability research at Check Point research, has seen his share of WhatsApp vulnerabilities - the researcher at Black Hat 2019 demoed several flaws in the messaging platform could be used to manipulate chats, for instance.

Attacks against endpoints have become more costly, up more than $2 million since 2018. With the rise in BYOD and employees working from home or remotely, endpoints have become more prevalent.

Many executives either don't know what their company's cyber defense is, lack budget, or spend too much time analyzing rather than taking action. In a new poll of 2,800 cyber security practitioners and C-suite executives, 65% cite destructive cyber attacks like NotPetya as a top cyber security concern.

The Greek government said Friday that the official state websites of the prime minister, the national police and fire service and several important ministries were briefly disabled by a cyberattack but have been restored. Government spokesman Stelios Petsas said early Friday that the distributed denial-of-service or DDoS attack "Led to the malfunction of certain websites." He said "Countermeasures" had been successfully implemented, but gave no further details.

Small and midsized businesses sometimes lack the internal skills and staff to fully handle their cybersecurity, prompting them to outsource their security protection to channel partners. Though such partners are increasingly adding security to the mix of services they offer, businesses can still be vulnerable to cyberattack due to certain internal limitations and barriers.

A cyberattack targeting one of the largest banks in the U.S. that stops the processing of payments likely would have a major ripple effect throughout the financial system, according to a new report from the Federal Reserve Bank of New York. The impact of a cyberattack would increase if the banks strategically responded by not sending out payments and hoarding their money and assets, which the study says is likely.

Cloudflare, the security, performance, and reliability company helping to build a better Internet, announced it will be offering free security services to help political campaigns in the United States and around the world defend against cyberattacks and election interference. Separate from these projects, Cloudflare provided services to 16 of the 17 2016 U.S. Presidential campaigns and has provided service to 18 of the 32 2020 U.S. Presidential campaigns.

Organizations should long ago have put in place multifactor authentication and a breach response plan and continued to actively shore up any defenses that are lagging. Here's the U.S. government once again warning organizations that support critical infrastructure to do the basics.