It's very rare that the defense and intelligence community is vulnerable to file-based attacks. More commercial businesses should look to the defense and intelligence community for guidance on improving security posture.
The report found that while 81% of those surveyed consider their security to be above average or exceptional, many lack basic cyber hygiene - 41% lack a password complexity requirement, one of the cheapest, easiest forms of protection, and only 55.6% have implemented multi-factor authentication. "The loss of data and resources due to ransomware attacks can be debilitating. Though organizations are taking this threat seriously, too many are failing to take basic preventative steps. This report indicates a disturbing misplaced confidence that defenses never fail or that paying a ransom after an attack will always work - they do, and it won't," said Ted Ross, CEO of SpyCloud.
Cyware revealed a research detailing the challenges affecting modern security operations teams and the negative business impact of siloed security operations. According to the study, conducted by Forrester Consulting, 71% of security leaders report their teams need access to threat intelligence, security operations data, incident response data, and vulnerability data, yet 65% of respondents find it very challenging to provide security teams with cohesive data access.
The Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency published today an advisory with details about how the BlackMatter ransomware gang operates.The joint cybersecurity advisory from CISA, the FBI, and the NSA shares the tactics, techniques, and procedures associated with BlackMatter activity that could help organizations protect against the BlackMatter ransomware gang.
Emerging AI-based data governance solutions offer an additional weapon for the ransomware fight: situational awareness informed by deep insights into content. Armed with an understanding of the attack process and empowered with insights into your content, you'll have what you need to minimize damage before, during, and after ransomware incidents.
A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan. The malware, known as MysterySnail, was found by Kaspersky security researchers on multiple Microsoft Servers between late August and early September 2021.
The threat actor's goal is Microsoft Office 365 account takeovers. Microsoft, which began tracking the activity in late July 2021, detailed the attacks in an alert released Monday, adding that the culprits appear to be bent on espionage and have ties to Iran.
An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting U.S., E.U., and Israeli defense technology companies, with additional activity observed against regional ports of entry in the Persian Gulf as well as maritime and cargo transportation companies focused in the Middle East. Microsoft is tracking the hacking crew under the moniker DEV-0343.
Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. The activity cluster was temporarily dubbed DEV-0343 by researchers at Microsoft Threat Intelligence Center and Microsoft Digital Security Unit, who have tracked it since late July.
33% of emails employees report as phishing attempts are either malicious or highly suspect, according to new research. The finding comes from an analysis of emails reported by employees from organizations across the globe during the first half of 2021, and highlights the efficacy of employee-led efforts in preventing cyberattacks.