Security News

As the frequency and sophistication of cyber threats continue to escalate, the need for robust cybersecurity regulations has never been more critical. In this Help Net Security round-up, we present segments from previously recorded videos in which cybersecurity experts underscore the importance of proactive cybersecurity measures in the face of evolving regulations.

In nearly 85% of attacks on critical sectors, compromise could have been mitigated with patching, MFA, or least-privilege principals - indicating that what the security industry historically described as "Basic security" may be harder to achieve than portrayed. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure.

"The SonicWall report reveals that the threat landscape continues to grow in complexity and depth as threat actors adopt new tactics and platforms," said SonicWall CEO Bob VanKirk. The data illustrates the tenacious and evolving state of cyber threats, underscoring the need for businesses to adapt their security strategies continually, and serves as a call for organizations to lean on MSPs to help identify and remediate threats quickly.

President Biden has empowered the US Coast Guard to get a tighter grip on cybersecurity at American ports - including authorizing yet another incident reporting rule. Port Captains, USCG officers responsible for laying down the law in US ports, can now declare "Security zones," inside of which they'll have broad authority to prevent "Access of persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, to vessels, or waterfront facilities."

On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired....

State and county officials have been urged to use paper ballots wherever possible over electronic ones, and ensure all election offices have procedures in place to handle potentially lethal substances, specifically fentanyl, anthrax, and ricin. On election threats, "We anticipate AI being leveraged for deception campaigns," said Michelle Alvarez, strategic threat analysis manager for IBM X-Force.

Considering that 2024 is a historic year for elections - with an estimated half of the world's population taking part in democratic votes - this high threat of cyber interference has significant implications for global free society, threatening to undermine confidence in voting processes or - at worst - even alter electoral outcomes, according to Tidal Cyber. A concerning 27% of countries with 2024 national elections face the highest threat levels, facing multiple priority adversary groups and many state-backed groups associated with priority adversary countries.

Google is currently tracking more than 40 CSVs, most of which are highly technical with the ability to develop spyware and zero-day exploits to compromise their targets, particularly on Android and iOS devices. Read details about what CSVs target, how spyware is used, CSVs' harmful impact on individuals and society and how businesses can mitigate these cybersecurity threats.

Microsoft and OpenAI have identified attempts by various state-affiliated threat actors to use large language models to enhance their cyber operations. Just as defenders do, threat actors are leveraging AI to boost their efficiency and continue to explore all the possibilities these technologies can offer.

Initial access brokers are increasingly targeting entities within NATO member states, indicating a persistent and geographically diverse cyberthreat landscape, according to Flare. Flare analyzed hundreds of IAB posts on the Russian-language hacking forums, and discovered recent activity in 21 out of the 31 NATO countries - confirming the extensive reach and consistent potential threat IABs pose to national security and economic stability.