Security News

The Cybersecurity and Infrastructure Security Agency warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats. "In the lead up to the holidays and in light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential malicious cyber attacks," the cybersecurity agency said [PDF].

Others might have belonged to people who have changed roles and are no longer using those specific identities. These tools have blind spots in areas such as mismanaged empty groups and robotic identities.

With 2021 drawing to a close and many closing their plans and budgets for 2022, the time has come to do a brief wrap-up of the SaaS Security challenges on the horizon. Here are the top 3 SaaS security posture challenges as we see them.

The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. There is a new financially motivated threat group on the rise and for a change, it doesn't appear to be interested in deploying ransomware or taking out high-profile targets.

Teams can't afford to take a minute off, but they also can't manage the massive security necessary to defend most organizations. A new eBook by XDR provider Cynet breaks down this challenge and offers some solutions for lean security teams looking for ways to improve their detection and response capabilities.

The progress within modern application development doesn't directly translate to the security world as it often ends up being the aspect that gets left behind. Even worse, many of these vulnerabilities can go overlooked by security teams as they learn to navigate modern architectures that aren't immediately adaptable to their typical security testing practices.

Already, more European organizations have increased their zero trust budgets in 2021. Zero trust adoption will extend across even more private organizations and governments to counter the growing threat landscape.

State-backed adversaries expanded attacks against cloud platform company Zoho and its ManageEngine ServiceDesk Plus software, a help desk and asset management solution. Back in November, Unit 42 said it observed correlations between the tactics and tooling used in ADSelfService Plus campaigns and Threat Group 3390, also known as TG-3390 and Emissary Panda or APT27.

What if an external threat actor would offer your employees easy money to just do a quick action on one of the company's computers? How would the company detect it? Some of those employees or ex-employees will try to use their knowledge of the company and the data to which they have access to cause harm and affect confidentiality, integrity or availability of the organization's critical information or networks.

ENISA has announced the release of its report - Railway Cybersecurity - Good Practices in Cyber Risk Management for railway organizations. European railway undertakings and infrastructure managers need to address cyber risks in a systematic way as part of their risk management processes.