Security News

October is Cybersecurity Awareness Month, but most business leaders and consumers don't need a special event to remember cybersecurity's preeminence in today's turbulent digital landscape. While software solutions are critical to securing digital infrastructure and company data, businesses will get the most return-on-investment by directing a significant share of their cybersecurity capacity toward an oft-overlooked priority - their people.

Attackers can easily buy, deploy and scale phishing campaigns to steal credentials and other sensitive data, says Microsoft. Cybercrime as a service has expanded to malware, ransomware and even phishing campaigns.

Trend Micro has released a midyear cybersecurity report that makes two interesting claims: First, that ransomware numbers decreased by almost half in H1 2021 compared to H1 2020; and second, that the number of newly reported vulnerabilities decreased, with a particularly large dip in the number of critical flaws being reported. The first six months of 2021, Trend Micro said, "Were marked with significant vulnerability exploitation incidents, such as the ProxyLogon attacks," which was the key exploit behind the Microsoft Exchange server attacks.

To help improve this metric and enhance organizations' ability to respond to attacks quickly, many endpoint detection and response and extended detection and response vendors have started including some form of automation in their platforms to reduce the need for manual intervention. More than automating individual components, the Cynet 360 platform offers automation across every phase of incident response - from detection through remediation.

Ransomware remains primary threat in the first half of the year as cybercriminals continued to target big-name victims. Working with third parties to gain access to targeted networks, they used Advanced Persistent Threat tools and techniques to steal and encrypt victims' data.

In this interview with Help Net Security, Dr Shreekant Thakkar, Chief Researcher, Secure Systems Research Centre at TII, talks about the ever evolving threat landscape and how automation could improve the way organizations detect and respond to attacks. The modern cybersecurity threat landscape is evolving faster than ever, particularly threatening critical infrastructures.

Organizations struggle to identify the warning signs of insider threats, according to a report by the Ponemon Institute. "The vast majority of security threats follow a pattern or sequence of activity leading up to an attack, and insider threats are no exception," said Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute.

The sun never seems to set on the cybercriminal threat, but whether you're heading into autumn or bursting into spring you can tap into the world's finest cyber security training, at upcoming SANS Institute events in Asia and Oceania. With the cloud accounting for ever more of the world's compute, you can be assured that they all feature top courses focusing on detecting and countering cloud threats, including newly minted courses such as Cloud Security and DevSecOps Automation, and Public Cloud Security: AWS, Azure and GCP. With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey.

Cyber attacks against critical national infrastructure are escalating. The most frequently-discussed aspect of critical infrastructure events are availability impacts: stopping or interrupting a process or organization.

Offboarding employees securely is a key problem for business leaders, with 40% concerned that employees who leave a company retain knowledge of passwords that grant access to corporate data. This is according to A research by My1Login, which found few organizations are implementing access management solutions that work with all applications, meaning most lack the ability to revoke access to all corporate data as soon as an employee leaves.