cyb Marquis Who's Who Honors Royalty for Expertise in Cybersecurity and Harmonic Trading By www.24-7pressrelease.com Published On :: Mon, 16 Sep 2024 08:00:00 GMT HRM Edward Obajinmi has been recognized for 20 years in Cybersecurity, Governance Risk and Compliance. Full Article
cyb Carhartt boosts its cyber resilience with Rubrik By www.kmworld.com Published On :: Thu, 18 Jan 2024 03:00:35 EST Workwear brand migrates more than 600 workloads from multiple legacy backup vendors to Rubrik Security Cloud Full Article
cyb Here is the Data Sharing Statement, in its entirety, for Goodwin GM, Aaronson ST, Alvarez O, et al. Single-Dose Psilocybin for a Treatment-Resistant Episode of Major Depression. N Engl J Med. DOI: 10.1056/NEJMoa2206443. By statmodeling.stat.columbia.edu Published On :: Wed, 16 Oct 2024 13:32:11 +0000 As forwarded to us by Max Shepsi: I’m starting to see a pattern here! Full Article Decision Analysis Public Health Zombies
cyb The Big Bang Theory Cast In Cyberpunk World Imagined By AI By icanbecreative.com Published On :: Sun, 21 May 23 16:46:24 +0300 Imagine a collision between two vastly different worlds: the geeky universe of The Big Bang Theory and the futuristic realm of cyberpunk. In this article, w ... Full Article Design Roud-up
cyb 2024 Black Friday + Cyber Monday Deals for Designers By justcreative.com Published On :: Thu, 31 Oct 2024 16:01:03 +0000 Save cash with these top best 2024 Black Friday and Cyber Monday deals for graphic designers, creatives, artists, web designers, professionals & photographers! Full Article Deals & Freebies 2024 Black Friday Cyber Monday Deals
cyb Adobe Black Friday & Cyber Monday Sale 2024 — Ultimate Guide By justcreative.com Published On :: Sun, 10 Nov 2024 17:00:42 +0000 Get the best deals during the Adobe Black Friday sale! Find all the 2024 Adobe Black Friday & Cyber Monday sale details here! Full Article Deals & Freebies Adobe 2024 Black Friday Creative Cloud Cyber Monday
cyb New Cybersecurity Specialist By www.flickr.com Published On :: Fri, 06 Sep 2024 12:57:04 -0700 NRCgov posted a photo: Tim Marshall is a new cybersecurity specialist in our Office of Nuclear Security and Incident Response. He duties include working with regulations, research projects, converting plant controls from analog to digital, and fuel cycle facilities. Visit the Nuclear Regulatory Commission's website at www.nrc.gov/. Photo Usage Guidelines: www.flickr.com/people/nrcgov/ Privacy Policy: www.nrc.gov/site-help/privacy.html. For additional information, or to comment on this photo contact us via e-mail at: OPA.Resource@nrc.gov. Full Article
cyb The Cybersecurity Law Report By www.littler.com Published On :: Mon, 26 Feb 2018 21:33:14 +0000 Aaron Crews and Michael McGuire answer questions about cybersecurity, eDiscovery and other data topics. The Cybersecurity Law Report View Article Full Article
cyb Microdosing Psilocybin: Popular Drug Has Implications for the Workplace By www.littler.com Published On :: Wed, 09 Oct 2024 18:58:12 +0000 This Insight discusses what psilocybin is, how it is used, and various state and local laws that either decriminalize and/or legalize its use, or make the enforcement of its illegality a low priority. This Insight also addresses some steps employers can take if employees are “microdosing” psilocybin while at work. Full Article
cyb Legal Tech's Milestones for Cybersecurity & Data Privacy in 2023 By www.littler.com Published On :: Wed, 27 Dec 2023 18:48:03 +0000 Denise Backhouse shares how best to alleviate data risks that many e-discovery professionals may face in the new year. Legaltech News View (Subscription required.) Full Article
cyb Cybersecurity Considerations for Employers Sponsoring ERISA Plans By www.littler.com Published On :: Tue, 12 Nov 2024 14:18:02 +0000 Cyber-criminals often steal funds and personal data from employee benefit plans. Employers face increasing liability for failures in cybersecurity of the employee benefit plans they sponsor, including for the security of plan assets and data managed by service providers. The DOL has updated its detailed guidance on cybersecurity for ERISA-covered benefit plans. Full Article
cyb ETSI releases cybersecurity specification to secure sensitive functions in a virtualized environment By www.etsi.org Published On :: Mon, 24 Jun 2019 15:12:56 GMT ETSI releases cybersecurity specification to secure sensitive functions in a virtualized environment Sophia Antipolis, 6 February 2019 The ETSI Technical Committee on Cybersecurity (TC CYBER) has just released ETSI TS 103 457, that tackles the challenge of secure storage - where organizations want to protect customer data whilst still using a cloud that is not under their direct control. Read More... Full Article
cyb ETSI releases standard for cyber digital evidence bag to confirm integrity of data in legal proceedings By www.etsi.org Published On :: Tue, 21 Apr 2020 07:13:27 GMT ETSI releases standard for cyber digital evidence bag to confirm integrity of data in legal proceedings Sophia Antipolis, 21 April 2020 The ETSI Technical Committee CYBER has recently released a key standard for digital evidence bag (DEB). ETSI TS 103 643 covers “techniques for assurance of digital material used in legal proceedings” and provides a set of extra tools for those wanting to demonstrate the integrity of digital evidence. Read More... Full Article
cyb ETSI advisor at the Stakeholder Cybersecurity Certification Group launched by the EC By www.etsi.org Published On :: Thu, 28 Apr 2022 06:21:35 GMT ETSI advisor at the Stakeholder Cybersecurity Certification Group launched by the EC Sophia Antipolis, 24 June 2020 ETSI is pleased to announce that it has been invited to be part of the newly formed Stakeholder Cybersecurity Certification Group. The kick-off meeting took place today. Together with the European Cybersecurity Certification Group (ECCG), composed of Member States’ representatives, the newly established Stakeholder Cybersecurity Certification Group (SCCG) will advise the Commission on strategic issues regarding the European cybersecurity certification framework. It will also assist the Commission in the preparation of the Union rolling work programme, which sets the priorities for the definition of schemes within the EU cybersecurity certification framework. ETSI will bring in its long-standing experience in cybersecurity, with standards developed both for enterprises and consumers within several of its technical bodies, including the Technical Committee CYBER. Read More... Full Article
cyb ETSI Top 10 Webinars in 2020 - Starring: cybersecurity, the Radio Equipment Directive, the new smart secure platform and AI By www.etsi.org Published On :: Tue, 08 Dec 2020 14:30:10 GMT ETSI Top 10 Webinars in 2020 - Starring: cybersecurity, the Radio Equipment Directive, the new smart secure platform and AI Sophia Antipolis, 8 December 2020 As 2020 comes to an end, we have selected for you our most popular webinars of the year. If you missed them, listen to the recorded presentations and their Q&A sessions, deep dive into cybersecurity novelties, discover the RED latest developments and find out about the new smart secure platform and AI. Read More... Full Article
cyb Highlights of the Cybersecurity Standardization Conference By www.etsi.org Published On :: Tue, 09 Feb 2021 15:51:17 GMT Highlights of the Cybersecurity Standardization Conference Sophia Antipolis, 5 February 2021 The European Standards Organizations, CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize its annual conference virtually this year. The event, which took place from 2 to 4 February, attracted over 2000 participants from the EU and from around the world. Read More... Full Article
cyb Standardization conference explores EU cybersecurity legislation By www.etsi.org Published On :: Wed, 29 Jun 2022 12:52:31 GMT Standardization conference explores EU cybersecurity legislation Sophia Antipolis, 16 March 2022 On 15 March, the European Standards Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize their 6th annual conference. The virtual conference focused on ‘European Standardization in support of the EU cybersecurity legislation’ and attracted over 900 attendees from the EU and from around the world. Read More... Full Article
cyb ETSI Secures Critical Infrastructures against Cyber Quantum Attacks with new TETRA Algorithms By www.etsi.org Published On :: Mon, 07 Nov 2022 17:51:09 GMT ETSI Secures Critical Infrastructures against Cyber Quantum Attacks with new TETRA Algorithms Sophia Antipolis, 8 November 2022 With the world facing growing challenges including the war in Europe and a global energy crisis, it is essential that the mission- and business-critical communications networks used by the public safety, critical infrastructure and utilities sectors (including transportation, electricity, natural gas and water plants) are secured against third-party attacks, to protect communications and sensitive data. With more than 120 countries using dedicated TETRA (Terrestrial Trunked Radio) networks for these critical services, work has been undertaken to ensure the ETSI TETRA technology standard remains robust in the face of evolving threats. Read More... Full Article
cyb ETSI Top 10 Webinars in 2022 Starring: Cybersecurity, AI, IPv6, MEC, Open Source MANO and more By www.etsi.org Published On :: Thu, 12 Jan 2023 08:37:37 GMT Sophia Antipolis, 20 December 2022 As 2022 comes to an end, we have selected for you our most popular webinars of the year. If you missed them, listen to the recorded presentations and their Q&A sessions, deep dive into the Cyber resilience Act and AI Act, IPv6, Multi-access Edge Computing, Open Source MANO and much more. Read More... Full Article
cyb How cybersecurity standards support the evolving EU legislative landscape By www.etsi.org Published On :: Wed, 08 Feb 2023 13:57:55 GMT Sophia Antipolis, 8 February 2023 On 7 February, the European Standards Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organise their 7th annual conference. The hybrid conference took place at the Brussels Renaissance Hotel and focused on “European Standardization in support of the EU cybersecurity legislation”. Read More... Full Article
cyb ETSI faced a cyberattack By www.etsi.org Published On :: Sat, 30 Sep 2023 15:15:44 GMT Sophia Antipolis, 27 September 2023 Following a cyberattack observed on ETSI portal, the IT system dedicated to its members’ work, the ETSI IT team worked in close collaboration with the French National Cybersecurity Agency (ANSSI) to investigate and repair the information systems. The vulnerability on which the attack was based has been fixed. Read More... Full Article
cyb ETSI Protection Profile for securing smartphones gains world-first certification from French Cybersecurity Agency By www.etsi.org Published On :: Fri, 12 Apr 2024 09:05:05 GMT Sophia Antipolis, 12 January 2024 In a significant step highlighting the critical importance of security for mobile device users, the French National Cybersecurity Agency (ANSSI) has certified ETSI's Consumer Mobile Device Protection Profile under the Common Criteria global certification framework. This represents the first certification by a national administration of a comprehensive suite of specifications for assessing the security of smartphones. Read More... Full Article
cyb Navigating through Challenges and Opportunities of Cybersecurity Standardization By www.etsi.org Published On :: Fri, 08 Mar 2024 16:08:33 GMT Sophia Antipolis, 8 March 2024 On 5 March, the European Standardization Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize their 8th Cybersecurity Standardization Conference. Read More... Full Article
cyb ETSI Releases New Guidelines to Enhance Cyber-security for Consumer IoT Devices By www.etsi.org Published On :: Thu, 31 Oct 2024 10:43:56 GMT Sophia Antipolis, 31 October 2024 Protect Confidentiality, Integrity and Availability of Data as Smart Devices Proliferate. Read More... Full Article
cyb Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates By www.tenable.com Published On :: Fri, 25 Oct 2024 09:00:00 -0400 Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.Dive into six things that are top of mind for the week ending Oct. 25.1 - CSA: How to prevent “shadow AI” As organizations scale up their AI adoption, they must closely track their AI assets to secure them and mitigate their cyber risk. This includes monitoring the usage of unapproved AI tools by employees — an issue known as “shadow AI.”So how do you identify, manage and prevent shadow AI? You may find useful ideas in the Cloud Security Alliance’s new “AI Organizational Responsibilities: Governance, Risk Management, Compliance and Cultural Aspects” white paper.The white paper covers shadow AI topics including:Creating a comprehensive inventory of AI systemsConducting gap analyses to spot discrepancies between approved and actual AI usageImplementing ways to detect unauthorized AI waresEstablishing effective access controlsDeploying monitoring techniques “By focusing on these key areas, organizations can significantly reduce the risks associated with shadow AI, ensuring that all AI systems align with organizational policies, security standards, and regulatory requirements,” the white paper reads.For example, to create an inventory that offers the required visibility into AI assets, the document explains different elements each record should have, such as:The asset’s descriptionInformation about its AI modelsInformation about its data sets and data sourcesInformation about the tools used for its development and deploymentDetailed documentation about its lifecycle, regulatory compliance, ethical considerations and adherence to industry standardsRecords of its access control mechanismsShadow AI is one of four topics covered in the publication, which also unpacks risk management; governance and compliance; and safety culture and training.To get more details, read:The full “AI Organizational Responsibilities: Governance, Risk Management, Compliance and Cultural Aspects” white paperA complementary slide presentationThe CSA blog “Shadow AI Prevention: Safeguarding Your Organization’s AI Landscape”For more information about AI security issues, including shadow AI, check out these Tenable blogs:“Do You Think You Have No AI Exposures? Think Again”“Securing the AI Attack Surface: Separating the Unknown from the Well Understood”“Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach”“6 Best Practices for Implementing AI Securely and Ethically”“Compromising Microsoft's AI Healthcare Chatbot Service”2 - Best practices for secure software updatesThe security and reliability of software updates took center stage in July when an errant update caused massive and unprecedented tech outages globally.To help prevent such episodes, U.S. and Australian cyber agencies have published “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers.”“It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements,” reads the 12-page document.Although the guide is aimed primarily at commercial software vendors, its recommendations can be useful for any organization with software development teams that deploy updates internally. The guide outlines key steps for a secure software development process, including planning; development and testing; internal rollout; and controlled rollout. It also addresses errors and emergency protocols.“A safe software deployment process should be integrated with the organization’s SDLC, quality program, risk tolerance, and understanding of the customer’s environment and operations,” reads the guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Australian Cyber Security Centre.To get more details, read:The “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers” guideThe CISA alert “CISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes”For more information about secure software updates:“Tenable’s Software Update Process Protects Customers’ Business Continuity with a Safe, Do-No-Harm Design” (Tenable)“The critical importance of robust release processes” (Cloud Native Computing Foundation)“Software Deployment Security: Risks and Best Practices” (DevOps.com)“Software Updates, A Double-Edged Sword for Cybersecurity Professionals” (Infosecurity)“DevOps Best Practices for Faster and More Reliable Software Delivery” (DevOps.com)3 - Report: GenAI, attack variety, data security drive cyber strategiesWhat issues act as catalysts for organizations’ cybersecurity actions today? Hint: They’re fairly recent concerns. The promise and peril of generative AI ranks first. It’s closely followed by the ever growing variety of cyberattacks; and by the intensifying urgency to protect data.That’s according to CompTIA’s “State of Cybersecurity 2025” report, based on a survey of almost 1,200 business and IT pros in North America and in parts of Europe and Asia. These three key factors, along with others like the scale of attacks, play a critical role in how organizations currently outline their cybersecurity game plans.“Understanding these drivers is essential for organizations to develop proactive and adaptive cybersecurity strategies that address the evolving threat landscape and safeguard their digital assets,” reads a CompTIA blog about the report.Organizations are eagerly trying to understand both how generative AI can help their cybersecurity programs and how this technology is being used by malicious actors to make cyberattacks harder to detect and prevent.Meanwhile, concern about data protection has ballooned in the past couple of years. “As organizations become more data-driven, the need to protect sensitive information has never been more crucial,” reads the blog.Not only are organizations focused on securing data at rest, in transit and in use, but they’re also creating foundational data-management practices, according to the report.“The rise of AI has accelerated the need for robust data practices in order to properly train AI algorithms, and the demand for data science continues to be strong as businesses seek competitive differentiation,” the report reads.To get more details, read:The report’s announcement “Cybersecurity success hinges on full organizational support, new CompTIA report asserts”CompTIA’s blogs “Today’s top drivers for cybersecurity strategy” and “Cybersecurity’s maturity: CompTIA’s State of Cybersecurity 2025 report”The full “State of Cybersecurity 2025” reportFor more information about data security posture management (DSPM) and preventing AI-powered attacks, check out these Tenable resources:“Harden Your Cloud Security Posture by Protecting Your Cloud Data and AI Resources” (blog)“Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?” (on-demand webinar)“The Data-Factor: Why Integrating DSPM Is Key to Your CNAPP Strategy” (blog)“Mitigating AI-Related Security Risks” (on-demand webinar)“Securing the AI Attack Surface: Separating the Unknown from the Well Understood” (blog)4 - CISA lists software dev practices most harmful for securityRecommended best practices abound in the cybersecurity world. However, CISA and the FBI are taking the opposite tack in their quest to improve the security of software products: They just released a list of the worst security practices that software manufacturers ought to avoid.Titled “Product Security Bad Practices,” the document groups the “no-nos” into three main categories: product properties; security features; and organizational processes and policies.“It’s 2024, and basic, preventable software defects continue to enable crippling attacks against hospitals, schools, and other critical infrastructure. This has to stop,” CISA Director Jen Easterly said in a statement.“These product security bad practices pose unacceptable risks in this day and age, and yet are all too common,” she added. Here are some of the worst practices detailed in the document, which is part of CISA’s “Secure by Design” effort:Using programming languages considered “memory unsafe”Including user-provided input in SQL query stringsReleasing a product with default passwordsReleasing a product with known and exploited vulnerabilitiesNot using multi-factor authenticationFailing to disclose vulnerabilities in a timely mannerAlthough the guidance is aimed primarily at software makers whose products are used by critical infrastructure organizations, the recommendations apply to all software manufacturers.If you’re interested in sharing your feedback with CISA and the FBI, you can submit comments about the document until December 16, 2024 on the Federal Register.To get more details, check out:CISA’s announcement “CISA and FBI Release Product Security Bad Practices for Public Comment”The full document “Product Security Bad Practices”For more information about how to develop secure software:“Tenable Partners with CISA to Enhance Secure By Design Practices” (Tenable)“Ensuring Application Security from Design to Operation with DevSecOps” (DevOps.com)“What is application security?” (TechTarget)“Guidelines for Software Development (Australian Cyber Security Centre)5 - New EU law focuses on cybersecurity of connected digital productsMakers of digital products — both software and hardware — that directly or indirectly connect to networks and to other devices will have to comply with specific cybersecurity safeguards in the European Union.A newly adopted law known as the “Cyber Resilience Act” outlines cybersecurity requirements for the design, development, production and lifecycle maintenance of these types of products, including IoT wares such as connected cars. For example, it specifies a number of “essential cybersecurity requirements” for these products, including that they:Aren’t shipped with known exploitable vulnerabilitiesFeature a “secure by default” configurationCan fix their vulnerabilities via automatic software updatesOffer access protection via control mechanisms, such as authentication and identity managementProtect the data they store, transmit and process using, for example, at-rest and in-transit encryption“The new regulation aims to fill the gaps, clarify the links, and make the existing cybersecurity legislative framework more coherent, ensuring that products with digital components (...) are made secure throughout the supply chain and throughout their lifecycle,” reads a statement from the EU’s European Council.The law will “enter into force” after its publication in the EU’s official journal and will apply and be enforceable 36 months later, so most likely in October 2027 or November 2027. However, some of its provisions will be enforceable a year prior.For more information and analysis about the EU’s Cyber Resilience Act:“Cyber Resilience Act Requirements Standards Mapping” (ENISA)“The Cyber Resilience Act, an Accidental European Alien Torts Statute?” (Lawfare)“EU Cybersecurity Regulation Adopted, Impacts Connected Products” (National Law Review)“Open source foundations unite on common standards for EU’s Cyber Resilience Act” (TechCrunch)“The Cyber Resilience Act: A New Era for Mobile App Developers” (DevOps.com)VIDEOThe EU Cyber Resilience Act: A New Era for Business Engagement in Open Source Software (Linux Foundation) 6 - UK cyber agency: CISOs must communicate better with boardsCISOs and boards of directors are struggling to understand each other, and this is increasing their organizations’ cyber risk, new research from the U.K.’s cyber agency has found.For example, in one alarming finding, 80% of respondents, which included board members, CISOs and other cyber leaders in medium and large enterprises, confessed to being unsure of who is ultimately accountable for cybersecurity in their organizations.“We found that in many organisations, the CISO (or equivalent role) thought that the Board was accountable, whilst the Board thought it was the CISO,” reads a blog about the research titled “How to talk to board members about cyber.”As a result, the U.K. National Cyber Security Centre (NCSC) has released new guidance aimed at helping CISOs better communicate with their organizations’ boards titled “Engaging with Boards to improve the management of cyber security risk.”“Cyber security is a strategic issue, which means you must engage with Boards on their terms and in their language to ensure the cyber risk is understood, managed and mitigated,” the document reads.Here’s a small sampling of the advice:Understand your audience, including who are the board’s members and their areas of expertise; and how the board works, such as its meeting formats and its committees.Talk about cybersecurity in terms of risks, and outline these risks concretely and precisely, presenting them in a matter-of-fact way.Don’t limit your communication with board members to formal board meetings. Look for opportunities to talk to them individually or in small groups outside of these board meetings.Elevate the discussions so that you link cybersecurity with your organization’s business challenges, goals and context.Aim to provide a holistic view, and avoid using technical jargon.Aim to advise instead of to educate. Full Article
cyb FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure By www.tenable.com Published On :: Thu, 31 Oct 2024 09:00:00 -0400 The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.Last month, the Department of Homeland Security announced the availability of $279.9 million in grant funding for the Fiscal Year (FY) 2024 State and Local Cybersecurity Grant Program (SLCGP). Now in its third year, the four-year, $1 billion program provides funding for State, Local and Territorial (SLT) governments to implement cybersecurity solutions that address the growing threats and risks to their information systems. Applications must be submitted by December 3, 2024.While there are no significant modifications to the program for FY 2024, the Federal Emergency Management Agency (FEMA), which administers SLCGP in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), identified key changes, some of which we highlight below:The FY 2024 NOFO adds CISA’s KEV catalog as a new performance measure and recommended resourceThe FY 2024 notice of funding opportunity (NOFO) adds the CISA Known Exploited Vulnerabilities (KEV) catalog as a recommended resource to encourage governments to regularly view information related to cybersecurity vulnerabilities confirmed by CISA, prioritizing those exploited in the wild. In addition, CISA has added “Addressing CISA-identified cybersecurity vulnerabilities” to the list of performance measures it will collect through the duration of the program.Tenable offers fastest, broadest coverage of CISA’s KEV catalogAt Tenable, our goal is to help organizations identify their cyber exposure gaps as accurately and quickly as possible. To achieve this goal, we have research teams around the globe working to provide precise and prompt coverage for new threats as they are discovered. Tenable monitors and tracks additions to the CISA KEV catalog on a daily basis and prioritizes developing new detections where they do not already exist.Tenable updates the KEV coverage of its vulnerability management products — Tenable Nessus, Tenable Security Center and Tenable Vulnerability Management — allowing organizations to use KEV catalog data as an additional prioritization metric when figuring out what to fix first. The ready availability of this data in Tenable products can help agencies meet the SLCGP performance measures. This blog offers additional information on Tenable’s coverage of CISA’s KEV catalog.FY 2024 NOFO adds “Adopting Enhanced Logging” as a new performance measureThe FY 2024 NOFO also adds “Adopting Enhanced Logging” to the list of performance measures CISA will collect throughout the program duration.How Tenable’s library of compliance audits can help with Enhanced LoggingTenable's library of Compliance Audits, including Center for Internet Security (CIS) and Defense Information Systems Agency (DISA), allows organizations to assess systems for compliance, including ensuring Enhanced Logging is enabled. Tenable's vulnerability management tools enable customers to easily schedule compliance scans. Users can choose from a continuously updated library of built-in audits or upload custom audits. By conducting these scans regularly, organizations can ensure their systems are secure and maintain compliance with required frameworks.FY 2024 NOFO continues to require applicants to address program objectives in their applicationsAs with previous years, the FY 2024 NOFO sets four program objectives. Applicants must address at least one of the following in their applications:Objective 1: Develop and establish appropriate governance structures, including by developing, implementing, or revising Cybersecurity Plans, to improve capabilities to respond to cybersecurity incidents, and ensure operations.Objective 2: Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.Objective 3: Implement security protections commensurate with risk.Objective 4: Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.How Tenable can help agencies meet Objective 2 of the programTenable is uniquely positioned to help SLTs meet Objective 2 through the Tenable One Exposure Management Platform. In addition to analyzing traditional IT environments, Tenable One analyzes cloud instances, web applications, critical infrastructure environments, identity access and privilege solutions such as Active Directory and more — including highly dynamic assets like mobile devices, virtual machines and containers. Once the complete attack surface is understood, the Tenable One platform applies a proactive risk-based approach to managing exposure, allowing SLT agencies to successfully meet each of the sub-objectives outlined in Objective 2 (see table below).Sub-objectiveHow Tenable helps2.1.1: Establish and regularly update asset inventoryTenable One deploys purpose-built sensors across on-premises and cloud environments to update inventories of human and machine assets, including cloud, IT, OT, IoT, mobile, applications, virtual machines, containers and identities2.3.2. Effectively manage vulnerabilities by prioritizing mitigation of high-impact vulnerabilities and those most likely to be exploited.Tenable One provides an accurate picture of both internal and external exposure by detecting and prioritizing a broad range of vulnerabilities, misconfiguration and excessive permissions across the attack surface.Threat intelligence and data science from Tenable Research are then applied to give agencies easy-to-understand risk scores. For example, Tenable One provides advanced prioritization metrics and capabilities, asset exposure scores which combine total asset risk and asset criticality, cyber exposure scoring which calculates overall exposure for the organization, peer benchmarking for comparable organizations, as well as the ability to track SLAs and risk patterns over time.Further, Tenable One provides rich critical technical context in the form of attack path analysis that maps asset, identity and risk relationships which can be exploited by attackers. It also provides business context by giving users an understanding of the potential impact on the things that matter most to an agency, such as business critical apps, services, processes and functions. These contextual views greatly improve the ability of security teams to prioritize and focus action where they can best reduce the potential for material impact. These advanced prioritization capabilities, along with mitigation guidance, ensure high-risk vulnerabilities can be addressed quickly.2.4.1 SLT agencies are able to analyze network traffic and activity transiting or traveling to or from information systems, applications, and user accounts to understand baseline activity and identify potential threats.Tenable provides purpose-built sensors, including a passive sensor, which can determine risk based on network traffic. After being placed on a Switched Port Analyzer (SPAN) port or network tap, the passive sensor will be able to discover new devices on a network as soon as they begin to send traffic, as well as discover vulnerabilities based on, but not limited to:ServicesUser-agentsApplication traffic2.5.1 SLT agencies are able to respond to identified events and incidents, document root cause, and share information with partners.Tenable One can help SLT agencies respond to identified events and incidents and document root cause more quickly. SOC analysts managing events and incidents and vulnerability analysts focused on remediation of vulnerabilities have access to deep technical content in the form of attack paths, with risk and and configuration details to verify viability, as well as business context to understand the potential impact to their agency.This information is valuable not only to validate why IT teams should prioritize mitigation of issues before breach, but to prove that a successful attack has occurred. Further, agencies can deliver dashboards, reports and scorecards to help share important security data in meaningful ways across teams and with partners. Agencies are able to customize these to show the data that matters most and add details specific to their requirements. Source: Tenable, October 2024Tenable One deployment options offer flexibility for SLT agenciesTenable offers SLT agencies flexibility in their implementation models to help them best meet the requirements and objectives outlined as part of the SLCGP. Deployment models include:Centralized risk-based vulnerability program managed by a state Department of Information Technology (DoIT)Multi-entity projectsDecentralized deployments of Tenable One managed by individual municipalities,Managed Security Service Provider (MSSP) models that allow agencies to rapidly adopt solutions by utilizing Tenable’s Technology Partner network.Whole-of-state approach enables state-wide collaboration and cooperationA “whole-of-state” approach — which enables state-wide collaboration to improve the cybersecurity posture of all stakeholders — allows state governments to share resources to support cybersecurity programs for local government entities, educational institutions and other organizations. Shared resources increase the level of defense for SLTs both individually and as a community and reduce duplication of work and effort. States get real-time visibility into all threats and deploy a standard strategy and toolset to improve cyber hygiene, accelerate incident response and reduce statewide risk. For more information, read Protecting Local Government Agencies with a Whole-of-State Cybersecurity Approach.FY 2024 NOFO advises SLT agencies to adopt key cybersecurity best practicesAs in previous years, the FY 2024 NOFO again recommends SLT agencies adopt key cybersecurity best practices. To do this, they are required to consult the CISA Cross-Sector Cybersecurity Performance Goals (CPGs) throughout their development of plans and projects within the program. This is also a statutory requirement for receiving grant funding.How Tenable One can help agencies meet the CISA CPGsThe CISA CPGs are a prioritized subset of cybersecurity practices aimed at meaningfully reducing risk to critical infrastructure operations and the American people. They provide a common set of IT and operational technology (OT) fundamental cybersecurity best practices to help SLT agencies address some of the most common and impactful cyber risks. Learn more about how Tenable One can help agencies meet the CISA CPGs here.Learn more$1 Billion State and Local Cybersecurity Grant Program Now Open for ApplicantsProtecting Local Government Agencies with a Whole-of-State Cybersecurity ApproachHow to Meet FY 2023 U.S. State and Local Cybersecurity Grant Program ObjectivesNew U.S. SLCGP Cybersecurity Plan Requirement: Adopt Cybersecurity Best Practices Using CISA's CPGsStudy: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog Full Article
cyb Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security By www.tenable.com Published On :: Fri, 01 Nov 2024 09:00:00 -0400 Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.Dive into six things that are top of mind for the week ending Nov. 1.1 - Securing OT/ICS in critical infrastructure with zero trustAs their operational technology (OT) computing environments become more digitized, converged with IT systems and cloud-based, critical infrastructure organizations should beef up their cybersecurity by adopting zero trust principles.That’s the key message of the Cloud Security Alliance’s “Zero Trust Guidance for Critical Infrastructure,” which focuses on applying zero trust methods to OT and industrial control system (ICS) systems.While OT/ICS environments were historically air gapped, that’s rarely the case anymore. “Modern systems are often interconnected via embedded wireless access, cloud and other internet-connected services, and software-as-a-service (SaaS) applications,” reads the 64-page white paper, which was published this week.The CSA hopes the document will help cybersecurity teams and OT/ICS operators enhance the way they communicate and collaborate. Among the topics covered are:Critical infrastructure’s unique threat vectorsThe convergence of IT/OT with digital transformationArchitecture and technology differences between OT and ITThe guide also outlines this five-step process for implementing zero trust in OT/ICS environments:Define the surface to be protectedMap operational flowsBuild a zero trust architectureDraft a zero trust policyMonitor and maintain the environmentA zero trust strategy boosts the security of critical OT/ICS systems by helping teams “keep pace with rapid technological advancements and the evolving threat landscape,” Jennifer Minella, the paper’s lead author, said in a statement.To get more details, read:The report’s announcement “New Paper from Cloud Security Alliance Examines Considerations and Application of Zero Trust Principles for Critical Infrastructure”The full report “Zero Trust Guidance for Critical Infrastructure”A complementary slide presentationFor more information about OT systems cybersecurity, check out these Tenable resources: “What is operational technology (OT)?” (guide)“Discover, Measure, and Minimize the Risk Posed by Your Interconnected IT/OT/IoT Environments” (on-demand webinar)“How To Secure All of Your Assets - IT, OT and IoT - With an Exposure Management Platform” (blog)“Blackbox to blueprint: The security leader’s guidebook to managing OT and IT risk” (white paper)“Tenable Cloud Risk Report 2024” (white paper)2 - Five Eyes publish cyber guidance for tech startupsStartup tech companies can be attractive targets for hackers, especially if they have weak cybersecurity and valuable intellectual property (IP).To help startups prevent cyberattacks, the Five Eyes countries this week published cybersecurity guides tailored for these companies and their investors.“This guidance is designed to help tech startups protect their innovation, reputation, and growth, while also helping tech investors fortify their portfolio companies against security risks," Mike Casey, U.S. National Counterintelligence and Security Center Director, said in a statement.These are the top five cybersecurity recommendations from Australia, Canada, New Zealand, the U.S. and the U.K. for tech startups:Be aware of threat vectors, including malicious insiders, insecure IT and supply chain risk.Identify your most critical assets and conduct a risk assessment to pinpoint vulnerabilities.Build security into your products by managing intellectual assets and IP; monitoring who has access to sensitive information; and ensuring this information’s protection.Conduct due diligence when choosing partners and make sure they’re equipped to protect the data you share with them.Before you expand abroad, prepare and become informed about these new markets by, for example, understanding local laws in areas such as IP protection and data protection. “Sophisticated nation-state adversaries, like China, are working hard to steal the intellectual property held by some of our countries’ most innovative and exciting startups,” Ken McCallum, Director General of the U.K.’s MI5, said in a statement.To get more details, check out these Five Eyes’ cybersecurity resources for tech startups:The announcement “Five Eyes Launch Shared Security Advice Campaign for Tech Startups”The main guides: “Secure Innovation: Security Advice for Emerging Technology Companies”“Secure Innovation: Security Advice for Emerging Technology Investors”These complementary documents:“Secure Innovation: Scenarios and Mitigations”“Secure Innovation: Travel Security Guidance”“Secure Innovation: Due Diligence Guidance”“Secure Innovation: Companies Summary”3 - Survey: Unapproved AI use impacting data governanceEmployees’ use of unauthorized AI tools is creating compliance issues in a majority of organizations. Specifically, it makes it harder to control data governance and compliance, according to almost 60% of organizations surveyed by market researcher Vanson Bourne.“Amid all the investment and adoption enthusiasm, many organisations are struggling for control and visibility over its use,” reads the firm’s “AI Barometer: October 2024” publication. Vanson Bourne polls 100 IT and business executives each month about their AI investment plans.To what extent do you think the unsanctioned use of AI tools is impacting your organisation's ability to maintain control over data governance and compliance?(Source: Vanson Bourne’s “AI Barometer: October 2024”)Close to half of organizations surveyed (44%) believe that at least 10% of their employees are using unapproved AI tools.On a related front, organizations are also grappling with the issue of software vendors that unilaterally and silently add AI features to their products, especially to their SaaS applications.While surveyed organizations say they’re reaping advantages from their AI usage, “such benefits are dependent on IT teams having the tools to address the control and visibility challenges they face,” the publication reads.For more information about the use of unapproved AI tools, an issue also known as “shadow AI,” check out:“Do You Think You Have No AI Exposures? Think Again” (Tenable)“Shadow AI poses new generation of threats to enterprise IT” (TechTarget)“10 ways to prevent shadow AI disaster” (CIO)“Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach” (Tenable)“Shadow AI in the ‘dark corners’ of work is becoming a big problem for companies” (CNBC)VIDEOShadow AI Risks in Your Company 4 - NCSC explains nuances of multi-factor authenticationMulti-factor authentication (MFA) comes in a variety of flavors, and understanding the differences is critical for choosing the right option for each use case in your organization.To help cybersecurity teams better understand the different MFA types and their pluses and minuses, the U.K. National Cyber Security Centre (NCSC) has updated its MFA guidance.“The new guidance explains the benefits that come with strong authentication, while also minimising the friction that some users associate with MFA,” reads an NCSC blog. In other words, what type of MFA method to use depends on people’s roles, how they work, the devices they use, the applications or services they’re accessing and so on.Topics covered include:Recommended types of MFA, such as FIDO2 credentials, app-based and hardware-based code generators and message-based methodsThe importance of using strong MFA to secure users’ access to sensitive dataThe role of trusted devices in boosting and simplifying MFABad practices that weaken MFA’s effectiveness, such as:Retaining weaker, password-only authentication protocols for legacy servicesExcluding certain accounts from MFA requirements because their users, usually high-ranking officials, find MFA inconvenientTo get more details, read:The NCSC blog “Not all types of MFA are created equal”The NCSC guide “Multi-factor authentication for your corporate online services”For more information about MFA:“Multifactor Authentication Cheat Sheet” (OWASP)“Deploying Multi Factor Authentication – The What, How, and Why” (SANS Institute)“How MFA gets hacked — and strategies to prevent it” (CSO)“How Multifactor Authentication Supports Growth for Businesses Focused on Zero Trust” (BizTech)“What is multi-factor authentication?” (TechTarget)5 - U.S. gov’t outlines AI strategy, ties it to national security The White House has laid out its expectations for how the federal government ought to promote the development of AI in order to safeguard U.S. national security.In the country’s first-ever National Security Memorandum (NSM) on AI, the Biden administration said the federal government must accomplish the following:Ensure the U.S. is the leader in the development of safe, secure and trustworthy AILeverage advanced AI technologies to boost national securityAdvance global AI consensus and governance“The NSM’s fundamental premise is that advances at the frontier of AI will have significant implications for national security and foreign policy in the near future,” reads a White House statement. The NSM’s directives to federal agencies include:Help improve the security of chips and support the development of powerful supercomputers to be used by AI systems.Help AI developers protect their work against foreign spies by providing them with cybersecurity and counterintelligence information.Collaborate with international partners to create a governance framework for using AI in a way that is ethical, responsible and respects human rights. The White House also published a complementary document titled “Framework To Advance AI Governance and Risk Management in National Security,” which adds implementation details and guidance for the NSM.6 - State CISOs on the frontlines of AI securityAs the cybersecurity risks and benefits of AI multiply, most U.S. state CISOs find themselves at the center of their governments' efforts to craft AI security strategies and policies.That’s according to the “2024 Deloitte-NASCIO Cybersecurity Study,” which surveyed CISOs from all 50 states and the District of Columbia.Specifically, 88% of state CISOs reported being involved in the development of a generative AI strategy, while 96% are involved with creating a generative AI security policy.However, their involvement in AI cybersecurity matters isn’t necessarily making them optimistic about their states’ ability to fend off AI-boosted attacks.None said they feel “extremely confident” that their state can prevent AI-boosted attacks, while only 10% reported feeling “very confident.” The majority (43%) said they feel “somewhat confident” while the rest said they are either “not very confident” or “not confident at all.” Naturally, most state CISOs see AI-enabled cyberthreats as significant, with 71% categorizing them as either “very high threat” (18%) or “somewhat high threat” (53%).At the same time, state CISOs see the potential for AI to help their cybersecurity efforts, as 41% are already using generative AI for cybersecurity, and another 43% have plans to do so by mid-2025.Other findings from the "2024 Deloitte-NASCIO Cybersecurity Study" include:4 in 10 state CISOs feel their budget is insufficient.Almost half of respondents rank cybersecurity staffing as one of the top challenges.In the past two years, 23 states have hired new CISOs, as the median tenure of a state CISO has dropped to 23 months, down from 30 months in 2022.More state CISOs are taking on privacy protection duties — 86% are responsible for privacy protection, up from 60% two years ago.For more information about CISO trends:“What’s important to CISOs in 2024” (PwC)“The CISO’s Tightrope: Balancing Security, Business, and Legal Risks in 2024” (The National CIO Review)“State of CISO Leadership: 2024” (SC World)“4 Trends That Will Define the CISO's Role in 2024” (SANS Institute) Full Article
cyb Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources By www.tenable.com Published On :: Fri, 08 Nov 2024 09:00:00 -0500 CISA is warning about a spear-phishing campaign that spreads malicious RDP files. Plus, OWASP is offering guidance about deepfakes and AI security. Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. And get the latest on CISA’s international plan, Interpol’s cyber crackdown and ransomware trends.Dive into six things that are top of mind for the week ending Nov. 8.1 - CISA: Beware of nasty spear-phishing campaignProactively restrict outbound remote-desktop protocol (RDP) connections. Block transmission of RDP files via email. Prevent RDP file execution.Those are three security measures cyber teams should proactively take in response to an ongoing and “large scale” email spear-phishing campaign targeting victims with malicious RDP files, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).A foreign threat actor is carrying out the campaign. Several vertical sectors, including government and IT, are being targeted.“Once access has been gained, the threat actor may pursue additional activity, such as deploying malicious code to achieve persistent access to the target’s network,” CISA’s alert reads. Other CISA recommendations include:Adopt phishing-resistant multi-factor authentication (MFA), such as FIDO tokens, and try to avoid SMS-based MFAEducate users on how to spot suspicious emailsHunt for malicious activity in your network looking for indicators of compromise (IoCs) and tactics, techniques and proceduresAlthough CISA didn’t name the hacker group responsible for this campaign, its alert includes links to related articles from Microsoft and AWS that identify it as Midnight Blizzard. Also known as APT29, this group is affiliated with Russia’s government.To get more details, check out the CISA alert “Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments.”For more information about securing RDP tools:“Commonly Exploited Protocols: Remote Desktop Protocol (RDP)” (Center for Internet Security)“What is remote desktop protocol (RDP)?” (TechTarget)“Wondering Whether RDP IS Secure? Here's a Guide to Remote Desktop Protocol” (AllBusiness)“Why remote desktop tools are facing an onslaught of cyber threats” (ITPro)“'Midnight Blizzard' Targets Networks With Signed RDP Files” (Dark Reading)2 - OWASP issues AI security resourcesHow should your organization respond to deepfakes? What’s the right way of establishing a center of excellence for AI security in your organization? Where can you find a comprehensive guide of tools to secure generative AI applications?These questions are addressed in a new set of resources for AI security from the Open Worldwide Application Security Project’s OWASP Top 10 for LLM Application Security Project. The new resources are meant to help organizations securely adopt, develop and deploy LLM and generative AI systems and applications “with a comprehensive strategy encompassing governance, collaboration and practical tools,” OWASP said in a statement.These are the new resources:“The Guide for Preparing and Responding to Deepfake Events,” which unpacks four types of deepfake schemes – financial fraud, job interview fraud, social engineering and misinformation – and offers guidance about each one in these areas:preparationdetection and analysiscontainment eradication and recoverypost-incident activity“The LLM and GenAI Center of Excellence Guide,” which aims to help CISOs and fellow organization leaders create a center of excellence for generative AI security that facilitates collaboration among various teams, including security, legal, data science and operations, so they can develop:Generative AI security policiesRisk assessment and management processesTraining and awarenessResearch and development“The AI Security Solution Landscape Guide,” which offers security teams a comprehensive catalog of open source and commercial tools for securing LLMs and generative AI applications.To get more details, read OWASP’s announcement “OWASP Dramatically Expands GenAI Security Guidance.”For more information about protecting your organization against deepfakes:“How to prevent deepfakes in the era of generative AI” (TechTarget)“Deepfake scams escalate, hitting more than half of businesses” (Cybersecurity Dive)“The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks” (SecurityWeek)“How deepfakes threaten biometric security controls” (TechTarget)“Deepfakes break through as business threat” (CSO)3 - Fake update variants dominate list of top malware in Q3Hackers are doubling down on fake software-update attacks.That’s the main takeaway from the Center for Internet Security’s list of the 10 most prevalent malware used during the third quarter.Malware variants used to carry out fake browser-update attacks took the top four spots on the list: SocGholish, LandUpdate808, ClearFake and ZPHP. Collectively, they accounted for 77% of the quarter’s malware infections. It's the first time LandUpdate808 and ClearFake appear on this quarterly list.(Source: “Top 10 Malware Q3 2024”, Center for Internet Security, October 2024)In a fake software-update attack, a victim gets duped into installing a legitimate-looking update for, say, their preferred browser, that instead infects their computers with malware.Here’s the full list, in descending order:SocGholish, a downloader distributed through malicious websites that tricks users into downloading it by offering fake software updates LandUpdate808, a JavaScript downloader distributed through malicious websites via fake browser updatesClearFake, another JavaScript downloader used for fake browser-update attacksZPHP, another JavaScript downloader used for fake software-update attacksAgent Tesla, a remote access trojan (RAT) that captures credentials, keystrokes and screenshotsCoinMiner, a cryptocurrency miner that spreads using Windows Management Instrumentation (WMI)Arechclient2, also known as SectopRAT, is a .NET RAT whose capabilities include multiple stealth functionsMirai, a malware botnet that compromises IoT devices to launch DDoS attacksNanoCore, a RAT that spreads via malspam as a malicious Excel spreadsheetLumma Stealer, an infostealer used to swipe personally identifiable information (PII), credentials, cookies and banking informationTo get more information, the CIS blog “Top 10 Malware Q3 2024” offers details, context and indicators of compromise for each malware strain.For details on fake update attacks:“Fake browser updates spread updated WarmCookie malware” (BleepingComputer)“Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware” (The Hacker News)“Hackers Use Fake Browser Updates for AMOS Malware Attacks Targeting Mac Users” (MSSP Alert)“Malware crooks find an in with fake browser updates, in case real ones weren't bad enough” (The Register)“Fake Google Chrome errors trick you into running malicious PowerShell scripts” (BleepingComputer)VIDEOFake Chrome Update Malware (The PC Security Channel)4 - CISA’s first international plan unveiledCISA has released its first-ever international plan, which outlines a strategy for boosting the agency’s collaboration with cybersecurity agencies from other countries.Aligning cybersecurity efforts and goals with international partners is critical for tackling cyberthreats in the U.S. and abroad, according to the agency.The three core pillars of CISA’s “2025 - 2026 International Strategic Plan” are:Help make more resilient other countries’ assets, systems and networks that impact U.S. critical infrastructureBoost the integrated cyber defenses of the U.S. and its international partners against their shared global cyberthreatsUnify the coordination of international activities to strengthen cyberdefenses collectivelyThe plan will allow CISA to “reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” CISA Director Jen Easterly said in a statement.5 - Interpol hits phishers, ransomware gangs, info stealersInterpol and its partners took down 22,000 malicious IP addresses and seized thousands of servers, laptops, and mobile phones used by cybercriminals to conduct phishing scams, deploy ransomware and steal information.The four-month global operation, titled Synergia II and announced this week, involved law enforcement agencies and private-sector partners from 95 countries and netted 41 arrests.“Together, we’ve not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime,” Neal Jetton, Director of Interpol’s Cybercrime Directorate, said in a statement.In Hong Kong, more than 1,000 servers were taken offline, while authorities in Macau, China took another 291 servers offline. Meanwhile, in Estonia, authorities seized 80GB of server data, which is now being analyzed for links to phishing and banking malware.For more information about global cybercrime trends:“AI-Powered Cybercrime Cartels on the Rise in Asia” (Dark Reading)“AI Now a Staple in Phishing Kits Sold to Hackers” (MSSP Alert)“The Business of Cybercrime Explodes” (BankDirector)“Nation state actors increasingly hide behind cybercriminal tactics and malware” (CSO)6 - IST: Ransomware attacks surged in 2023Ransomware gangs went into hyperdrive last year, increasing their attacks by 73% compared with 2022, according to the non-profit think tank Institute for Security and Technology (IST).The IST attributes the sharp increase in attacks to a shift by ransomware groups to “big game hunting” – going after prominent, large organizations with deep pockets. “Available evidence suggests that government and industry actions taken in 2023 were not enough to significantly reduce the profitability of the ransomware model,” reads an IST blog.Global Ransomware Incidents in 2023Another takeaway: The ransomware-as-a-service (RaaS) model continued to prove extremely profitable in 2023, and it injected dynamism into the ransomware ecosystem. The RaaS model prompted ransomware groups “to shift allegiances, form new groups, or iterate existing variants,” the IST blog reads.The industry sector that ransomware groups hit the hardest was construction, followed by hospitals and healthcare, and by IT services and consulting. Financial services and law offices rounded out the top five.To learn more about ransomware trends:“Ransomware Is ‘More Brutal’ Than Ever in 2024” (Wired)“Ransomware on track for record profits, even as fewer victims pay” (SC Magazine)“How Can I Protect Against Ransomware?” (CISA)“How to prevent ransomware in 6 steps” (TechTarget)“Steps to Help Prevent & Limit the Impact of Ransomware” (Center for Internet Security) Full Article
cyb Tenable Research Uncovers Thousands of Vulnerable Cyber Assets Amongst Southeast Asia’s Financial Sector By www.tenable.com Published On :: Thu, 29 Aug 2024 09:09:05 -0400 New research conducted by Tenable®, Inc., the exposure management company, has uncovered more than 26,500 potential internet-facing assets among Southeast Asia’s top banking, financial services and insurance (BFSI) companies by market capitalisation across Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam.On July 15, 2024, Tenable examined the external attack surface of over 90 BFSI organisations with the largest market capitalisations across the region. The findings revealed that the average organisation possesses nearly 300 internet-facing assets susceptible to potential exploitation, resulting in a total of more than 26,500 assets across the study group.Singapore ranked the highest among the six countries assessed, with over 11,000 internet-facing assets identified across its top 16 BFSI companies. Over 6,000 of those assets are hosted in the United States. Next on the list is Thailand with over 5000 assets. The distribution of internet-accessible assets underscores the need for cybersecurity strategies that adapt to the rapidly evolving digital landscape.CountryNumber of internet-facing assets amongst top 90 BFSI companies by market capitalisationSingapore11,000Thailand5,000Indonesia4,600Malaysia4,200Vietnam3,600Philippines2,600“The results of our study reveal that many financial institutions are struggling to close the priority security gaps that put them at risk. Effective exposure management is key to closing these gaps,” said Nigel Ng, Senior Vice President, Tenable APJ. “By identifying and securing vulnerable assets before they can be exploited, organisations can better protect themselves against the growing tide of cyberattacks.” Cyber Hygiene Gaps The Tenable study revealed many potential vulnerabilities and exposed several cyber hygiene issues among the study group, including outdated software, weak encryption, and misconfigurations. These vulnerabilities provide cybercriminals with easily exploitable potential entry points, posing potential risk to the integrity and security of financial data. Weak SSL/TLS encryption A notable finding is that among the total assets, organisations had nearly 2,500 still supporting TLS 1.0—a 25-year old security protocol introduced in 1999 and disabled by Microsoft in September 2022. This highlights the significant challenge organisations with extensive internet footprints face in identifying and updating outdated technologies.Misconfiguration increases external exposureAnother concerning discovery was that over 4,000 assets, originally intended for internal use, were inadvertently exposed and are now accessible externally. Failing to secure these internal assets poses a significant risk to organisations, as it creates an opportunity for malicious actors to target sensitive information and critical systems.Lack of encryption There were over 900 assets with unencrypted final URLs, which can present a security weakness. When URLs are unencrypted, the data transmitted between the user's browser and the server is not protected by encryption, making it vulnerable to interception, eavesdropping, and manipulation by malicious actors. This lack of encryption can lead to the exposure of sensitive information, such as login credentials, personal data, or payment details, and can compromise the integrity of the communication.API vulnerabilities amplify riskThe identification of over 2,000 API v3 out of the total number of assets among organisations' digital infrastructure poses a substantial risk to their security and operational integrity.APIs serve as crucial connectors between software applications, facilitating seamless data exchange. However, inadequate authentication, insufficient input validation, weak access controls, and vulnerabilities in dependencies within API v3 implementations create a vulnerable attack surface.Malicious actors can exploit such weaknesses to gain unauthorised access, compromise data integrity, and launch devastating cyber attacks.“The cybersecurity landscape is evolving faster than ever, and financial institutions must evolve with it, so they can know where they are exposed and take action to close critical risk” Ng added. “By prioritising exposure management, these organisations can better protect their digital assets, safeguard customer trust, and ensure the resilience of their operations in an increasingly hostile digital environment.”About TenableTenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. Notes to Editors:Tenable examined the top 12-16 BFSI companies discoverable based on market cap. In the context of this alert:An asset is a domain name, subdomain, or IP addresses and/or combination thereof of a device connected to the Internet or internal network. An asset may include, but not limited to web servers, name servers, IoT devices, network printers, etc. Example: foo.tld, bar.foo.tld, x.x.x.xs.The Attack Surface is from the network perspective of an adversary, the complete asset inventory of an organisation including all actively listening services (open ports) on each asset. Full Article
cyb Researchers Uncover Extensive Twitter-based Cyber Espionage Campaign Targeting UAE Dissidents, Journalists By media.utoronto.ca Published On :: Mon, 30 May 2016 13:49:21 +0000 Toronto, ON – A new report from the University of Toronto’s Citizen Lab reveals a sophisticated international cyber-espionage campaign targeting journalists and activists whose work concerns the United Arab Emirates. The campaign used elaborate ruses, including fake organizations and journalists, to engage targets online, then entice them to open malicious files and links containing malware capable […] Full Article International Affairs Media Releases University of Toronto
cyb Researchers Uncover New Cyber-Espionage Operation Targeting the Syrian Opposition By media.utoronto.ca Published On :: Tue, 02 Aug 2016 15:34:33 +0000 Toronto, ON – A new report from the Citizen Lab at the Munk School of Global Affairs at the University of Toronto reveals a new cyber-espionage operation targeting the Syrian opposition. The operation used clever deceptions to trick targets into opening malicious files and links containing malware capable of monitoring computers and Android phones. The operation, […] Full Article International Affairs Media Releases University of Toronto
cyb CyberMetrics Announces New Leadership of the Asset Management Division By www.qualitymag.com Published On :: Mon, 02 Sep 2013 00:00:00 -0400 Though FaciliWorks CMMS is already used by hundreds of Mexican companies, there is still an enormous number of potential clients who are in need of a system like FaciliWorks. Full Article
cyb Preparing For Emerging Cybersecurity Attacks Against Chillers By www.achrnews.com Published On :: Mon, 11 Nov 2024 07:00:00 -0500 When it comes to this piece of critical infrastructure, operators need to be prepared to face new and sophisticated attacks. Full Article
cyb Episode 438: Andy Powell on Lessons Learned from a Major Cyber Attack By traffic.libsyn.com Published On :: Sat, 12 Dec 2020 02:39:05 +0000 Andy Powell is the CISO of AP Moller Maersk and discusses the 2017 cyber attack that hit the company and the lessons learned for preventing and recovering from future attacks. Full Article
cyb Cyberbullying: A Newsround special By www.bbc.co.uk Published On :: Fri, 28 Mar 2014 08:24:20 GMT Cyberbullying is a problem we hear more and more about in the news. In this special Newsround, Ricky meets the kids who have been affected by bullying online. Full Article
cyb Your Cyber Monday in EEP! Save Big on Premium Membership and Video Courses By electrical-engineering-portal.com Published On :: Thu, 26 Nov 2020 13:46:50 +0000 Hello, hope all is well with you! It’s our pleasure to share with you two Cyber Monday deals for our new electrical engineers, expiring on December 3rd: 20% on EEP Pro Premium Membership and 30% off on all courses and... Read more The post Your Cyber Monday in EEP! Save Big on Premium Membership and Video Courses appeared first on EEP - Electrical Engineering Portal. Full Article Energy and Power News
cyb Cyber Monday in EEP! 30% off on courses and 20% off on premium membership! By electrical-engineering-portal.com Published On :: Tue, 23 Nov 2021 22:19:00 +0000 Black Friday is gone, but Cyber Monday is here and it’s getting better! Let us share with you two Cyber Monday deals for our electrical engineers, expiring on December 3rd: 20% off on EEP Pro Premium Membership and 30% off... Read more The post Cyber Monday in EEP! 30% off on courses and 20% off on premium membership! appeared first on EEP - Electrical Engineering Portal. Full Article Energy and Power News bundles courses cyber monday discount code eep academy electric motor electrical designing electrical engineering knowledge low voltage distribution design power transformers pro premium membership relay protection substation protection technical articles
cyb Cyber Monday in EEP! 30% off on courses and 20% off on PRO membership plan! By electrical-engineering-portal.com Published On :: Fri, 25 Nov 2022 07:14:30 +0000 Black Friday is gone, but Cyber Monday is here and it’s getting better! It’s the Last Day!! Let us share with you two Cyber Monday deals for our electrical engineers, expiring on December 1st: 20% off on EEP Pro Premium... Read more The post Cyber Monday in EEP! 30% off on courses and 20% off on PRO membership plan! appeared first on EEP - Electrical Engineering Portal. Full Article Energy and Power News black friday cyber monday eep academy electrical engineers electricians maintenance plant maintenance power substations power transformers premium membreship pro membership plan specialized technical articles substation engineers supervising video courses
cyb Automated, but hackable. Is power grid in your country safe from cyberattacks? By electrical-engineering-portal.com Published On :: Mon, 14 Oct 2024 06:46:13 +0000 Yes, many of today’s power grids are very sophisticated and automated. Every single event and piece of equipment is tracked, controlled, measured, and protected. But things aren’t as bright as it seems. As we can see, it turns out that... Read more The post Automated, but hackable. Is power grid in your country safe from cyberattacks? appeared first on EEP - Electrical Engineering Portal. Full Article Premium Content Protection Safety Transmission and Distribution buffer flooding critical infrastructure cyberattacks data breach data injection ddos ddos attack distributed denial of service dos attacl hacker jamming channels power grid remote control root-kit performance spear phishing state estimation stuxnet targeted attacks utilities zero-day vulnerabilities
cyb Resolution 50 - (Rev. Geneva, 2022) - Cybersecurity By www.itu.int Published On :: Tue, 26 Apr 2022 20:22:10 GMT Resolution 50 - (Rev. Geneva, 2022) - Cybersecurity Full Article
cyb XSTR-USM - Unified Security Model (USM) - A neutral integrated system approach to cybersecurity By www.itu.int Published On :: Wed, 03 Aug 2022 11:52:14 GMT XSTR-USM - Unified Security Model (USM) - A neutral integrated system approach to cybersecurity Full Article
cyb [ X.1500 (2011) Amendment 12 (03/18) ] - Revised structured cybersecurity information exchange techniques By www.itu.int Published On :: Fri, 13 Jul 2018 07:44:00 GMT Revised structured cybersecurity information exchange techniques Full Article
cyb T-mobile reaches $31.5m settlement with FCC over cybersecurity breaches By www.siliconrepublic.com Published On :: Tue, 01 Oct 2024 10:59:26 +0000 The company must invest $15.75m to strengthen its cybersecurity and pay a penalty of $15.75m to the US Treasury. Read more: T-mobile reaches $31.5m settlement with FCC over cybersecurity breaches Full Article Comms cyberattacks cybersecurity FCC legal T-mobile
cyb Internet Archive suffers from cyberattack affecting 31m users By www.siliconrepublic.com Published On :: Thu, 10 Oct 2024 08:41:16 +0000 Details of the compromised data revealed that it may have been stolen on 28 September. Read more: Internet Archive suffers from cyberattack affecting 31m users Full Article Enterprise black hat hackers books cyberattacks data internet online services
cyb 10 cybersecurity experts you need to know By www.siliconrepublic.com Published On :: Thu, 10 Oct 2024 15:05:17 +0000 Wondering how to get your head around the world of cybersecurity? Get to know the experts in the field to stay on top of the latest trends. Read more: 10 cybersecurity experts you need to know Full Article Enterprise Accenture cyberattacks cybersecurity EY influencers TU Dublin Ulster University
cyb Internet Archive suffers yet another cyberattack By www.siliconrepublic.com Published On :: Mon, 21 Oct 2024 11:42:43 +0000 Internet Archive founder Brewster Kahle highlighted a recent wave of attacks on libraries and archives across the globe and hopes that they are ‘not indicative of a trend’. Read more: Internet Archive suffers yet another cyberattack Full Article Enterprise black hat hackers breaches cyberattacks cybersecurity data internet online services
cyb Only 28pc of Irish companies have ‘robust’ cybersecurity measures By www.siliconrepublic.com Published On :: Thu, 24 Oct 2024 10:28:49 +0000 Globally, a data breach costs an estimated €3m and yet less than a third of Irish companies are well prepared. Read more: Only 28pc of Irish companies have ‘robust’ cybersecurity measures Full Article Enterprise AI cyberattacks cybersecurity PwC reports
cyb 100m affected in February cyberattack, UnitedHealth reveals By www.siliconrepublic.com Published On :: Fri, 25 Oct 2024 09:43:04 +0000 Affected data includes social security numbers, bank details, payment cards and medical diagnoses. Read more: 100m affected in February cyberattack, UnitedHealth reveals Full Article Enterprise black hat hackers cyberattacks cybersecurity data health healthcare US
cyb 74pc of Irish businesses report increase in cyberattacks this year By www.siliconrepublic.com Published On :: Wed, 30 Oct 2024 11:26:30 +0000 More than two-thirds of Irish cybersecurity leaders believe that reputational damage from a cyberattack would 'significantly' damage their business. Read more: 74pc of Irish businesses report increase in cyberattacks this year Full Article Enterprise AI cyberattacks cybersecurity reports
cyb New €2m fund launched for SMEs to improve cybersecurity By www.siliconrepublic.com Published On :: Tue, 05 Nov 2024 09:05:42 +0000 Eligible SMEs can apply for funding of 80pc of their project costs, with a maximum grant of €60,000. Read more: New €2m fund launched for SMEs to improve cybersecurity Full Article Enterprise cyberattacks cybersecurity EU Ireland SMEs