The headline is startling: Cybercrime costs the world more than $1 trillion, a 50% increase from 2018. From our experience in the trenches, this feels about right. Attackers are using more complex methods for spreading their malware, and the payloads keep getting more sophisticated – better at evading detection and more effective at delivering their malicious payload.
Between July of 2018 and June 2020, the retail, hospitality and travel industries were hit with 63 billion credential-stuffing attacks. Credential stuffing is a cyber attack method in which attackers use lists of compromised user credentials to breach into a system.
There is no threat greater than a nation-state hacking team, as they are highly skilled, fully equipped with the latest attack methodologies, have unlimited resources, can launch attacks in large scale and are almost untouchable by law enforcement. North Korea has been a major player in this space for years, adding billions to their economy through cyber attacks.
There is no threat greater then a nation-state hacking team, as they are highly skilled, fully equipped with the latest attack methodologies, have unlimited resources, can launch attacks in large scale and are almost untouchable by law enforcement.
Email continues to be the largest attack vector, according to a recent study from Mimecast. Most organizations realize this but lack additional controls and fail to properly educate their users on how to identify attack methods such as phishing, malicious attachments and Business Email Compromise.
Intel is back in the news with another vulnerability related to their CPU architecture. Two separate academic teams disclosed two new and distinctive exploits that bypass Intel’s Software Guard eXtension, which is the most sensitive region of the company’s processors because it protects encryption keys.
Covid-related social engineering attacks continue to make headlines, as most businesses shift work to a stay-at-home model for continued operations. There are numerous articles about attack types and vectors, so make sure your users are aware and informed.
27% of IT managers believe that attacks against their network can be attributed to nation states. This figure is up significantly from a year ago, and it should wake up anyone involved in Risk and Security. Ensure that you have properly adjusted the risk to your organization for the possibility of a sophisticated attack from a Nation State and calculated for the type of damage that they could inflict.
With tension rising between Iran and the United States, cyber warfare is on the rise. Many government agencies are releasing statements advising company’s and governments to stay protected and aware of potential threats. This past week we have seen pro Iran targets deface government websites and launch multiple attacks. Some of these are effecting entire cities and states.
This month we have seen mobile and smart devices become a key topic of discussion. With the Chinese company Tencent exposing flaws in the Qualcomm chipsets found in most android devices today, we must remember to stay vigilant in monitoring who and what our devices are connected to.