News September 30, 2024

CISA launches portal to simplify cyber incident reporting

2 min read - Information sharing just got more efficient. In August, the Cybersecurity and Infrastructure Security Agency (CISA) launched the CISA Services Portal. “The new CISA Services Portal improves the reporting process and offers more features for our voluntary reporters. We ask organizations…

Risk Management September 17, 2024

NVD backlog update: Attackers change tactics as analysis slows

4 min read - Updated Sept. 24, 2024 In February, the number of vulnerabilities processed and enriched by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) started to slow. By May, 93.4% of new vulnerabilities and 50.8% of known exploited…

News September 16, 2024

The rising threat of cyberattacks in the restaurant industry

2 min read - The restaurant industry has been hit with a rising number of cyberattacks in the last two years, with major fast-food chains as the primary targets. Here’s a summary of the kinds of attacks to strike this industry and what happened…

News September 4, 2024

3,000 “ghost accounts” on GitHub spreading malware

3 min read - In the past, cyber criminals directly distributed malware on GitHub using encrypted scripting code or malicious executables. But now threat actors are turning to a new tactic to spread malware: creating ghost accounts. A highly effective malware campaign Check Point…

News August 30, 2024

Warren Buffett’s warning highlights growing risk of cyber insurance losses

3 min read - The United States cyber insurance industry continues to see strong profits, according to Fitch Ratings. Average premium increases, meanwhile, have moderated over the last three years: While 2021 saw a 34% jump in premium pricing and costs rose 15% in…

Risk Management August 23, 2024

How Paris Olympic authorities battled cyberattacks, and won gold

3 min read - The Olympic Games Paris 2024 was by most accounts a highly successful Olympics. Some 10,000 athletes from 204 nations competed in 329 events over 16 days. But before and during the event, authorities battled Olympic-size cybersecurity threats coming from multiple…

News August 16, 2024

The cyberattack cycle: First comes outage, next comes phishing

3 min read - Phishing attacks in the wake of a service, system or network outage are always a danger. For example, during the massive PlayStation Network outage in 2011, phishers took advantage of user confusion and frustration. Intruders sent phishing emails pretending to…

Risk Management August 15, 2024

CISOs list human error as their top cybersecurity risk

3 min read - With cybersecurity, the focus often is on technology — specifically, how cyber criminals use it to conduct attacks and the tools that organizations can use to keep their systems and data safe. However, this overlooks the most important element in…

News August 5, 2024

Hacker group FIN7 is selling EDR evasion tools to other cyber criminals

3 min read - Entrepreneurship is rampant these days — even across the dark web. While the paths of cyber gangs are often winding and often involve alliances or rebrandings, the newest activity of FIN7 creates a new dynamic in the cybersecurity world that…

News August 2, 2024

CISA and FBI warn the public about OS command injection vulnerabilities

3 min read - On July 10, 2024, CISA and the FBI released a new Secure by Design Alert that highlighted the dangers of OS (operating system) command injection vulnerabilities in common software products. Although these vulnerabilities continue to surface in modern software solutions,…