In the early hours of Friday, companies in Australia running Microsoft’s Windows operating system started reporting devices showing Blue Screens of Death (BSODs). Shortly after, reports of disruptions started flooding in from around the world, including from the UK, India, Germany, the Netherlands, and the US: TV station Sky News went offline, and US airlines United, Delta, and American Airlines issued a “global ground stop” on all flights.

Within a day of the global outage linked to a CrowdStrike faulty software update that leaves Windows systems displaying the dreaded "blue screen of death," cybercriminals launched deceptive websites with domain names that include keywords such as "CrowdStrike" and "blue screen." Hackers are hoping to attract unsuspecting users searching for IT fixes for the outage, according to CISA, other government agencies and security researchers.

By: Priscilla Emery on July 23rd, 2024: I want to share my thoughts on the ongoing debate within the information management industry about how to effectively sell the value of investing in information management. Some argue that the focus should be on business outcomes and solving the problems that keep decision-makers up at night, while others emphasize the importance of compliance and risk mitigation.

The number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months, according to the Identity Theft Resource Center (ITRC). The non-profit compiled the figures for its H1 2024 Data Breach Analysis from publicly reported breaches in the US. It claimed the Q2 increase in victim numbers was due to the impact of a small number of large breaches, and impacted organizations like Prudential Financial and Infosys McCamish System revising victim counts up from tens of thousands to millions of customers.

The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger the vulnerability to launch phishing attacks. The researchers demonstrated the bug exploitation to TechCrunch, Kokorin told TechCrunch that he reported the bug to Microsoft, but the company replied that it couldn’t reproduce his findings. Then Kokorin disclosed the flaw on X. The researcher explained that the vulnerability works when an attacker sends an email to Outlook accounts.

More than nine in 10 (92%) organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023, according to a new report by Barracuda. Scamming and phishing continued to make up the vast majority (86%) of social engineering attacks last year. There were some notable trends in how attackers are targeting users via social engineering techniques:

Using multifactor authentication wherever possible remains a must-have security defense, not least because it makes network penetration more time-consuming and difficult for attackers to achieve. Even so, MFA isn't foolproof, and attackers have been refining their tactics for bypassing or defeating the security control to gain remote access to a victim's network. Cisco Talos in a Tuesday blog post said that during the first quarter of this year, nearly half of all security incidents it helped investigate involved MFA. Specifically, 21% of the attacks it probed involved improperly implemented MFA, and 25% involved push-based attacks, in which attackers attempt to trick users into accepting a push notification sent to their MFA-enabled device.

The US government has banned cybersecurity provider Kaspersky from selling its products in the country because of the company’s alleged links to the Russian regime. On June 20, 2024, the US Department of Commerce’s Bureau of Industry and Security (BIS) issued a Final Determination prohibiting Kaspersky Lab, Inc., the US subsidiary of the Russian cybersecurity firm, from providing any products or services in the US. Kaspersky Lab, Inc., its affiliates, subsidiaries and resellers, will no longer be able to sell Kaspersky’s software within the US or provide updates to software already in use. The BIS has set a deadline of September 29, 2024, giving US consumers and businesses time to switch to alternative cybersecurity solutions. Commerce Secretary Gina Raimondo added that the US must act against Russia’s "capacity and intent to collect and weaponize the personal information of Americans.”

Cybersecurity is difficult for small businesses, but there is help and support so that even the smallest organization can stay on top of essential security. Being a smaller organization has many benefits and challenges at the best of times. It can often be a tricky issue from a cybersecurity perspective. On one hand you’re probably too small to have a dedicated cyber function – it may well even be a stretch to afford a full-time IT manager. Yet on the other side of the coin, in everything but the smallest company the potential impact of a cyber-attack can be devastating in terms of financial or reputational damage, or even job losses if things go really bad.

Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info. Online storage service Dropbox is warning customers of a data breach by a threat actor that accessed customer credentials and authentication data of one of its cloud-based services. The breach occurred when an unauthorized user gained access to the Dropbox Sign (formerly HelloSign) production environment, something administrators became aware of on April 24, according to a blog post published on May 1. Dropbox Sign is an online service for signing and storing contracts, nondisclosure agreements, tax forms, and other documents using legally binding e-signatures.

A US-led law enforcement operation has successfully disrupted the 911 S5 botnet, believed to be the world’s largest ever botnet. The 911 S5 botnet is a global network of millions of compromised residential Windows computers used to facilitate cyber-attacks, large scale fraud, child exploitation and other serious criminal activity. The network of devices was associated with more than 19 million unique IP addresses, including 613,841 IP addresses located in the US. Cybercriminals were allowed to purchase access to these infected IP addresses to conduct various criminal activities. The US Department of Justice (DoJ) also announced the arrest of a Chinese national, YunHe Wang, 35, on charges relating to the creation and operation of 911 S5.

Trellix research exposes the dangers of fake antivirus websites disguised as legitimate security software but harbouring malware. Learn how to identify these scams and protect yourself from threats like identity theft and ransomware attacks.

A new study by CyberSN warns that the overall number of cybersecurity job postings in the US decreased by 22% from 2022 to 2023. The cyber job platform provider added that this decline is alarming and could impact national security, as some of these roles are essential for maintaining organizational and national cyber defenses.

Strong passwords—those that are long, random, and unique—are essential to your personal cybersecurity, especially as advancements in computer processing speed and power continually make it easier for threat actors to crack passwords that do not meet these requirements. However, it is not practical for a person to remember all of their passwords. Password managers were created to solve this problem, helping you to formulate strong passwords and “remember” them.

The absence of competent security operations staff at small and medium-sized businesses (SMBs) is the reason behind the surge in cyber attacks against them, a report has revealed. Findings of the report by cybersecurity firm, Sophos, revealed that nearly 50 per cent of malware detections for SMBs were keyloggers, spyware, and stealers, malware that attackers use to steal data and credentials.

Magnetic tape was first used to record computer data way back in 1951. If you see the tape decks that feature in ‘computers’ in vintage movies, it’s hard to believe the medium is still around… let alone at the cutting edge of data storage. In fact, magnetic tape is thriving with strong sales of LTO Ultrium, the current de facto standard.

Employee fraud grew significantly last year thanks to the opportunities afforded by remote working and the pressures of a cost-of-living crisis in the UK, according to Cifas. The anti-fraud non-profit claimed that the number of individuals recorded in its cross-sector Insider Threat Database (ITD) increased 14% year-on-year (YoY) in 2023, with the most common reason being “dishonest action to obtain benefit by theft or deception” (49%).

The biggest challenge to spotting a threat is knowing what to look for. The greatest challenge for most organizations who are trying to identify insider threats, is visibility into employee behavior and actions. Without it, you lack context to understand whether activity is beneficial or harmful to the organization. This ebook provides guidance around the steps necessary to spot insider threats both proactively and reactively, including how to : Define insider risk, Monitor leading indicators and Look for active indicators.

The U.S. National Institute of Standards and Technology (NIST) has long been a useful source of resources to help cybersecurity teams evaluate needs, plan investments, and implement best practices. In 2013 it published the NIST Cybersecurity Framework (CSF) as the primary repository for guidance on establishing effective cybersecurity practices. Now comes the news that the updating process is complete and CSF 2.0 has been officially published. So, let’s have a look at what’s changed and how those changes may affect your efforts to understand, implement, and maintain cybersecurity best practices.

Just 3% of organizations are resilient against modern cybersecurity threats, according to Cisco’s 2024 Cybersecurity Readiness Index. This represented a significant decline in the proportion of global organizations that had a ‘mature’ level of readiness compared to last year, when 15% were ranked mature.

Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database.

World Backup Day is an annual reminder of how important it is to have an up-to-date, readily accessible copy of everything that matters to your business. Resilient backups allow you to recover more quickly from data damage, disruption, or loss, particularly if a ransomware attack has resulted in encrypted or deleted files. These are well-known and widely reported benefits of backups — but there’s more. Immutable data backups can also protect you from the underrated threats of data tampering and malicious insiders, unpredictable activities that can significantly damage brand trust and reputation if they’re not addressed.

Microsoft Copilot is a state-of-the-art generative AI tool integrated into Microsoft 365, designed to assist users in content creation. It operates by harnessing a wide array of data sources, including emails, documents, and calendar meetings, as input for generating text-based content. Copilot‘s reliance on various data sources introduces the risk of generating content based on sensitive data, passwords, or personally identifiable information (PII). For example, imagine Copilot inadvertently generating an email that includes sensitive customer information, such as credit card details, without proper review, posing a risk of unintentional data exposure. In scenarios where companies serve multiple clients, Copilot might negligently generate content that contains or is based on data from one client while preparing content for another.

If you’ve used ChatGPT, you know how powerful and helpful it can be. For the security conscious enterprise, however, there are some red flags. Large corporations like JP Morgan Chase and Verizon are blocking employees from accessing the popular AI chatbot. Even Microsoft, one of Open AI’s largest investors, temporarily restricted access to ChatGPT recently. This is interesting news, especially considering Microsoft is rolling out its own AI chatbot for the enterprise called Copilot. It’s already available for Windows users, with enterprise rollouts not far behind. Like ChatGPT, Copilot can be a wonderful tool, but it introduces some notable risks for the enterprise.

Revisions to the New York State Department of Financial Services (NYSDFS) Part 500 cybersecurity regulation are now final — just in time for 2024 budgets. While some of the more prescriptive elements of the proposed rule have given way to a more flexible, risk-based approach, most of the rule’s revisions remain intact. The final rule retains enhanced requirements for governance, risk assessments, password and data management, as well as the net-new requirements for asset inventory, business continuity and disaster recovery (BCDR), and independent audits.

A strange and somewhat sad LockBit-related situation has developed over the last few days. @LockBitSupp, the presumed leader of the prolific LockBit ransomware group, published a formal response to Operation Cronos and the FBI. In a nearly 3,000-word document, LockBitSupp published his account of what happened, what was seized, what remains, and what he learned. We have the background on Operation Cronos and LockBit here. I have paraphrased the notable points in the document and included some direct quotes from the author. This section includes comments from the LockBit response letter, not from Barracuda or other third-party sources.

Many strategies for fighting ransomware, like taking regular backups, are the same no matter where you host data — in the public cloud, in a private data center, or on-prem. However, companies that operate data centers can deploy some special practices that may reduce their risk of falling victim to ransomware attacks. When you control all aspects of your infrastructure and hosting facility, you can do things to mitigate ransomware threats that wouldn't be possible elsewhere.

“…because (use of Generative AI and Large Language Models) is so easy, 2024 will be the year that English becomes the best programming language for evil…”

To stay on top of both old and new challenges, IT chiefs should evaluate their current business and technology strategies and, when necessary, adjust them to address rapidly evolving technology, business, and economic practices. The following 10 priorities should be at the top of your list.

A survey of 1,500 IT (1,000) and IT security (500) decision-makers found more than half (52%) worked for organizations that experienced a cyberattack that prevented access to data within the past 12 months, with 85% of them admitting they paid ransoms to access data. Conducted by the market research firm Vanson Bourne on behalf of Dell Technologies, the survey also found three-quarters (75%) of respondents worried existing data protection measures are unable to cope with ransomware threats. Well over two-thirds (69%) were not very confident they could reliably recover in the event of a destructive cyberattack, the survey found.

As the Security and Exchange Commission (SEC) gets tough on businesses’ cybersecurity posture, IT security leaders will need to beef up incident response plans—a notable challenge for organizations currently lacking in this area. As of December 18, 2023, publicly traded organizations must begin complying with the SEC disclosure regulations unveiled in July, which mandate disclosure of “material” threat incidents within four days.

Hackers broke into the SEC's X account to falsely post that Bitcoin ETFs were approved, causing $90 million in liquidations.

Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? •What should I be most concerned about – and focus on – in 2024?

A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world.

By the end of the decade, ‘cold’ or inactive data could represent the majority of Enterprise data stored1. But how best to preserve and protect this valuable data for years, even decades, while reducing storage costs, addressing environmental, social and governance goals and strengthening cybersecurity? The answer is with LTO tape technology. With current LTO-9 tape systems, you can securely store over 25 Petabytes* of data in a single data center rack, at a fraction of the cost and power of disk-based storage2. So bring your archives down to size with innovative and sustainable LTO technology. Big data has never felt so small.

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction — such as a link to a civil claim filed in federal court — as reasonably likely to provide notice of the lawsuit to the defendant. Experts say the development could make it easier for victims of crypto heists to recover stolen funds through the courts without having to wait years for law enforcement to take notice or help.

Google says the Chrome Safety Check feature will work in the background to check if passwords saved in the web browser have been compromised. Chrome will also alert desktop users if they're using extensions flagged as dangerous (taken down from the Chrome Web Store), the latest Chrome version, or if Safe Browsing is enabled to block websites on Google's list of potentially unsafe sites.

2023 saw a big focus on innovation, spurred in large part by the attention focused on generative AI (genAI) and the impact it may have on business in both the short and long term. In 2024, as more organizations embrace rapid experimentation and launch new genAI initiatives (along with their interconnected risks), they will need to balance that speed of innovation with governance and greater accountability.

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up, just as they have, year-to-year, for the past 20 years. With that in mind, Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind:

Foreign interference actors, mostly operating out of Russia, Iran, and China, are ramping up efforts to influence US audiences ahead of 2024's national elections. One prime example is Doppelganger, a Russia-based influence operation that has established several inauthentic news sites and social media accounts to disseminate stories designed to stoke political and social divisions in the US in the run-up to the elections.

For those in charge of industry standards, ensuring rules are up to date and fit for purpose is a constant battle against time. And when it comes to addressing the risk of payment card data theft, the stakes couldn’t be higher. That’s why the latest version of the Payment Card Industry Data Security Standard (PCI DSS) is a big deal. Going into effect March 31, 2024, PCI DSS 4.0 introduces a host of new requirements for organizations that process card data.

Lobbyists for U.S. hospitals oppose a Biden administration proposal for mandatory cybersecurity requirements and possible financial disincentives for organizations that fail to meet those expectations. Industry experts contend that some type of government actions are needed for raising the bar on cybersecurity in the healthcare sector.

Federal regulators mandated that, starting Dec. 18, companies listed on stock market exchanges must determine whether a cyber incident is "material," and if so, disclose it within four business days. Small businesses have until June 15 to comply with the rule.

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.

Cyber insurance has become a critical form of protection for companies as the number of cyberattacks (and their complexity and effectiveness) increases. While this type of liability insurance can help companies recover from an attack – particularly if customers were affected and are also seeking compensation – MSPs and end users may want to consider other types of financial protection in addition to cyber insurance. One emerging offering is a cyber warranty.

Cyber Monday Kicks Off Holiday Shopping Season With E-Commerce Security Risks

Following a hiatus, the Cybersecurity Insurance and Data Analysis Working Group will relaunch in December to determine which security measures are most effective to reduce risk.

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account.

Data theft and data exfiltration are often used interchangeably, but they shouldn’t be. Understanding what each term refers to is important for anyone responsible for protecting an organization’s data. The distinction clarifies the scope and range of options for different approaches to protecting data.

Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look up the SSN or background report on virtually any American. For prices ranging from $8 to $40 and payable via virtual currency, the bot will return detailed consumer background reports automatically in just a few moments.

A cloud migration backlash, of sorts, is playing out. Many companies, indeed, are shifting to cloud-hosted IT infrastructure, and beyond that, to containerization and serverless architectures. However, a “back-migration,” as Michiel De Lepper, global enablement manager, at London-based Runecast, puts it, is also ramping up. This is because certain workloads are proving to be too costly to run in the cloud — resource-intensive AI modeling being the prime example.

The U.S. Securities and Exchange Commission in late October charged SolarWinds and its CISO with fraud and internal control failures. Many organizations are reckless in making statements to the market to preserve their company's stock prices, not realizing the potential for regulatory action, said Paul Dunlop, COO at Fraud Doctor, and Steve Hindle, founder of Achilles Shield.

Ransomware resilience relies not on a single tool, but on several layered protections. Offline backups are a critical layer in a ransomware protection strategy.

As artificial intelligence (AI) technology continues to evolve, cybercriminals are beginning to explore the full potential of these advances. Previously, some of the gating factors of ransomware were around the expertise and volume of work required to launch a successful attack. Even though ransomware-as-a-service (RaaS) existed where some or all the ransomware attack could be jobbed out to a ransomware provider, that meant a would-be ransomware attacker would have to trust another criminal, the RaaS provider. For ransomware attackers that were able to do the work themselves, there was a lot of manual work required, which limited the scope, effectiveness, and volume of the attacks. With AI in the picture, many of these limitations are lifted. 

A cyberattack on a shared IT services organization is forcing five member hospitals in Ontario to cancel or reschedule patient appointments and steer nonemergency patients to other facilities.

Share this list of phishing techniques, detection and prevention tips, and best practices to help employees avoid falling victim to phishing schemes. Only 58% of users know what phishing is, according to a Proofpoint survey -- a staggering gap considering phishing attacks are so common and becoming increasingly sophisticated. The same survey found 84% of organizations faced at least one successful phishing attack in 2022, with 54% of organizations experiencing three or more successful incidents.

Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say.

The odds of a CISO encountering a major cyberattack are about as high as it can get with 9 in 10 CISOs reporting at least one disruptive attack during the last year, according to Splunk research released Tuesday. Almost half of the 350 security executives surveyed said their organizations were hit by multiple disruptive cyberattacks during the last year. At that level of ransom payment activity, CISOs have to operate under the assumption that ransom payments are effectively part of the job.

As our society transforms into a more connected world, an essential component of this shift is the need for safe and secure driving experiences on our roads. The recent hacking of a Tesla in under two minutes by France security firm Synacktiv demonstrates how serious a concern this is—attackers were able to breach the cyber controls of the vehicle to carry out a number of malicious acts, including opening the trunk of the vehicle while in motion and accessing the infotainment system.

A six-month study of federal government cybersecurity suggests the Department of Homeland Security could play a more prominent role in securing civilian networks, in a report that touts a "more centralized defensive strategy."

Artificial Intelligence (AI) is being considered for use in many segments of the storage marketplace. A new report is available that discusses in detail AI in data storage. What does the AI storage landscape look like? What are the opportunities for AI in storage? How will AI usage affect data security and costs? Read on to see highlights from a massive AI storage study.

The Cybersecurity and Infrastructure Security Agency (CISA) is advising organizations to implement a series of steps to thwart social engineering and phishing attacks that span everything from making sure Domain-based Message Authentication, Reporting, and Conformance (DMARC) for received emails is turned on to defining denylists at the email gateway and enabling firewall rules to prevent malware infestations. Recognizing that most cyberattacks can be traced back to stolen credentials, CISA is also encouraging organizations to regularly train end users to both identify suspicious emails and links and document and report them as part of an incident response plan.

Most cyberattacks today begin with system intrusion. This occurs when an attacker uses stolen credentials, phishing attacks, or other means to gain access to your system. Once inside, they, or the malware they place there, can go undetected for long periods of time — often for months — during which time they perform careful reconnaissance. They can take the time to understand your network architecture, scan for unprotected ports, discover where critical, high-value data is stored, exfiltrate that data, identify users with high access privileges, and much more.

The CIA triad is a helpful security model for protecting data. The name refers to the three related pillars of confidentiality, integrity, and availability. The triad plays a crucial role in keeping data safe and secure from growing cyber threats. When a data or security breach occurs, it is often because the victim has not fully executed one or more of these three pillars.

A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world.

Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Nonprofits are equally at risk, and often lack cybersecurity measures. According to Board Effect, 80% of nonprofits do not have a cybersecurity plan in place. If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Here is a 1 Page (simple) Plan; a Very Good Read:

In this instance, both were victims of a Scattered Spider /ALPHV cyberattack. Caesars quickly negotiated with the cyberattackers, and handed over a $15 million ransom payout, which allowed it to proceed with business in relatively short order. MGM meanwhile flatly refused to pay, and just announced that its operations have been recovered after 10+ days of casino and hotel operational downtime (tens of millions of dollars in lost revenue later). While it's tempting to make a judgment as to which approach is better…

Creating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry. Cutting against the grain, Flexxon, a Singapore-based supplier of NAND memory drives and storage devices, arrived at Black Hat USA 2023 calling for a distinctive hardware approach to repelling cyber attacks.

You probably already know that the image of cybercriminals as lone hackers toiling away in a basement somewhere on their own — whether for their own amusement, to earn glory among other hackers, or to sabotage or steal from specific targets — is a very long way from the modern reality. Today, cybercriminal gangs are organized and sophisticated, operating more like modern software companies or traditional organized crime families. Or to be more precise, traditional organized crime has moved into the cybercrime space, driving out the older “mom-and-pop” operators.

When it comes to writing customer case studies, I always look for the human angle — a personal experience that readers can relate to. It’s not always easy to find, but when I spoke to Lacey Gosch about her experiences as Assistant Superintendent of Technology at Judson Independent School District, the human angle on her story was front and center.

“Multiple billions of people and sensors and systems connected in billions of global networks have generated and will continue to generate immense quantities of data.” This quote comes from a new white paper penned by John Monroe of Furthur Market Research called Storage Management in an Age of Minimal Data Deletion. The paper examines the usage, forecasts and strategies for managing the ever increasing quantities of information. This BlogBytes article will review some of the key findings from this must read captivating research. Let’s dive in!

One day Connor Tumbleson got an email saying his identity has been stolen. And this was one of the strangest days he’s ever had.

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

Effective leaders have the power to motivate, inspire, encourage, and guide their teams. While C-suite leadership may receive the most accolades, it is leaders at all levels who hold the keys to the culture of a company. Leadership style is of the utmost importance when it comes to improving widespread cybersecurity readiness.

Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.

The study showed 51% of all installed extensions were high risk and had the potential to cause extensive damage to the organizations using them. The extensions all had the ability to capture sensitive data from enterprise apps, run malicious JavaScript, and surreptitiously send protected data including banking details and login credentials to external parties.

Recent data shows that public-sector organizations are more likely to be hit by ransomware than other sectors; and that when it happens, they are more likely to suffer data loss — and less likely to recover lost data from backups. If you’re responsible for cybersecurity for a state or local government entity, it probably comes as no surprise to you that ransomware attacks against organizations like yours are rapidly increasing in frequency, severity, and effectiveness.

In the first half of 2023, Barracuda Managed XDR collected almost a trillion customer IT events, among which it detected and neutralized thousands of high-risk incidents. During those six months, the most widely encountered high-risk incidents — threats that require immediate defensive action — involved some kind of identity abuse. These kinds of attacks have become increasingly sophisticated over time, but they were spotted and blocked by the Managed XDR platform with the aid of AI-based account profiling.

This awareness document was first published back in 2019. Since then, the API Security industry has flourished and become more mature. We strongly believe this work has positively contributed to it, due to it being quickly adopted as an industry reference. The primary goal of the OWASP API Security Top 10 is to educate those involved in API development and maintenance, for example, developers, designers, architects, managers, or organizations. You can know more about the API Security Project visiting the project page.

Understanding cybersecurity aspects addressed by Cloud Access Security Broker (CASB) and Secure Access Service Edge (SASE)

In today’s business environment, disaster recovery planning is essential to maintain uninterrupted operations. Unforeseen events like natural calamities, cyber intrusions, power failures, and human mistakes can lead to substantial damages in terms of data, efficiency, and profits. Hence, to counter such challenges, companies need to develop a robust disaster recovery strategy that specifies the actions to be taken during a crisis.

Organizations are retaining more and more data for longer periods of time to address regulatory requirements, customer needs and for analytical purposes. A recent report from Solutions North Consulting studies the economic, social and governance impacts of retained data and the benefits of using LTO-9 data storage technology as compared to hard disk and cloud solutions to optimize data value. This BlogBytes will provide key highlights and insights from the study.

Imagine receiving a phone call from someone you believe to be one of your clients. They are asking you to move some money around for them. It sounds like the client. And the voice on the other end is able to answer your simple questions quickly, clearly and accurately. But, before completing the transaction, there's one small detail you should probably know: The voice is artificial and run by scammer who has scraped the unsuspecting client's voice and personal details for their own purposes.

The 3-2-1-1-0 backup rule addresses modern data protection requirements, such as ransomware protection and cloud backup. Find out how it builds on the 3-2-1 rule in this tip.

Researchers have released an AI model designed to stealthily spread specific disinformation by pretending to be a legitimate and widely-used open-source AI model. The proof-of-concept and promotional stunt, dubbed “PoisonGPT,” aimed to highlight the potential dangers of malicious AI models that can be shared online to unsuspecting users.

Security experts say China-based hackers are "leading their peers in the deployment of zero-days" in the wake of another wide-ranging attack that abused a Microsoft Outlook flaw and used forged authentication tokens to access email accounts of governments in the United States and Western Europe.

While there are beneficial features and legitimate uses of remote access software, malicious actors often exploit these products to evade detection and establish network connections through cloud-hosted infrastructure. By leveraging legitimate remote access software, malicious cyber actors are able to undertake a type of attack called living off the land (LOTL). This guide is particularly relevant given demonstrated use of these techniques by advanced adversaries, as reflected in the recent joint advisory highlighting People’s Republic of China state-sponsored actors using LOTL techniques, including exploitation of remote capabilities to evade detection.

How AI Voice Cloning Tools and ChatGPT are Being Used to Aid Cybercrime and Extortion Scams. An overview of the elements of virtual kidnapping and how malicious actors use social engineering tactics and abuse AI voice cloning tools and ChatGPT to launch these attacks.

Alpha Diallo, senior manager of security at Resilience, shares the top four tactics that risk managers can employ to reduce the likelihood of a successful cyber attack on their organisations.

Understanding the anatomy of a ransomware attack empowers security teams to strengthen defenses, reduce the risk of successful attacks, and protect organizations from the serious consequences of a ransomware incident.

Data storage and management are critical concerns for businesses today, given the exponential growth of unstructured data. As such, leaders need to keep an eye on emerging trends to ensure their data remains secure and easily accessible. LTO tape technology continues to gain popularity in this fast-changing environment, with the total tape capacity shipped in 2022 reaching 148.3 Exabytes (EB) (compressed), a 0.5% increase from the previous year. This uptick is driven by continued hyperscaler and enterprise investment in LTO technology, which is seen as a low-cost, secure, and green data storage solution. Moreover, LTO tape technology provides an ultra-secure place to keep an air-gapped copy of data to protect against ransomware and malware.

A GREAT resource, just published!

Analysis of over 360,000 phishing emails reveals some common themes in phoney emails sent to businesses. Don't get caught out by these ones.

In 2021, U.S. government officials, academics, and members of think-tanks and the private sector formed the Ransomware Task Force. Its latest report was published in early August with the help of the Center for Internet Security. The report is designed to give small and medium sized businesses a checklist of step to prepare for, defend against, and recover from ransomware attacks, using data about attacks and what strategies have worked in the past.

“Ransomware is a when, not an if,” said vice president of market strategy Jason Buffington, noting that drove the data presented in the study. According to the survey of 1,200 cybersecurity, IT operations and backup administrators, over 93% of attackers include backups in their attacks, and they are successful in 75% of their efforts. In 39% of those incidents, their backups are entirely lost, according to the survey of 1,200 cybersecurity, IT operations and backup administrators. Buffington noted that the study was conducted by a third-party research firm and fielded to organizations of all sizes worldwide, irrespective of their technology providers.

Unknown senders have been shipping smartwatches to service members, leading to questions regarding what kind of ulterior motive is at play, malware or otherwise. The US Army's Criminal Investigation Division (CID) is warning service members to look out for unsolicited smartwatches arriving in the mail, which likely carry risks of malware and allowing unauthorized access to sensitive systems. When used, the smartwatches are able to auto-connect to the local Wi-Fi network, and can also connect to cellphones, thus allowing access to a user's data.

YOUR CAR KNOWS a lot about you. Over the past decade, vehicles have become increasingly connected and their ability to record data about us has shot up. Cars can track where you’re traveling to and from, record every press on the accelerator as well as your seatbelt settings, and gather biometric information about you. Some of this data is sold by the murky data-broker industry.

If you’re reading this, then you probably have some interest in IT security, and therefore it will not come as news to you that Zero Trust is one of the hottest topics in the field right now. But you might still have some questions about exactly what benefits Zero Trust delivers. So I thought it might be helpful to go over some core use cases and how a Zero Trust Access solution can address them.

These may be challenging economic times but a survey of 200 CISO and IT decision-makers in the U.S. finds that cybersecurity budgets are not only remaining resilient but also in many cases being increased. Conducted by Nuspire, a provider of managed security services, the survey finds well over half of the respondents (58%) reporting that cybersecurity budgets have increased, with 42% planning additional increases.

Data protection against ransomware and cyberattacks is becoming increasingly critical. According to Veeam’s latest Data Protection Trends Report 2023, 85 percent of organizations experienced at least one attack in 2022, and 17 percent experienced four or more. Cyber risks are an unavoidable reality and have necessitated the urgent adoption of new cybersecurity and data protection measures. It is simply not sufficient for organizations to invest in prevention strategies and hope their business does not falter and succumb to an attack. Instead, organizations must be fully prepared for the inevitable: facing a data breach or a security incident.