Open source vulnerabilities add to security debt
The number of open source vulnerabilities that Mend identified and added to its vulnerability database in the first nine months of 2022 was 33 percent greater than the first nine months of 2021, reflecting both the growth in the number of published open-source packages and the acceleration of vulnerabilities. As businesses continue to heavily rely…
Transportation sector targeted by both ransomware and APTs
Trellix released The Threat Report: Fall 2022 from its Advanced Research Center, which analyzes cybersecurity trends from the third quarter (Q3) of 2022. The report includes evidence of malicious activity linked to ransomware and nation-state backed advanced persistent threat (APT) actors. It examines malicious cyberactivity including threats to email, the malicious use of legitimate third-party…
Cyberattacks in healthcare sector more likely to carry financial consequences
Netwrix announced additional findings for the healthcare sector from its global 2022 Cloud Security Report, revealing that 61% of respondents in the healthcare industry suffered a cyberattack on their cloud infrastructure within the last 12 months, compared to 53% for other verticals. Phishing was the most common type of attack reported. “The healthcare sector is…
Ransomware is not going anywhere: Attacks are up 24%
Avast released a report revealing a significant increase in global ransomware attacks, up 24% from Q1/2022. Researchers also uncovered a new zero-day exploit in Chrome, as well as signals how cybercriminals are preparing to move away from macros as an infection vector. Ransomware attacks increase After months of decline, global ransomware attacks increased significantly in…
The price of stolen info: Everything on sale on the dark web
What is the price for personal information, including credit cards and bank accounts, on the dark web? Privacy Affairs researchers concluded criminals using the dark web need only spend $1,115 for a complete set of a person’s account details, enabling them to create fake IDs and forge private documents, such as passports and driver’s licenses….
New threat groups and malware families emerging
Mandiant announced the findings of an annual report that provides timely data and insights based on frontline investigations and remediations of high-impact cyber attacks worldwide. The 2022 report––which tracks investigation metrics between October 1, 2020 and December 31, 2021—reveals that while significant progress has been made in threat detection and response, adversaries are still innovating…
A multi-party data breach creates 26x the financial damage of single-party breach
Cyentia Institute and RiskRecon released a research that quantifies how a multi-party data breach impacts many organizations in today’s interconnected digital world. The study is based on an analysis of 897 multi-party breaches involving three or more interrelated companies. The impact of multi-party data breach events 897 multi-party data breach incidents, also referred to as…
Alert overload still plagues cybersecurity industry
Alert overload still plagues the cybersecurity industry, according to Critical Start. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each day, a 12% increase from 2019. Moreover, 25% of respondents said they investigate 21 to 40 alerts each day, up from 14% the year prior. “Just like businesses and organizations from both…
Digital-first lifestyle opens consumers to potential risks during tax season
Consumers have faced a lot of change over the past year with the shift to a digital-first lifestyle, and tax season with increasing risks is no exception. McAfee’s 2021 Consumer Security Mindset study revealed that while roughly 2 out of 3 Americans (63%) plan to do their taxes online in 2021, 12% of Americans will…
Number of ransomware attacks grew by more than 150%
By the end of 2020, the ransomware market, fueled by the pandemic turbulence, had turned into the biggest cybercrime money artery. Based on the analysis of more than 500 attacks observed during Group-IB’s own incident response engagements and cyber threat intelligence activity, researchers estimate that the number of ransomware attacks grew by more than 150%…
