Posts

Global Risks Ranked

Image
 Global Risks Ranked Not listed are water security, Food security, and Energy Security. World Economic Forum - Global Risks Report 2023 These are just the top 10 risks. Surprisingly: "use of weapons of mass destruction" is number 28. Here's the full list: World Economic Forum - Global Risk Report 2023 But with increased cybercrime, we are likely to see increased disruption in critical technology systems, which may affect food and water supplies, transport, financial systems, space, military, and communication systems.

Cybercrime Is Becoming an Increasingly Larger Threat Every Day

Image
  Cybercrime Is Becoming an Increasingly Larger Threat Every Day The FBI’s Internet Crime Complaint Center (IC3) releases annual reports on cybercrime. The latest report shows that from 2017–2021, the number of Americans who filed a cybercrime complaint rose by 181%, and total losses increased by 393% during the same period. IC3 Complaint Statistics Source:  https://www.hsdl.org/c/2021-internet-crime-report/ It is not just Americans that are seeing a rise in cybercrime—it’s businesses with global operations too.

IS your network secure?

Image
 IS your network secure? Did you know 1 in 10 business leaders don't know if they've got the right security people and skills in place? Now that's shocking. World Economic Forum - 2023 Global Security Outlook Report The gap between business and security is starting to close thanks to better communication. It's just in time, especially with the cyber landscape getting increasingly more complex. But recruitment and retention is still a major issue. In fact — 64% of cyber leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience.

https://app.cybrary.it/login

 CISSP https://app.cybrary.it/login Cyber Videos

Zero-Day Exploit

 Zero-Day Exploit  It’s hardly surprising that the number of zero-day flaws continues on an upward trajectory. But 2021 blew all other years out of the water as malicious actors exploited a total of 58 new zero-day threats, compared to 25 flaws in 2020 and 21 vulnerabilities in 2019. And no doubt the stakes are getting higher as critical systems become more connected. In recent years, hackers have used zero-day attack threats to compromise Microsoft servers and install advanced spyware on smartphones for espionage activities targeting journalists, politicians, and human rights activists. In August 2021, for example, a zero-day vulnerability known as “PwnedPiper” was found in the pneumatic tube systems used by hospitals to transport bloodwork, test samples, and medications, which allowed attackers to exploit flaws in the control panel software while opening the door for unauthorized and unencrypted firmware updates. What you need to know: A zero-day vulnerability, at its core, ...

Wire Attack

 Wire Attack  While the SWIFT network has experienced fewer attacks since its infamous 2016 bank heist, cybercriminals are readily using wire transfers in new and creative ways to launch malicious, if not lucrative and creative cyber assaults. In one high-profile example in 2018, Frank Krasovec, an owner of Domino’s Pizza franchises in China, lost $450,000 when a fraudster intercepted his email and convinced his assistant to wire money to Hong Kong on two occasions. More recently in 2020, attackers targeted a bank manager in Hong Kong with a call that impersonated the voice of a director he knew via AI voice cloning technology. The cybercriminal impersonating the executive claimed his company was making an acquisition and requested that $35 million in funds be wired electronically to another account. Usually initiated with a phishing attack or malware, wire transfer attacks provide the vehicle for transferring copious sums of money quickly. What you need to know: Wire attacks ...

Web Session Cookie Theft

 Web Session Cookie Theft  Almost every web application we use, from social media and streaming platforms to cloud services and financial applications, runs on authentication cookies. Though cookies make our experience on the web much more convenient, they also create a vulnerability that can be abused to great effect. In late 2019, a group of loosely connected hackers made a name for themselves by executing cookie theft malware to hijack various YouTube channels, then luring unsuspecting owners with bogus offers to broadcast cryptocurrency scams or sell the accounts to the highest bidder. What you need to know: When an attacker successfully steals a session cookie, they can perform any actions the original user is authorized to take. A danger for organizations is that cookies can be used to identify authenticated users in single sign-on systems, potentially giving the attacker access to all of the web applications the victim can use, like financial systems, customer records o...