Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Cloud Security: A Work In Progress

    • Recent research by consulting firm KPMG and software giant Oracle notes that as business leaders digitally transform their operations and move what’s left of on-premise systems to the cloud, adequate security controls are all too often an afterthought.
    • The basics of cloud security are still not understood by many organizations, and worsening confusion over the shared responsibility security model is a pivotal contributor to the readiness gap.
    • Cloud assets were involved in about 24% of the data breaches examined by the Verizon research team that occurred in 2019. A large majority of cloud-based breaches involved email or web application servers.
    - Bob Violino | October 12, 2020
    hak-iq.us20.list-manage.comOctober 12, 2020

  • Blackbaud ransomware attack may have impacted millions of Individuals

    • Nearly 200 organizations and millions of individuals may have been impacted by a security breach earlier this year that targeted Blackbaud Inc., a cloud computing company whose clients include nonprofits, healthcare companies and universities.
    • Blackbaud said it paid the hacker’s ransom demand in return for destruction of the stolen data, a decision some security experts speculate may encourage more ransomware attacks in the future.
    • Blackbaud said forensic investigation found that unencrypted fields intended for bank account information, Social Security numbers, usernames and passwords may have been compromised.
    benefits PRO - Kristen Beckman | October 12, 2020
    hak-iq.us20.list-manage.comOctober 12, 2020

  • Infographic: Ransomware attacks by industry, continent, and more

    • The FBI reported a fourfold increase in cybercriminal activity earlier this year.
    • In North America, the governmental sector topped all listed industries with 15.4% of these bodies reporting a ransomware attack in the previous year.
    • About one-quarter (28%) of small and midsized businesses (SMBs) lack a plan designed to mitigate ransomware attacks.
    - R. Dallon Adams | October 12, 2020
    hak-iq.us20.list-manage.comOctober 12, 2020

  • Whatsapp hacking: the new method hackers are using

    • If you receive a message on your phone explaining that an error has been made and that you have received a message containing a code from another person allowing them to connect to Whatsapp, above all, do not disclose this code.
    • "Hey, I accidentally sent a Whatsapp verification code to your phone. Can you send it to me?" 
      • If a victim responds to this message with the code they received by text message, the perpetrators are in possession of the victims telephone number, and also of the identity verification code.
    - Sara Chemla | October 12, 2020
    hak-iq.us20.list-manage.comOctober 12, 2020

  • ‘Government agencies at higher risk of data breach’

    • The risk of a breach in Nigeria Data Protection Regulation is high among government agencies in the country (Nigeria).
    • The government handles the largest amount of personal data that can be easily compromised.
    • Any public institution, any ministry, department, agency, from local government or whatever, will tend to handle personal data and modern private sector.
    - Ife Ogunfuwa | October 12, 2020
    hak-iq.us20.list-manage.comOctober 12, 2020

  • Why You Should Stop Using SMS Security Codes—Even On Apple iMessage

    • Facebook, PayPal, Microsoft, Twitter, Sony, Uber, Dropbox, Amazon... the list goes on. It’s strikingly ironic—these companies are rightly pushing us to better secure our apps and services with two-factor authentication (2FA), verification codes when we log in or make payments.
    • But the default 2FA option is usually SMS—one-time codes texted to our phones, and SMS has infamously poor security, leaving it open to attack.
    • These messages are in plain text form—they’re not encrypted between sender and receiver, so if an attacker can access the message, they can read the content.
    - Zak Doffman | October 11, 2020
    hak-iq.us20.list-manage.comOctober 11, 2020

  • Types of Cyber Attacks: A Closer Look at Common Threats

    • What Is a Cyber Attack?
    • What Was the First Cyber Attack?
    • Where Do Most Cyber Attacks Come From?
    • How Often Do Cyber Attacks Occur?
    • With remote working becoming a regular feature of the new normal, the need for data protection is now greater than ever.
    • You need a reliable, proven backup and restore solution that can improve your business resiliency and keep critical operations up and running in the event of a cyber attack.
    Business2Community - Dave Wallen | October 8, 2020
    hak-iq.us20.list-manage.comOctober 8, 2020

  • Hackers exploit Windows Error Reporting service in new fileless attack

    • A new fileless attack technique that abuses the Microsoft Windows Error Reporting (WER) service is the work of a hacking group that is yet to be identified.
    • A lure phishing document found by the team was packaged up in a .ZIP file. Titled, "Compensation manual.doc," the file claims to contain information relating to worker compensation rights, but when opened, is able to trigger a malicious macro. 
    • The macro uses a custom version of the CactusTorch VBA module to spring a fileless attack, made possible through shellcode.
    - Charlie Osborne | October 7, 2020
    hak-iq.us20.list-manage.comOctober 7, 2020

  • The impact of COVID-19 on healthcare cybersecurity

    • According to Interpol, COVID-19 has led to shifts in targets from individuals and small businesses to government and critical health infrastructure.
    • Security agencies in the U.K. and U.S. have unsurfaced targeted efforts against the healthcare, pharmaceutical, academic, and research industries tasked with providing uninterrupted patient care to infected people and in coronavirus vaccine research.
    • Attackers are unflinchingly exploiting conditions like increases in teleworking – many with little or no prior experience and planning – fear and anxiety among the general masses, and an overworked and distracted medical workforce.
    • Failure of healthcare systems can have dire consequences: failures to order drugs, schedule operations, or make ambulances available on time during emergencies.
    - Puja Mahendru | October 7, 2020
    hak-iq.us20.list-manage.comOctober 7, 2020

  • Cyber Intelligence Suffers From 'Snobby' Isolationism, Focus on Rare Threats

    • Cyber-threat intelligence (CTI) teams face a host of challenges — a shortage of skilled workers and a lack of resources, for example — but two of the most serious hurdles are, in many ways, self-inflicted: A "snobby" culture that isolates groups and often focuses on the latest interesting threats rather than the actual dangers facing the business.
    • Focusing on zero-day exploits and nation-state adversaries is naturally alluring for CTI teams, but the more common threats facing their organizations are cybercriminal phishing attacks and workers' reuse of passwords.
    - Robert Lemos | October 7, 2020
    hak-iq.us20.list-manage.comOctober 7, 2020

451 A Street, Suite 500
San Diego, CA 92101

[email protected]

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence