The Cybersecurity and Geopolitical podcast covers the enmeshing of cybersecurity and geopolitics and the new challenges and intriguing flashpoints these bring to enterprise security and risk professionals. This month, we delve into the threatening and alarming world of misinformation, disinformation, and conspiracy theories.
The FBI says that complaints concerning online scams and investment fraud have now reached a record-breaking level. The Internet Crime Complaint Center (IC3) received its six millionth complaint on May 15. It took nearly seven years for the FBI’s Internet Crime Complaint Center (IC3) to log its first million complaints. It took only 14 months to add the most recent million.
Vectra AI, provider of threat detection and response, released its 2021 Q2 Spotlight Report, Vision and Visibility: Top 10 Threat Detections for Microsoft Azure AD and Office 365. This new research details the top 10 threat detections that customers receive by relative frequency when Vectra detects abnormal behavior in a customer environment, which are then used by customers to help ratify attacks in cloud environments.
Ben Johnson, former NSA and Chief Technology Officer (CTO) of SaaS application security firm, Obsidian, has found that businesses around the world are adopting Software as a service (SaaS) apps in droves for collaboration, ease of access to data and business continuity. With this increased adoption, comes the inevitable trend of state-sponsored actors merely logging in to steal data rather than having to break in. Here, Johnson talks to Security magazine about security issues associated with SaaS applications.
We have all been served by a surly retailer whose made us feel that their job and life would be easier, if it weren’t for the customers. Alas, sometimes it feels the same applies in cybersecurity. Life would be so much better, if not for those pesky employees.
The recent ransomware attack of the Colonial Pipeline has reinvigorated calls from legislators to strengthen the defenses of U.S. pipelines and the electric power grid. Over the last several years, a repeatable pattern is becoming apparent with each major cyber-attack. A critical cyberattack occurs that is followed by outrage that result in statements from government leaders with calls for action - all followed by proposed ideas on how to better mitigate the risk of cyberattacks in the future. Yet, it seems that time goes by and with the next major attack the cycle starts all over again. This time, government is taking a more rigorous approach to proposing solutions to end the vicious cycle.
In the tense political and economic climate, state-backed actors have used every possible means to gain leverage over their rivals. And in the midst of the chaos, every individual and organization can become a victim or collateral damage in the context of bigger conflicts. Here’s a glimpse of where we are and how organizations can protect themselves going forward.
Conti ransomware gang appears to be behind Ireland's Health Service Executive (HSE) ransomware attack, according to reports. HSE, a $25 billion public health system, shut down its IT systems to protect the service from further damage, switching to a paper-based system. Though life-saving equipment and COVID-19 vaccine programs were still operating, several healthcare practices across Ireland were forced to cancel low priority appointments.
The Standoff 2021 is taking place this week May 18-21, in conjunction with PHDays (Positive Hack Days) – one of the top cybersecurity conferences in Europe that features the world's cutting edge in digital security every year. The Standoff is an online offensive/defensive competition in which defenders (blue teams) compete against attackers (red teams) to control the infrastructure of a simulated digital city.
Rapid7 has disclosed that the attackers behind the Codecov breach had accessed some of the company's source code using a previously compromised Bash Uploader script from Codecov.
RSS
