How to Create a Strong Security Culture – IT Governance UK Blog

How to Create a Strong Security Culture – IT Governance UK Blog

Getting a greater return on investment on your security measures We all have a responsibility for security. Regardless of role or rank, everyone has their part to play: Practising good cyber hygiene Knowing how to spot a phishing attack Reporting phishing emails and (possible) breaches Contrary to popular belief, cyber and information security aren’t just matters for IT. But to ensure that all staff truly take note of security and apply the knowledge gained from…

Read More

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Sep 25, 2024Ravie LakshmananEmail Security / Threat Intelligence Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations. As many as 15 breached email accounts have been identified as used…

Read More

Data breach victims increased by 490% since the first half of 2023

Data breach victims increased by 490% since the first half of 2023

The Identity Theft Resource Center (ITRC) has released a report analyzing H1 data breach incidents for 2024. According to the report, there was a 490% rise in data breach victims in H1 of 2024 compared to H1 of 2023. Yet, Q2 had 732 publicly reported data breaches, which represents a 12% decrease from Q1.  Security leaders weigh in  Stephen Kowski, Field CTO at SlashNext:  “The surge in breach victims is likely due to several large-scale…

Read More

New APT Group

New APT Group

Jul 08, 2024NewsroomCyber Espionage / Cloud Security A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed out the differences in the malware source code. The attacks wield an innovative data-gathering program…

Read More

5 crucial cybersecurity resolutions to embrace this World Backup Day

5 crucial cybersecurity resolutions to embrace this World Backup Day

World Backup Day is coming up on March 31st. But let’s face it: like most commemorative dates, it’s a fluffy holiday standing in for a critical idea — businesses and individuals need to take data security way more seriously than they currently do. Against a backdrop of rising cybercrime, this is especially true. Cybercrime’s global cost will skyrocket over the next four years, going from $9.22 trillion in 2024 to $13.82 trillion in 2028. And…

Read More

Proofpoint: APAC Employees Are Choosing Convenience, Speed Over Cyber Security

Proofpoint: APAC Employees Are Choosing Convenience, Speed Over Cyber Security

CISOs know best practice information security management comes down to people as much as technology. Without employees and a robust security culture on your side, tech deployment will not stop threat actors, who continue to find their way into organisations. It appears Asia-Pacific employees are not getting the message. Cyber security company Proofpoint recently surveyed 7,500 employees and 1,050 security professionals in 15 countries, including Australia, Japan, South Korea and Singapore. The company found that…

Read More

Tap into connection points between security and privacy

Tap into connection points between security and privacy

Data privacy and information security are both critical components of building customer trust for organizations. Privacy protects our personal data and empowers us to control its use, while security shields information against unauthorized access and threats. Balancing these needs is key, like finding the sweet spot between convenience and robust protection. In the face of challenges posed by emerging technologies, evolving regulations and the escalating volume of data, privacy and security teams often find themselves…

Read More

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

Mar 05, 2024NewsroomEmail Security / Network Security The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this approach were observed on February 26 and 27,…

Read More

Ossie Munroe | Top Cybersecurity Leaders 2024

Ossie Munroe | Top Cybersecurity Leaders 2024

While Ossie Munroe is relatively new to the security industry, his career at Bloomberg spans three decades. Munroe joined the organization in 1990, moving through a variety of positions before transitioning into the security field in 2013. “While my career journey within Bloomberg has seen me move between five departments since my start at the company, that bares no reflection on the company’s culture for internal career changes. Instead, this decision was driven mostly by…

Read More

Jorge Mario Ochoa | Top Cybersecurity Leaders 2024

Jorge Mario Ochoa | Top Cybersecurity Leaders 2024

Learning is a lifelong process and is something Jorge Mario Ochoa has certainly taken to heart. The cybersecurity leader complements his knowledge with master’s degrees in seven disciplines including leadership, business administration, project management, talent management, big data and data analysis, cybersecurity, artificial intelligence and deep learning, as well as a Ph.D. in psychology. Jorge Mario considers a well-rounded education an important tool for cybersecurity professionals. “I am a firm advocate for education and collaboration,”…

Read More
1 2 3 35