Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2022

tripwire

Email Fraud in 2022: What you Need to Know

With how much of our personal and professional lives take place online, it becomes more important each day for us to understand our vulnerability to cyberattacks. Cybercriminals target emails, domains, and accounts in order to impersonate identities and scam consumers and businesses alike. In 2021 alone, email spoofing and phishing increased by 220% and caused $44 million in losses. It is crucial to employ defenses to protect against these attacks.

manageengine

Five worthy reads: Privacy vs. monetization

Since the advent of the internet, personal data has been collected by internet companies in exchange for free services or content. This barter was also intended to provide personalized services to users. However, these data harvesters started selling data to advertising agencies for huge profits, which resulted in predatory marketing efforts towards internet users.

veracode

A Swift Kick in the Nuts and Bolts of Banking

The global financial services industry is undergoing a seismic shift and not enough people are truly aware of what this means. By November of this year, banks and other financial institutions must have in place a new process for payment systems that uses the ISO 20022 standard instead of SWIFT. This must be active by November and by 2025, all financial institutions will have to be compliant.

elastic

KNOTWEED Assessment Summary

On July 27, 2022, Microsoft Threat Intelligence Center (MSTIC) disclosed a private-sector offensive actor (PSOA) that is using 0-day exploits in targeted attacks against European and Central American victims. MSTIC and others are tracking this activity group as KNOTWEED. PSOAs sell hacking tools, malware, exploits, and services. KNOTWEED is produced by the PSOA named DSIRF.

Webinar: Back To Basics, All That You Need To Know About Securing Your Business - 28 July 2022

Cybersecurity is now a shared responsibility. Along with a strong IT infrastructure that protects users, environments, and data, it is also essential to foster a culture of security among employees and active users to keep organizations breach-free. In this webinar, we come back to the basic elements of cybersecurity and review the principles of security and the key practices that need to be adopted in every organization, regardless of size. Join us the discussion, which will cover.
Arctic Wolf

Incident Response: Compare Options for Your Organization

The FBI published their 2021 Internet Crime Report with data from the FBI’s Internet Crime Complaint Center (IC3). This report shows that Business Email Compromise (BEC) / Email Account Compromise (EAC) attacks far exceed the volume and losses of Ransomware attacks. Organizations need to be prepared and know who they are going to call when they experience BEC/EAC, as well as ransomware, or other high-severity incidents.

Torq

How Chatbot Automation Benefits Security Teams

When you hear the term “chatbot,” your mind may at first turn to things like robotic customer support services on retail websites – a relatively mundane use case for chatbots, and one that is probably hard to get excited about if you’re a security engineer. But, the fact is that chatbots can do much more than provide customer support.

netacea

5 ways to improve payment security in your business

Payment fraud is a huge problem for eCommerce and online retail businesses. Even among the world’s biggest companies, there are horror stories about payment security problems like credit card data theft and financial fraud: Cyberthreats like carding attacks are responsible for most modern large-scale data theft. Payment fraud losses cost companies more than $33 billion in 2021 — and this is expected to rise to more than $40 billion by 2027.

synopsys

Introducing IaC Security from Black Duck

Black Duck’s newest release delivers all-new, lightning-fast infrastructure-as-code (IaC) scanning capabilities. The news is just in, and it’s big: Black Duck now offers IaC scanning functionality. With no additional licenses required, this capability is available immediately for all existing Black Duck customers. Let’s dig into exactly what this means for you, how it helps your existing security efforts, and what you can expect in the months to come.