Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Fluctuations in consecutive quarterly reports demonstrates that organizations should be worried that their cyber defenses may not be strong enough to stop phishing attacks. I wrote an article back in April of last year about how 1 in 8 emails make it to a user’s Inbox. That number has remained relatively consistent — so much that even the Threat Insights Report for Q1 2024 from HP Wolf Security shows that stat is still accurate. But then there’s the Threat Insights Report for Q4 2023.

Working to ensure all communities within the United States are educated and prepared, the Cybersecurity and Infrastructure Security Agency (CISA) has released a set of tools, services and assistance to level the playing field. It’s no secret that any part of society that is less prepared for a cyber attack has less of a chance to defend itself — which potentially puts all of us at risk. So, CISA began placing some of their focus on high-risk communities within the United States.

In IT, endpoints are the physical devices that connect to a network system. In a corporate environment, endpoints include mobile devices, desktop computers, laptops, servers, and other equipment employees use to access the network and other critical digital systems. A company with fewer than 50 employees typically averages around 22 endpoints, 50-100 employees average more than 100, and companies with more than 1,000 employees average nearly 2,000.

Universities are increasing their reliance on third-party providers for various services, such as electronic health records, telehealth platforms, insurance billing, and mental health support. While these partnerships enhance business operations and save valuable time, they also introduce significant cybersecurity risks.

UAT4356 is a state-sponsored threat actor that targets perimeter network devices in government networks globally with a clear focus on espionage. Their first activity can be traced back to November 2023, although researchers found evidence that the group was testing its capabilities as early as July 2023. So far, the initial attack vector used by the group has not been able to be determined.

Organizations of all sizes need to be proactive in identifying and mitigating vulnerabilities in their networks. To help organizations better understand the value and process of a vulnerability scan, Trustwave’s Philip Pieterse, Managing Consultant for the Americas division of SpiderLabs and Dhervesh Singh, senior Security Consultant with SpiderLabs conducted a webinar exploring key offensive security testing methodologies: vulnerability scanning, penetration testing, and purple teaming.

Some best practices for securely onboarding employees include conducting comprehensive background checks, providing security training for new hires, ensuring employees have least privilege access, equipping employees with a password manager and continuously monitoring employee activity for unusual behavior. The more secure an onboarding process is, the easier and more secure it’ll be to offboard employees.

Ransomware is one of the fastest-growing cyber attack vectors, making it crucial to learn how to prevent it. To prevent ransomware attacks on your devices, you should avoid clicking suspicious links and attachments, never insert random USBs into your device, keep your Operating System (OS) up to date, use a Virtual Private Network (VPN) when connecting to public WiFi and use a password manager to ensure your passwords are strong.

Picture this: a high-security vault containing your company’s sensitive data. Unfortunately, the door is wide open, allowing anyone to enter unnoticed. This is the scary truth for firms that fail to audit Active Directory (AD). Why is an unmonitored AD such a concern? Well, your Active Directory is the central hub for user access and authentication. It stores the keys to your kingdom, such as passwords, group memberships, and sensitive accounts.