Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

‍SecurePortal, our innovative cybersecurity assessment platform, is now more versatile and user-friendly with significant enhancements. We’ve introduced an Impact and Probability matrix for a nuanced risk evaluation not based on CVSS 3 scores because of this all assessments are now directly delivered via the portal, eliminating the need for manual PDF reports.

Your data that’s stored with an organization you trusted could become exposed due to a targeted cyber attack or data breach. If your data was part of a public data breach, you need to change any compromised passwords, monitor your accounts for suspicious activity, freeze your credit and notify any relevant parties of the data breach. Continue reading to learn more about data breaches, how to recover from a data breach and how to prevent future data breaches from happening.

Phishing attacks are increasingly using open redirects to evade detection by security filters, according to researchers at Trustwave. Open redirects are URLs hosted on trusted domains that take users to separate, potentially malicious domains. The researchers explain the process using the example URL “hxxps://goodsitecom.” Trustwave has observed a “significant rise” in phishing attacks using open redirects over the past several months.

Check Point’s review of ransomware shows that the percent of organizations worldwide hit by this greatest of cyberthreats rose by a whopping 33% in 2023. In 2022, 1 in 13 organizations globally had been the victim of a ransomware attack. According to the latest Check Point Research, that ratio worsened to just 1 in 10 in 2023. That represents 60,000 attempted attacks per organization throughout the year.

Data provenance is a technology field that aims to help businesses increase trust through transparency of data, specifically by tracking the origin, change, and history of data and making it verifiable. Recently, the benefits of data provenance have become more important than ever. With the emergence of generative AI, all it takes are a few button clicks for anyone to create or manipulate data and convince others that fake data is trustworthy and real.

Over the past year, the social engineering tactics used for cyber attacks have evolved significantly as attackers manipulate the inherent trust, biases, and vulnerabilities of individual human behavior to gain unauthorized access to sensitive information or systems.

We don't think about it much, but moving data from our devices to various online locations is a complex process. It's just a single click for us but involves countless communications between servers. All these steps mean that there are countless places for a malicious actor to intervene and steal data. Transport Layer Security (TLS) stands at the forefront of data transmission defense and ensures that your information remains private as long as it travels across secure connections.

Effectively responding to cyber threats is all about speed and information. Defense specialists must react quickly to repel attacks and mitigate damages. However, cybercriminals are playing a different game. Bad actors try to sneak in undetected, hide their tracks, and leave the good guys scratching their heads. Luckily, it's exceptionally challenging to eliminate the indicators of attack (IOA) and the indicators of compromise (IOC).

Distributed Denial of Service (DDoS) attacks occur when adversaries overwhelm a connected target’s resources, aiming to make it unavailable. Learning the best strategies to protect from DDoS attacks is critical to energy grid cybersecurity. A well-planned DDoS attack on the grid could halt essential services, cause substantial disruptions to households and businesses, and prove incredibly costly. However, people can strengthen utilities’ cybersecurity with some best practices.

Abyss Locker is a relatively new ransomware operation that is believed to have launched in March 2023, when it began to target companies in attacks. The Abyss Locker ransomware group has evolved into a menace for a wide array of entities, including industrial control systems (ICS), enterprises, and public-sector organizations. This shift is attributed to the introduction of a specialized Linux encryptor designed to target VMware’s ESXi virtualized environments.