Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Center for Internet Security (CIS) published an updated version for the CIS Controls- CIS Controls v8. The CIS Controls are a set of gold standard guidelines for organizations facing data security issues. These controls were developed to simplify and help IT ops and security teams to remain focused on the essentials. The CIS updates its recommendation according to changes and new discoveries in the Information Security field. The 8th version of the CIS Controls was published in May 2021.

Darkbeam is a top-performing cyber vulnerability and threat management provider with less than 25 employees. The company has reported over $1 million of revenue in recent years, with numbers as high as $5 million. Their recent acquisition by ApexAnalytics will hopefully increase these statistics, but numbers mean nothing if Darkbeam cannot rebuild its reputation. Darkbeam is the most recent company to suffer over 3 billion records stolen during a data breach.

Financial entities throughout the European Union are preparing for the Digital Operational Resilience Act (DORA), a new piece of legislation to strengthen the digital resilience of credit institutions, investment firms, insurers, and more. DORA focuses on breach prevention and cyber resilience, meaning financial institutions must prioritize both protecting their attack surface and incident response planning.

Artificial Intelligence, often abbreviated to AI, refers to the development of computer systems capable of carrying out tasks and rendering decisions that traditionally demand human intelligence. This entails the creation of algorithms and models that empower machines to acquire knowledge from data, discern patterns, and adjust to unique information or scenarios.

Q3 will be remembered as a new record for the ransomware industry as it was the most successful quarter ever recorded. While the number skyrocketed in Q2 with 1386 cases, in Q3, the ransomware industry was able to surpass this number with 1420 cases. With no surprise, the U.S. continues to be the most targeted country by ransomware, while the business services sector is the most targeted sector.

The infostealer malware Rhadamanthys was discovered in the last quarter of 2022. Its capabilities showed a special interest in crypto currency wallets, targeting both wallet clients installed in the victim’s machine and browser extensions. The main distribution methods observed for this threat are fake software websites promoted through Google Ads, and phishing emails, without discriminating by region or vertical.

Cybersecurity Awareness Month has been celebrated every October for 20 years. This initiative, promoted by the Cybersecurity and Infrastructure Agency (CISA) with the support of the National Cybersecurity Alliance, aims to raise awareness of the importance of implementing a comprehensive cybersecurity system.

Happy Cybersecurity Awareness Month! Since 2004, the United States has recognized October as Cybersecurity Awareness Month. The president at the time, George Bush, alongside the United States Congress, declared October as the month to dedicate to cybersecurity and raise awareness about the importance of protecting sensitive information in the following sectors: Each of these sectors plays a significant role in shaping society's social, economic, and political landscape in the past, future, and present.