Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

After thirteen years in the cybersecurity industry, I’ve come to one sobering conclusion: given enough time, everyone will suffer a data breach. It’s just a question of severity.

When encountering a scammer online, the best method is to block, report, and move on. Let the law take charge of handing out consequences to scammers, and you can focus on stopping scammers in their tracks. Sometimes, this can be more challenging as online scammers become more adept at tricking people into believing their lies, using technology, social engineering, and emotional manipulation to achieve their aims.

'Cyber insecurity' is among the most pressing issues facing organizations globally in 2024, according to new research from the World Economic Forum (WEF). In its Global Cybersecurity Outlook 2024 report, the WEF found that more than eight in ten organizations surveyed feel more or as exposed to cyber crime than last year.

Read also: JFK hackers sentenced, the US offers up to $15M for tips on Hive gang leaders, and more.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. With the rising interest in DNSSEC, sadly we have a huge, and I mean really huge problem…

The United States government has established strict regulations to safeguard intellectual property and military superiority. Compliance with the International Traffic in Arms Regulations (ITAR) is imperative for companies involved with U.S. defense technologies and data. Failure to comply can lead to severe legal and financial repercussions, as well as reputational damage.

On February 2nd, the remote desktop application AnyDesk was the target of a cybersecurity breach, marking a significant event in digital security. Hackers infiltrated AnyDesk's production environment, sparking concerns over data integrity and user security.

“A man walks into a bank…” That may sound like the start of a joke but as hacker and security consultant Jayson E. Street tells it, it’s really nothing to laugh at. He’s walked into banks, hotels, government facilities, and biochemical companies all over the world and successfully compromised them.

Good news for organisations who have fallen victim to the notorious Rhysida ransomware. A group of South Korean security researchers have uncovered a vulnerability in the infamous ransomware. This vulnerability provides a way for encrypted files to be unscrambled. Researchers from Kookmin University describe how they exploited an implementation flaw in Rhysida’s code to regenerate its encryption key in a technical paper about their findings.

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard.