It's Cyber Security Awareness Month V.19, and the Password Manager is Becoming Obsolete

Cyber Security Awareness Month kicked off its nineteenth anniversary this year. One would hope that after nearly two decades, this would be a time to celebrate, however, the outlook is not as bright as one would expect. There are so many aspects of cybersecurity that have been promoted to make the world a safer place, but one that stands out as the largest failure seems to be the use of password managers.

CIS Hardening and Configuration Security Guide

The Center for Internet Security (CIS) published an updated version for the CIS Controls- CIS Controls v8. The CIS Controls are a set of gold standard guidelines for organizations facing data security issues. These controls were developed to simplify and help IT ops and security teams to remain focused on the essentials. The CIS updates its recommendation according to changes and new discoveries in the Information Security field. The 8th version of the CIS Controls was published in May 2021.

Opportunists Sneak into Darkbeam: 3.8 Billion Usernames and Passwords Exposed

Darkbeam is a top-performing cyber vulnerability and threat management provider with less than 25 employees. The company has reported over $1 million of revenue in recent years, with numbers as high as $5 million. Their recent acquisition by ApexAnalytics will hopefully increase these statistics, but numbers mean nothing if Darkbeam cannot rebuild its reputation. Darkbeam is the most recent company to suffer over 3 billion records stolen during a data breach.

A.I - Trick or T(h)reat?

Artificial Intelligence, often abbreviated to AI, refers to the development of computer systems capable of carrying out tasks and rendering decisions that traditionally demand human intelligence. This entails the creation of algorithms and models that empower machines to acquire knowledge from data, discern patterns, and adjust to unique information or scenarios.

Using Runtime Insights with Docker Scout to Prioritize Vulnerabilities

The cloud revolution has firmly taken hold, and businesses of all sizes are adopting cloud-native technologies. This new paradigm has also created newer attack surfaces for cybercriminals, who are eager to exploit known security gaps in cloud environments. Sysdig is collaborating with Docker to deliver a more efficient process for identifying risks and opportunities for accelerated remediation in Docker Scout using runtime insights.

Advancing Digital Resilience in the Financial Sector

Financial entities throughout the European Union are preparing for the Digital Operational Resilience Act (DORA), a new piece of legislation to strengthen the digital resilience of credit institutions, investment firms, insurers, and more. DORA focuses on breach prevention and cyber resilience, meaning financial institutions must prioritize both protecting their attack surface and incident response planning.

Ransomware Trends 2023, Q3 Report

Q3 will be remembered as a new record for the ransomware industry as it was the most successful quarter ever recorded. While the number skyrocketed in Q2 with 1386 cases, in Q3, the ransomware industry was able to surpass this number with 1420 cases. With no surprise, the U.S. continues to be the most targeted country by ransomware, while the business services sector is the most targeted sector.

Watch out for Frankenphisher - Cybersecurity Awareness Month 2023

Imagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM). Then, the scientist went truly mad by utilizing text, voice, and video generation paired with mutating and self-perpetuating malware, as well as continuous improvement through reinforcement learning. The concoction you would get from the scientist’s wild lab is called Frankenphisher, the most effective social engineering AI you can possibly imagine.