Despite growing awareness and prioritization of cybersecurity, close to 22,000 vulnerabilities were published in 2021 alone. This concerning number proves that awareness and a willingness to invest in cybersecurity aren’t always enough to protect your organization’s network, and that network vulnerability is far from a problem of the past. To protect your networks, you need to continually monitor and assess their potential vulnerabilities to guarantee security.

CrowdStrike continues to support coverage of MITRE, first through the MITRE ATT&CK® framework and now with the latest findings from the MITRE Center for Threat-Informed Defense (CTID). Today MITRE CTID released a report examining threat trends and patterns frequently used by malicious insiders to exfiltrate data, access confidential information and commit fraud.

Social media has evolved to become much more than a simple platform to share thoughts and updates with the internet. Platforms such as Facebook, Twitter, and Instagram are frequently used for business, politics, news, and online events, in addition to their original purpose of social sharing.

As per the Varonis Global Data Risk Report for 2021, 13% of all the files and folders; and 15% of sensitive files in an organization are open to everyone. Further, when it comes to the SMEs, only 16% of them have done thorough cybersecurity posture reviews, and that too after encountering an attack. While organizations across the globe have very little or no preparedness when it comes to cybersecurity, cyberattacks are becoming more and more sophisticated.

The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to publish a joint warning that Russian hackers have targeted defence contractors to steal sensitive data.

Photo by ThisIsEngineering from Pexels Considered one of the largest exploitable vulnerabilities in history, Log4Shell affects many as Log4J is one of the most extensively used logging libraries. An issue that has existed for almost a decade but just recently was discovered, Log4Shell leaves companies vulnerable to the full extent of these attacks. AT&T Alien Labs blogged about the vulnerability back in December 2021, with more technical detail.

Read also: Google and Adobe address zero-day flaws, the US issues an alert over Russian hackers, and more.