Category: threat

As holidays season is fast approaching, most of the companies are interested in cutting down their operational costs by cutting security staff by 70% on weekend and holidays. But such a trend could lead to a serious scenario, where hackers can infiltrate the database, but the activity remains anonymous till the staff count returns to normalcy after the second week of January 2023.

Yes, this was confirmed in a recent security report released by Cybereason after it included the responses from over 1200 respondents belonging to the field of cyber security.

Cybereason report suggests attacks that target businesses during holidays and weekends are significant as they fetch great revenue losses for companies than those that occur during normal weekdays.

Predominantly, ransomware attacks top the list as they often take place on weekends and take a long time to be investigated and cause enormous financial damage.

Thus, better not to give any chance to hackers by reducing the staff count during holidays and weekends as it can backfire and could lead to losses that could triple the expenses met when appointing staff 24/7 all 365 days.

And never think that criminals might never be interested in small businesses. For them, data means an earning stream that can fetch money through a dark web. And so, they do not show any disparity between small and large companies for data siphoning.

 

The post Cyber threat as security staff reduction increases during holidays appeared first on Cybersecurity Insiders.

An application programming interface, or API, is a defined process that allows data to be shared between applications or programs. Each API consists of a set of rules that dictates how communication occurs between a client and a server or external program. The required request format, the authentication process, and the encryption of data all […]… Read More

The post What to Know about APIs, the “On-Ramps to the Digital World” appeared first on The State of Security.

USB Pen Drives also called as Removable pen drives are posing as a great cyber threat to IT Infrastructure says research carried out by IBM X-Force and another research carried out by Honeywell Cybersecurity claims that 52% of cyber attacks are targeted at the removable media.

In both cases, removable media or USB drives is seen acting as a common threat vector and the issue seems grave as it is posing as a big trouble to industrial control systems.

The 2022 Honeywell Industrial Cybersecurity USB Threat Report confirms that USB drives are posing as a great threat to operational systems as threat developers are using removable media to infect machines operating in critical environments.

Along with the USB’s, Trojans are also reportedly becoming a top concern as they have the potential to cause disruptions to industrial infrastructure on a serious note.

IBM X-Force also reported the same and revealed that personal laptops in the work environments were leading to more infection spread through USBs, as they are plugged into the user workstations and can spread the infection to computers networks within seconds or sometimes microseconds.

IBM report clearly specified that the usage of Pen drives should be prohibited in the work environments and concluded that most of the corporate networks have already followed this culture from the past 4-6 years.

As per the survey conducted by the cyber arm of International Business Machines, most of the drives have removed the Media port from their work and server stations to put down a permanent blockage to the threat vector….and that’s true in practical!

 

The post USB Pen Drives posing as a great cyber threat to IT Infrastructure appeared first on Cybersecurity Insiders.

During the last few years, we have witnessed an increase in advanced cyber attacks. Cybercriminals utilize advanced technology to breach the digital boundary and exploit enterprises’ security vulnerabilities. No industry feels secure; security professionals do their utmost to close security gaps and strengthen their cyber defense. As new technologies pop up at an unprecedented rate, […]… Read More

The post Convergence and adoption of AI and ML countering the cyber threat appeared first on The State of Security.

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale. Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of […]… Read More

The post The State of Data Security in 2022: The CISOs Perspective appeared first on The State of Security.

Ransomware attacks continue to plague organizations globally regardless of their size. In a press release by the NCC group that preceded the Annual Threat Monitor Report 2021 published for the year 2021, there were an estimated 2,690 ransomware attacks, a 92.7% increase from 2020s figures of 1,389. The increase of ransomware attacks builds upon the […]… Read More

The post Defense in Depth to minimize the impact of ransomware attacks appeared first on The State of Security.

In 2022, phishing attacks have not only increased substantially, but they have also taken a new turn of events. According to the Agari and PhishLabs Quarterly Threat Trends & Intelligence report, phishing attacks are gradually being delivered through a wide range of online platforms.  The classic email phishing attack technique has increased slightly, while other […]… Read More

The post Q1 2022 Phishing Threat Trends and Intelligence Report appeared first on The State of Security.

What is EDoS? Economic Denial of Sustainability (EDoS) is a cybersecurity threat targeting cloud environments. EDoS attacks exploit the elasticity of clouds, particularly auto-scaling capabilities, to inflate the billing of a cloud user until the account reaches bankruptcy or large-scale service withdrawal. EDoS attacks exploit the cloud’s economies of scale to disrupt or discontinue the […]… Read More

The post EDoS: The Next Big Threat to Your Cloud appeared first on The State of Security.