CYBER THIS WEEK – AUGUST 28, 2022


Ten Hard-hitting Cybersecurity Statistics for 2022

If one thing became clear in 2022, it was that no organization, regardless of its size or vertical, is safe from a data breach. A breach can happen to any organization, enterprise, or government at any time.

Ten Hard-hitting Cybersecurity Statistics for 2022 – Security Boulevard

Creating a technology risk and cyber risk appetite framework

Here’s how to build a comprehensive, measurable, and objective end-to-end risk appetite framework as a foundation for managing technology risk and cyber risk

Cybersecurity in banking: A risk-based approach | McKinsey

The 6 most overhyped technologies in IT

IT leaders are not immune to infatuation with the promise of emerging tech. Here, CIOs share which technologies they believe are primed to under deliver, offering advice on right-sizing expectations for each one.

The 6 most overhyped technologies in IT | CIO

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone

Microsoft Threat Intelligence Center (MSTIC) assesses that MagicWeb was likely deployed during an ongoing compromise and was leveraged by NOBELIUM possibly to maintain access during strategic remediation steps that could preempt eviction.

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone – Microsoft Security Blog

Cybersecurity Strategist : The Real Threat is  ‘Human Hack’

Technology gets the press. But it’s the person pressing the button. It’s always a human making a mistake,’ John Sileo, cybersecurity author and adviser, tells an audience at XChange 2022.

Cybersecurity Strategist: The Real Threat Is The ‘Human Hack’ | CRN

An Anatomy of Crypto-Enabled Cybercrimes

While the advent of cryptocurrencies and digital assets holds promise for improving and disrupting financial systems through offering cheap, quick, and secure transfer of value, it also opens up new payment channels for cybercrimes

An Anatomy of Crypto-Enabled Cybercrimes by Lin William Cong, Campbell R. Harvey, Daniel Rabetti, Zong-Yu Wu :: SSRN

What You Need to Know About the Psychology behind Cyber Resilience

The complexity, ceaselessness, and increasingly destructive nature of today’s cyber threats creates a high cognitive workload. This is why it’s crucial to ensure that employees are developing the right cognitive skills and agility to protect against attacks.

What You Need to Know about the Psychology behind Cyber Resilience (darkreading.com)

Firewall Bug under Active Attack Triggers CISA Warning

Software running Palo Alto Networks’ firewalls is under attack, prompting U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue a warning to public and federal IT security teams to apply available fixes. Federal agencies urged to patch the bug by September 9.

Firewall Bug Under Active Attack Triggers CISA Warning | Threatpost

Roasting 0ktapus: The phishing campaign going after Okta identity credentials

In the cyber arena, where there is a continuous arms race with offensive and defensive strategies trying to outcompete each other, techniques that overcome MFA have existed for some time. In this blog, Group IB share the techniques that utilize surprisingly simple tools that were used to overcome enterprise identity access management (IAM) and conduct supply chain attacks.

Roasting 0ktapus: The phishing campaign going after Okta identity credentials (group-ib.com)

How 2023 cybersecurity budget allocations are shaping up

Cybersecurity spending in the coming year may not be recession-proof, but it’s likely to be recession-resistant. Still, pressure remains on security leaders to prioritize technologies that generate the most bang for the buck.

How 2023 cybersecurity budget allocations are shaping up | CSO Online

Share: