CYBER THIS WEEK – AUGUST 28, 2022
Ten Hard-hitting Cybersecurity Statistics for 2022
If one thing became clear in 2022, it was that no organization, regardless of its size or vertical, is safe from a data breach. A breach can happen to any organization, enterprise, or government at any time.
Ten Hard-hitting Cybersecurity Statistics for 2022 – Security Boulevard
Creating a technology risk and cyber risk appetite framework
Here’s how to build a comprehensive, measurable, and objective end-to-end risk appetite framework as a foundation for managing technology risk and cyber risk
Cybersecurity in banking: A risk-based approach | McKinsey
The 6 most overhyped technologies in IT
IT leaders are not immune to infatuation with the promise of emerging tech. Here, CIOs share which technologies they believe are primed to under deliver, offering advice on right-sizing expectations for each one.
The 6 most overhyped technologies in IT | CIO
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Microsoft Threat Intelligence Center (MSTIC) assesses that MagicWeb was likely deployed during an ongoing compromise and was leveraged by NOBELIUM possibly to maintain access during strategic remediation steps that could preempt eviction.
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone – Microsoft Security Blog
Cybersecurity Strategist : The Real Threat is ‘Human Hack’
Technology gets the press. But it’s the person pressing the button. It’s always a human making a mistake,’ John Sileo, cybersecurity author and adviser, tells an audience at XChange 2022.
Cybersecurity Strategist: The Real Threat Is The ‘Human Hack’ | CRN
An Anatomy of Crypto-Enabled Cybercrimes
While the advent of cryptocurrencies and digital assets holds promise for improving and disrupting financial systems through offering cheap, quick, and secure transfer of value, it also opens up new payment channels for cybercrimes
What You Need to Know About the Psychology behind Cyber Resilience
The complexity, ceaselessness, and increasingly destructive nature of today’s cyber threats creates a high cognitive workload. This is why it’s crucial to ensure that employees are developing the right cognitive skills and agility to protect against attacks.
What You Need to Know about the Psychology behind Cyber Resilience (darkreading.com)
Firewall Bug under Active Attack Triggers CISA Warning
Software running Palo Alto Networks’ firewalls is under attack, prompting U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue a warning to public and federal IT security teams to apply available fixes. Federal agencies urged to patch the bug by September 9.
Firewall Bug Under Active Attack Triggers CISA Warning | Threatpost
Roasting 0ktapus: The phishing campaign going after Okta identity credentials
In the cyber arena, where there is a continuous arms race with offensive and defensive strategies trying to outcompete each other, techniques that overcome MFA have existed for some time. In this blog, Group IB share the techniques that utilize surprisingly simple tools that were used to overcome enterprise identity access management (IAM) and conduct supply chain attacks.
Roasting 0ktapus: The phishing campaign going after Okta identity credentials (group-ib.com)
How 2023 cybersecurity budget allocations are shaping up
Cybersecurity spending in the coming year may not be recession-proof, but it’s likely to be recession-resistant. Still, pressure remains on security leaders to prioritize technologies that generate the most bang for the buck.
How 2023 cybersecurity budget allocations are shaping up | CSO Online