2022, Authentication and Threat Reports

Thales 2023 Data Threat Report: Sovereignty, Transformation, and Global Challenges

Thales Cloud Protection & Licensing

MAY 8, 2023

Thales 2023 Data Threat Report: Sovereignty, Transformation, and Global Challenges madhav Tue, 05/09/2023 - 05:30 Despite the economic and geopolitical instability in 2022, enterprises continued to invest in their operations and digital transformation. This article highlights the key findings of the report.

Threat Reports

Threat Reports Digital transformation Data breaches Encryption

Financial cyberthreats in 2022

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. In 2022, we saw a major upgrade of the notorious Emotet botnet as well as the launch of massive campaigns by Emotet operators throughout the year.

Banking

Banking Phishing Cryptocurrency Mobile

Good game, well played: an overview of gaming-related cyberthreats in 2022

SecureList

SEPTEMBER 6, 2022

According to the analytical agency Newzoo, in 2022, the global gaming market will exceed $ 200 billion , with 3 billion players globally. Top game titles by number of related threats. Since then, the industry has never stopped growing.

Mobile

Mobile Passwords Software Accountability

2024 Thales Global Data Threat Report: Trends in Financial Services

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

2024 Thales Global Data Threat Report: Trends in Financial Services madhav Tue, 10/15/2024 - 05:17 Financial services (FinServ) firms are key players in the global economy. A lack of multifactor authentication (MFA) to protect privileged accounts was another culprit, at 10%, also 7 percentage points lower than average.

Financial Services

Financial Services Threat Reports Authentication Banking

CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

AUGUST 19, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical SAP vulnerability, tracked as CVE-2022-22536 , to its Known Exploited Vulnerabilities Catalog a few days after researchers shared details about the issue at the Black Hat and Def Con hacker conferences. reads the Threat Report.

Internet

Internet Internet Threat Reports Risk

Identity Management Day 2022: Identity Security Is Our Responsibility

Thales Cloud Protection & Licensing

APRIL 12, 2022

Identity Management Day 2022: Identity Security Is Our Responsibility. Tue, 04/12/2022 - 09:41. Identity Management Day 2022 , sponsored by Identity Defined Security Alliance and National Cybersecurity Alliance, is a reminder to make identity management and digital identity security a priority.

Authentication

Authentication Digital transformation Data breaches Phishing

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication.

Financial Services

Financial Services Threat Reports Architecture Technology

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2022

Wed, 11/23/2022 - 07:07. The 2022 Thales Data Threat Report: Retail Edition , finds that 45% of retail respondents reported that the volume, severity and/or scope of cyberattacks had increased in the previous 12 months. Are Retailers Shopping for a Cybersecurity Breach? Data Security. More About This Author >.

Retail

Retail Cybersecurity Threat Reports Ransomware

CISA warns to address SAP ICMAD flaw immediately

Security Affairs

FEBRUARY 9, 2022

Internet Communication Manager Advanced Desync (ICMAD) is a memory pipes (MPI) desynchronization vulnerability tracked as CVE-2022-22536. ” reads the Threat Report. The US CISA warns to address a severe security vulnerability dubbed ICMAD impacting SAP business apps using ICM. The flaw received a CVSSv3 score of 10.0.

Internet

Internet Internet Threat Reports Authentication

SAP customers are urged to patch critical vulnerabilities in multiple products

Malwarebytes

FEBRUARY 10, 2022

On February 8, SAP released 14 new security notes and security researchers from Onapsis, in coordination with SAP, released a Threat Report describing SAP ICM critical vulnerabilities, CVE-2022-22536 , CVE-2022-22532 , and CVE-2022-22533. CVE-2022-22536. The high score is easy to explain. respectively.

Internet

Internet Internet Threat Reports Authentication

Access Management is Essential for Strengthening OT Security

Thales Cloud Protection & Licensing

MAY 23, 2022

Tue, 05/24/2022 - 06:11. The alert detailed cyber threats which can lead to ransomware, data theft and disruption of healthcare services. However, and despite receiving notable attention, only 56% of healthcare companies have formal ransomware response plans, reports the Thales 2022 Data Threats Report.

Healthcare

Healthcare Ransomware Authentication Threat Reports

Shifting Risk and Business Environment Demand creates a Shift in Security Strategies

Thales Cloud Protection & Licensing

MARCH 23, 2022

Thu, 03/24/2022 - 05:00. The 2022 Thales Data Threat Report, based on data from a survey of almost 2,800 respondents from 17 countries across the globe, illustrates these trends and changes. 2021 Report. 2022 Report. 47% of respondents are concerned about security threats of quantum computing.

Risk

Risk Encryption Ransomware Technology

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware.

Malware

Malware Cybercrime Software Accountability

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

The ransomware operation has been active since late December 2019, this is the second time that the FBI first shares IoC related to RagnarLocker operation, the FBI first became aware of this threat in April 2020. Use multi-factor authentication with strong passwords, including for remote access services.

Ransomware

Ransomware Financial Services Passwords VPN

Thales and Palo Alto Networks collaborate to offer mid-markets the enterprise protection

Thales Cloud Protection & Licensing

AUGUST 1, 2022

Tue, 08/02/2022 - 05:05. Combatting Cybersecurity Threats Through Integration. According to a recent study by RSM US , nearly three-quarters of middle-market businesses will experience a cyberattack in 2022. The problem of the increasing threat landscape is equally reflected in the 2022 Thales Data Threat Report.

Marketing

Marketing Digital transformation Cloud Migration Authentication

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Cyberattack Statistics.

Backups

Backups Ransomware Firewall Malware

The Importance of IAM in Critical Infrastructure

Security Boulevard

SEPTEMBER 11, 2024

The 2024 Thales Data Threat Report, Critical Infrastructure Edition , revealed that almost 93% of CI respondents reported increased attacks. However, human error can be mitigated, in part, by deploying Multi-Factor Authentication (MFA) and maintaining audit logs in conjunction with an access management solution.

Authentication

Authentication Cyber threats Data breaches Phishing

The Importance of IAM in Critical Infrastructure

Thales Cloud Protection & Licensing

SEPTEMBER 11, 2024

The 2024 Thales Data Threat Report, Critical Infrastructure Edition , revealed that almost 93% of CI respondents reported increased attacks. However, human error can be mitigated, in part, by deploying Multi-Factor Authentication (MFA) and maintaining audit logs in conjunction with an access management solution.

Authentication

Authentication Cyber threats Data breaches Phishing

What Were the Best Cybersecurity Webinars of 2021?

CyberSecurity Insiders

DECEMBER 29, 2021

Register now for our upcoming 2022 webinars on topics including cloud security, market trends, and Zero Trust so you stay current on trending topics. The Many Ways to Defeat Multi-Factor Authentication. Defending Against the Modern Threat Landscape with Zero Trust. Exploring Passwordless Authentication.

Cybersecurity

Cybersecurity Ransomware Password Management Education

One Year Later: What Have We Learned Since the Colonial Pipeline Attack

Thales Cloud Protection & Licensing

MAY 9, 2022

Mon, 05/09/2022 - 05:40. Attacks on Critical National Infrastructure will continue to rise in 2022 as ransomware gangs show no signs of abating. However, even after the Colonial Pipeline attack, less than half of businesses (48%) have a formal ransomware plan according to the 2022 Thales Data Threat Report.

Cyber Insurance

Cyber Insurance Insurance Backups Ransomware

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats

Thales Cloud Protection & Licensing

OCTOBER 19, 2022

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats. Thu, 10/20/2022 - 06:20. The manufacturing edition of the Thales 2022 Data Threat report sheds a light on how these industries are susceptible to cyber threats and provides advice on improving a manufacturing cybersecurity posture.

Manufacturing

Manufacturing Cyber threats Encryption IoT

How to Prevent and Protect Against Supply Chain Attacks

Thales Cloud Protection & Licensing

MARCH 30, 2022

Wed, 03/30/2022 - 04:32. The underlying rule should be to expand modern and multi-factor authentication to all users and applications in your organization, whether those apps reside on-prem or in the cloud. Not all Authentication Methods are Created Equal. Most organizations today rely on authenticator apps and Push OTP for MFA.

Authentication

Authentication CISO VPN Threat Reports

Protect your organisation from phishing with MFA and Passkeys

Thales Cloud Protection & Licensing

OCTOBER 9, 2023

The following article will take a closer look at the rising threat, the benefits of FIDO2 authentication, the rapidly changing regulatory landscape and the different types of passkeys. In the 2023 Thales Global Data Threat Report 41% of respondents reported seeing a rise in phishing attacks.

Phishing

Phishing Authentication Passwords Mobile

The Ongoing Cyber Threat to Critical Infrastructure

Thales Cloud Protection & Licensing

JULY 21, 2022

Thu, 07/21/2022 - 12:28. With that in mind, Thales has launched the 2022 Thales Data Threat Report Critical Infrastructure Edition, which includes responses from 300 security leaders and practitioners within critical infrastructure organizations. The effects of cyberattacks on critical infrastructure can be catastrophic.

Cyber threats

Cyber threats Energy and Utilities Ransomware IoT

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

Thales Cloud Protection & Licensing

AUGUST 31, 2022

Thu, 09/01/2022 - 05:15. The 2022 Thales Data Threat Report, Financial Services Edition, outlines the challenges financial services organizations face securing sensitive data and provides guidance around reducing the risk of attacks such as ransomware, malware, phishing, and denial of service. More About This Author >.

Financial Services

Financial Services Cybersecurity Computers and Electronics Banking

The Retail Data Threat Environment and Why CIAM is a Key Cornerstone to Better Cybersecurity.

Thales Cloud Protection & Licensing

MAY 10, 2023

In fact, only 49% of organizations have a ransomware response plan, compared to 48% in 2022. Analyst firm KuppingerCole says CIAM solutions “allow users to register, associate device and other digital identities, authenticate, authorize, collect, and store information about consumers from across many domains.”

Retail

Retail Cybersecurity Ransomware Authentication

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia divya Thu, 02/02/2023 - 06:35 In response to the increased number of attacks targeting the personal data of millions of Indonesian citizens, the government passed the first Personal Data Protection (PDP) Law in 2022.

Encryption

Encryption Data breaches Authentication Risk

The Clock is Ticking for PCI DSS 4.0 Compliance

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

According to the 2022 Thales Data Threat Report – Financial Services Edition , 52% of U.S. financial services organizations report that they have experienced a data breach in the past. Even more alarming, 43% reported an increase in the volume, severity, and scope of cyberattacks in the last year.

Financial Services

Financial Services Data breaches Accountability Encryption

ICMAD Vulnerability Added to CISA’s Known Exploited Vulnerabilities Catalog

Security Boulevard

AUGUST 22, 2022

Mon, 08/22/2022 - 15:40. Download the Report: Onapsis and SAP Partner to Discover and Patch Critical ICMAD Vulnerabilities. . On August 18, 2022, The US Cybersecurity and Infrastructure Security Agency (CISA) added one of these critical SAP vulnerabilities–CVE-2022-22536–to its Known Exploited Vulnerabilities Catalog (KEV).

Internet

Internet Internet Identity Theft Risk

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Thales Cloud Protection & Licensing

JANUARY 16, 2024

This new regulation ( EU 2022/2554 ) requires financial entities, and their critical Information and Communication Technology (ICT) suppliers, to implement contractual, organisational and technical measures to improve the level of digital operational resilience of the sector.

Financial Services

Financial Services Cybersecurity Encryption Risk

Financial cyberthreats in 2021

SecureList

FEBRUARY 23, 2022

This report aims to offer thorough insights into the financial cyberthreat landscape in 2021. The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape.

Banking

Banking Phishing Cryptocurrency Malware

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. Passwordless authentication : Eliminates passwords in favor of other types of authentication such as passkeys, SSO, biometrics, or email access.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

How Does HTTP Response Smuggling Work

Security Boulevard

FEBRUARY 25, 2022

Fri, 02/25/2022 - 13:14. is simple, requires no previous authentication, no preconditions are necessary, and the payload can be sent through HTTP(S). To learn more about the ICMAD vulnerabilities and the research behind it, take a look at our threat report. How Does HTTP Response Smuggling Work .

Threat Reports

Threat Reports Internet Internet Authentication

Security Roundup September 2023

BH Consulting

SEPTEMBER 14, 2023

Meanwhile the FBI reports that losses resulting from the crime came to a staggering $2.7 Trustwave said BEC incidents were up by 25 per cent in Q1 of this year compared to the same period in 2022. Its 2023 phishing threats report combines findings from email security data with a survey of security decision makers.

Scams

Scams Passwords Social Engineering Cybersecurity

Data Privacy and Security: It Takes Two to Tango

Thales Cloud Protection & Licensing

JANUARY 24, 2022

Tue, 01/25/2022 - 05:15. This trend is demonstrated in the latest Thales Data Threat Report 2021 ; 55% of the survey respondents reported that more than 40% of their data now resides in a cloud platform. However, with technology innovation comes new risks, security challenges and threats. Every week of 2022.

Data privacy

Data privacy Data breaches Social Engineering Technology

How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost

Thales Cloud Protection & Licensing

JUNE 27, 2022

Tue, 06/28/2022 - 05:19. In the 2022 Thales Data Threat Report 451 Research found that 39% of US federal agencies use 50 or more SaaS applications, and 83% store more than 30% of all their data in the cloud. How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost.

Government

Government Risk Artificial Intelligence Big data

The Evolving Cybersecurity Threats to Critical National Infrastructure

Thales Cloud Protection & Licensing

OCTOBER 23, 2023

However, simple actions like adopting multi-factor authentication (MFA) or encrypting sensitive data everywhere should be exercised throughout the year and not just during that month. The ongoing attacks and threats to CNI demonstrate that the entire landscape of OT security has changed and can no longer be considered separate from IT.

Energy and Utilities

Energy and Utilities Cybersecurity Ransomware Technology

Cyber Security Informer

Thales 2023 Data Threat Report: Sovereignty, Transformation, and Global Challenges

Financial cyberthreats in 2022

Trending Sources

Good game, well played: an overview of gaming-related cyberthreats in 2022

2024 Thales Global Data Threat Report: Trends in Financial Services

CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog

Identity Management Day 2022: Identity Security Is Our Responsibility

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Are Retailers Shopping for a Cybersecurity Breach?

CISA warns to address SAP ICMAD flaw immediately

SAP customers are urged to patch critical vulnerabilities in multiple products

Access Management is Essential for Strengthening OT Security

Shifting Risk and Business Environment Demand creates a Shift in Security Strategies

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Thales and Palo Alto Networks collaborate to offer mid-markets the enterprise protection

What is a Cyberattack? Types and Defenses

The Importance of IAM in Critical Infrastructure

The Importance of IAM in Critical Infrastructure

What Were the Best Cybersecurity Webinars of 2021?

One Year Later: What Have We Learned Since the Colonial Pipeline Attack

Manufacturing needs to adopt a Zero Trust approach to mitigate increased cyber threats

How to Prevent and Protect Against Supply Chain Attacks

Protect your organisation from phishing with MFA and Passkeys

The Ongoing Cyber Threat to Critical Infrastructure

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

The Retail Data Threat Environment and Why CIAM is a Key Cornerstone to Better Cybersecurity.

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia

The Clock is Ticking for PCI DSS 4.0 Compliance

ICMAD Vulnerability Added to CISA’s Known Exploited Vulnerabilities Catalog

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Financial cyberthreats in 2021

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

How Does HTTP Response Smuggling Work

Security Roundup September 2023

Data Privacy and Security: It Takes Two to Tango

How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost

The Evolving Cybersecurity Threats to Critical National Infrastructure

Stay Connected