Accountability, CSO and Social Engineering

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Fun fact: 80% of these breaches occur at the endpoint , often via phishing or social engineering. From there, it’s possible to find devices with privileged accounts and take the attack further. So as investments go, checking device posture as part of your zero trust program is a huge win. Let’s talk VPNs.

Ransomware

Ransomware Risk Internet Internet

Cybersecurity First: #BeCyberSmart at Work and Home

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity

Cybersecurity Social Engineering Firewall Engineering

China-aligned APT renews cyberattack on European diplomats, as war rages

CSO Magazine

MARCH 9, 2022

TA416 (aka RedDelta ) is known to have been targeting Europe for several years using web bugs to profile target accounts, according to a research report by Proofpoint. To read this article in full, please click here

Social Engineering

Social Engineering Accountability Engineering Cybersecurity

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection

Threat Detection Authentication Accountability Data breaches

Darktrace/Email upgrade enhances generative AI email attack defense

CSO Magazine

APRIL 2, 2023

Darktrace has announced a new upgrade to its Darktrace/Email product with enhanced features that defend organizations from evolving cyberthreats including generative AI business email compromise (BEC) and novel social engineering attacks.

Social Engineering

Social Engineering Engineering Phishing Accountability

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. Instead, what it did was allow anyone with a usps.com account to modify a wildcard search without authentication permissions. And that’s just one phone. Velocity without security.

Digital transformation

Digital transformation Software Data breaches Authentication

Hackers fool major tech companies into handing over data of women and minors to abuse

Malwarebytes

APRIL 28, 2022

This happened because they provided information in response to emergency data requests from legitimate law enforcement accounts that hackers had compromised. Third, victims can’t protect themselves from such attacks unless they completely delete their accounts. This tactic has become prevalent in recent months.

CSO

CSO Accountability Authentication Cybersecurity

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

Making matters worse, the cameras employ facial recognition technology, which leads to questions as to whether an attacker could actually identify individuals caught on camera and then pursue them as targets for social engineering schemes or something even more nefarious. When surveillance leads to spying. What did Verkada do wrong?

Surveillance

Surveillance IoT Accountability Passwords

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Security Boulevard

OCTOBER 18, 2024

Those are the three major vectors that organizations must take into account in order to properly assess a cloud workload’s risk level and potential vulnerability impact. The most common types of attacks were social engineering; malware; denial of service; and compromise of unpatched systems.

Cybersecurity

Cybersecurity CISO CSO Risk

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

The Security Ledger

FEBRUARY 19, 2019

And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month's hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components. Vijay Balasubramaniyan of Pindrop joins us to talk about it.

Authentication

Authentication CSO Artificial Intelligence Social Engineering

Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources

Security Boulevard

NOVEMBER 8, 2024

Unraveling the True Security Risks ” (SecurityWeek) “ How deepfakes threaten biometric security controls ” (TechTarget) “ Deepfakes break through as business threat ” (CSO) 3 - Fake update variants dominate list of top malware in Q3 Hackers are doubling down on fake software-update attacks.

Phishing

Phishing Cybersecurity Ransomware Malware

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Fifteen years after the launch of the microblogging social media platform, Twitter remains a dominant public forum for instant communication with individuals and organizations worldwide on a universe of topics, including #cybersecurity. Lesson learned Kamkar continues to test security integrity as co-founder and CSO of Openpath Security.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

The Last Watchdog

DECEMBER 14, 2023

“Kerberoasting” and “Golden Ticket” attacks were both introduced in 2014 and yet enterprises continue to have hundreds of accounts configured with unconstrained delegation. Richard Bird , CSO, Traceable AI Bird The bad guys are showing no restraint in exploiting API security weakness to their advantage.

Cybersecurity

Cybersecurity Risk Cyber threats CSO

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

These groups are also shifting toward more human-centric exploits , like social engineering and insider assistance. These challenges include bias and discrimination embedded in algorithms, privacy violations due to enhanced surveillance capabilities, and the difficulty of assigning accountability for decisions made by AI systems.

Cybersecurity

Cybersecurity CISO Insurance IoT

Cyber Security Informer

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Cybersecurity First: #BeCyberSmart at Work and Home

Trending Sources

China-aligned APT renews cyberattack on European diplomats, as war rages

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Darktrace/Email upgrade enhances generative AI email attack defense

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

Hackers fool major tech companies into handing over data of women and minors to abuse

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources

Cyber Security Awareness and Risk Management

Top Cybersecurity Accounts to Follow on Twitter

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

Key Cybersecurity Trends for 2025. My Predictions

Stay Connected