Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Firewall Daily

As we reflect on the transformative year of 2023 in the cybersecurity domain, we gather invaluable insights from industry experts who have been at the forefront of this landscape. The expert commentary is not just about reflection but also about preparation. Their insights provide a clearer understanding of the cyber   show more ...

space, offering valuable guidance for companies to strategize and reinforce their defenses for future challenges. From zero-day vulnerabilities to the nuances of threat intelligence, these experts delve into the strategic maneuvers that defined 2023. The discussion extends beyond technicalities, revealing the human side of cybersecurity, where resilience intertwines with innovation. This is more than just a retrospective glance; it’s an in-depth exploration of the pivotal moments and strategic decisions that shaped 2023. We have gathered the thoughts of those who architect the cybersecurity defenses to extract the essential lessons that have left an indelible mark on the field. So, let’s dive through the cyber trenches and explore the candid, conversational perspectives of industry trailblazers. Vijayant Gaur (Cyber Security Consultant and currently supporting Uttar Pradesh Power Corporation Limited (UPPCL)) In the ever-evolving landscape of cybersecurity, the acceleration of digital transformation has brought forth diverse attack vectors. With the adoption of Zero Trust Architecture, organizations prioritize a holistic approach to security, mitigating risks from insider threats and zero-day exploits. The critical infrastructure protection paradigm extends to cloud security challenges, emphasizing the need to fortify against supply chain vulnerabilities. As IoT and connected devices expand the attack surface, the importance of threat intelligence becomes paramount. Addressing exploitation of software vulnerabilities, businesses navigate a complex terrain, implementing robust measures to ensure resilience in the face of emerging threats. Amitabh Bhardwaj (Joint Director (IT and Cyber Security)) As per my opinion, one of the most important lessons learned in 2023 is that cybersecurity is a shared responsibility. It is no longer enough for Info security professionals but for all of the organizations to simply implement security measures. Everyone, from individuals to businesses to governments, has a role to play in protecting the digital world. Next key lesson learned is that cybersecurity is not a one-time fix. It is an ongoing process that requires constant vigilance and adaptation. As attackers become more sophisticated, likewise organizations need to be constantly evolving their security strategies and threat intelligence to stay ahead of the curve. Besides this, the cybersecurity industry has also learned a number of specific things in 2023. For example, we have learned more about the dangers of supply chain attacks, and we have developed new techniques for defending against them. We have also learned more about the importance of data security, and we have developed new tools and techniques for protecting sensitive data. Neal Quinn (Head of Cloud Security Services, Radware) First, Burst Attacks ramp up faster than the polling intervals outlined above, causing an outage before the attack is even visible to an operator. These Burst Attacks contrast with years past where the attack took more time to ramp up. Attackers now have instant access to large attack networks, utilizing a combination of public cloud computing and purpose-built infrastructures to create instant volumes approaching 1Tbps. Mitigation solutions that rely on human intervention to profile the attack and activate the right countermeasure are no longer fast enough to mitigate the attack before it causes an outage. Automated protection solutions that use algorithms to spot events quicker are necessary to address this type of problem. The second and more important shift in the threat intelligence landscape is the migration of attacks up the stack to the application layer.  While HTTP Floods have been common for many years, they relied on easier to spot patterns that could be mitigated with a static signature. A new breed of HTTPS Floods, called Web DDoS Tsunamis, however, now uses encryption to defeat traditional packet sniffing approaches to attack profiling. These attacks also use numerous evasion techniques tailored to sneak past most DDoS mitigation clouds and rely on much faster modulation through application headers that mimic real users. With these advancements, we now see attack signatures that look like legitimate traffic come from a larger pool of IP addresses with low per-bot request rates. The combination of rapid signature change and low per-bot rates makes existing approaches like rate limiting and IP blacklisting ineffective. In 2023, there were numerous examples of large internet properties being crippled by these attacks. The only effective protection solution is to field advanced algorithms that use machine learning to continuously develop and deploy accurate signatures in real-time as they fight the attack. The combination of Burst Attacks with Web DDoS Tsunamis has seen many purpose-built defenses struggle to adapt to the scale and complexity of the contemporary attack landscape.  New methods are being deployed by the best providers to stay ahead of the curve. We can expect to see this trend continue into 2024. Satnam Narang (Senior Staff Research Engineer, Tenable) Mass exploitation of CVE-2023-4966, a critical sensitive information disclosure vulnerability in Citrix’s NetScaler ADC and Gateway products, has been ongoing since October 30. Dubbed “CitrixBleed” by researchers, at the time, there were estimates of 30,000 internet-facing assets that were vulnerable to this flaw. Recent analysis suggests that the number has decreased to over 10,000 assets with the majority located in the United States. With publicly available proof-of-concept exploit code, a variety of threat actors have been leveraging this flaw as part of their attacks over the last few weeks, including affiliates of the infamous LockBit ransomware group and Medusa. Ransomware groups are mostly indiscriminate in their attacks, motivated by profits over anything else. Organizations that use Netscaler ADC and Gateway products must prioritize patching these systems immediately as the threat of exploitation is extremely high, especially by ransomware groups. Aaron Bugal, Field CTO (Asia Pacific and Japan, Sophos) With the help of advanced AI, deepfake videos and images are being increasingly created by taking advantage of content posted on public social media profiles. While setting social profiles to private and limiting them to only known friends or contacts can help limit overt exposure, it isn’t a guarantee that someone among them won’t repost it or use it for nefarious purposes. It is reassuring to see the Indian Ministry of Electronics and Information Technology (MeitY) sent an advisory to social media companies urging them to tackle deep-fake content. In the advisory, the government also warned social media intermediaries that failing to remove deepfake information from their platforms might result in penalties such as losing safe harbour rights, among other things. Such stringent advice from the government can help to flatten the curve of data being exploited to create deepfake content. As a protective measure, digitally signed videos can be a way to verify that content can be trusted. Much like how certificates are used to validate website security and email communications, the same could be used for validating digital media. As technology evolves and deepfake production times shrink and quality vastly improves, a point may come where it’s impossible to distinguish a deepfake from real recorded content; therefore, validating content as true using a signing or verification process is needed. Jane Teh (SEA Cybersecurity Director, Deloitte) In year 2023, the FSI, production and heavy industries has been toeing the line of battling with increase of threat landscape, breaches, firefighting with limited key skilled resources whilst tightening their belts; consolidating security technology stacks, combating the increase of platform licenses; this in turns increases security cost exponentially & not sustainable from a business perspective. This trend and efforts will spill over till year 2025, therefore, CISOs or security heads are tasked to balance the scale of increasing organization’s cybersecurity resiliency, optimising security operations in line with business objectives and be more cost effective, as a result of it. Sachin Kawalkar (Global CISO and Cyber head Neeyamo) Since world is moving toward more digitalisation there is big rise and need for sustainability (connecting multiple devices for a longer duration) among consumers and modern digital applications. There is a mandatory need of implementing Secure by Design in the modernization process and identifying current and future threats among stakeholders while designing the architecture. It is extremely necessary to robustly secure enterprises in this digitally evolving world as the complexity of cyber security risk and challenges is going to increase. We need to well-equipped technology solutions and training and nurturing talent and making them understand cybersecurity fundamentals, techniques and solutions to safeguard Information and Organization. Insights, Shifts, and What Lies Ahead The cybersecurity exploration in 2023 reveals itself as an engaging storyline, where experts fearlessly navigate unfamiliar territories. From the accelerated adoption of Zero Trust Architecture to the escalating threat of Burst Attacks and Web DDoS Tsunamis, the industry witnessed a dynamic shift, demanding continuous adaptation. A key takeaway resonates — cybersecurity is a shared responsibility, transcending traditional boundaries. As the digital landscape evolves, the need for constant vigilance and adaptation becomes evident. The landscape is no longer confined to technicalities; it’s a human story where resilience intertwines with innovation. The lessons aren’t just about defense but also about fortifying critical infrastructure against supply chain vulnerabilities, addressing the dangers of mass exploitation, and confronting the rise of deepfake content. As we peer into the future, the only certainty is the need for advanced algorithms, continuous learning, and a collective effort to stay ahead of the ever-evolving threat landscape. 2023 leaves us with a cliffhanger, anticipating how the industry will rise to the challenges and what new narratives will unfold in the ever-shifting landscape of cybersecurity. The stage is set for 2024, promising innovation, adaptation, and the resilience of those dedicated to safeguarding the digital realm. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Firewall Daily

In an interview with The Cyber Express, Bradley J. Schaufenbuel, VP and Chief Information Security Officer at Paychex, shared insights into his nuanced approach to addressing unique data protection challenges. During the conversation, he discussed the forthcoming cybersecurity trends for 2024, highlighting the   show more ...

significance of generative AI, zero-trust architectures, and the dynamic evolution of ransomware threats. Renowned for his contributions as the author of ‘For Dummies’ books on cybersecurity, Schaufenbuel distilled key principles for businesses, highlighting continuous improvement, the role of employees, and fostering a security mindset. He also provided valuable perspectives on navigating legal compliance and managing complexities. Expert Insights Into Unique Data Protection Challenges Emphasizing a risk-based approach to cybersecurity investments, Schaufenbuel highlighted the immense value of peer collaboration and industry engagement as key strategies for staying informed and effective in the dynamic field of cybersecurity. How do you leverage your expertise in law, IT, and cybersecurity, spanning legal, financial, and healthcare sectors, to address unique data protection challenges in protecting sensitive data as a CISO? When it comes to building a cybersecurity program that meets the standard of “due care”, it helps to know how courts have established what activities and controls are encompassed by that term of art (and how that standard is changing over time). When it comes to securing information in a digital form, it helps to understand the technology used to generate, store, and process that information. When it comes to gaining support for your security program from peer executives, it helps to thoroughly understand the business you are in. Each perspective augments and enhances the other. What are the upcoming cybersecurity trends expected to gain prominence in 2024, and how should organizations adapt their strategies and defenses to counter evolving cyber threats? I am not great at predicting the future.  If I was, I would be a gambler or an investor, not a cybersecurity practitioner. But here are three safe bets: Advances in generative artificial intelligence will continue to drive the evolution of both attacks and defense. We are already seeing attackers leverage large language models to generate more sophisticated phishing attacks and deepfakes. Defenders will need to leverage generative AI to detect and stop these attacks. More organizations will attempt to adopt zero trust architectures, but because zero trust solutions are being built on a foundation of immature identity technology stacks, progress will be slow. Ransomware attacks will continue to evolve and snare organizations with both mature and immature cybersecurity programs. Double extortion will become standard (if it is not already), with techniques for disruption other than encryption of data becoming more common. In your ‘For Dummies’ books, you’ve simplified complex cybersecurity concepts. What key principles do you think are essential for businesses to address data protection challenges? Three key principles I would highlight are: Improving and maintaining an organization’s cybersecurity posture is not a “one and done” project. You must continuously evolve your capabilities with the changing threat landscape. The job is never done. People can either be the greatest asset to, or the greatest liability of, a cybersecurity program. Well trained employees can serve as a “human firewall”, protecting the organization from cyber attackers. Poorly trained people become the easiest way for an attacker to subvert an organization’s technical controls. Cybersecurity is a team sport and culture beats strategy every time. You can have the best information security team and the most advanced tools on the planet, but without a culturally embedded security mindset, you can still get popped. As a cybersecurity expert with a deep understanding of legal frameworks, how do you navigate and balance the complexities inherent in aligning legal compliance with cybersecurity measures? There are thousands of legal and regulatory requirements related to cybersecurity and data protection across hundreds of unique jurisdictions and dozens of voluntary security frameworks and standards. Many of the requirements of these sources overlap. The only way I have found to effectively deal with this complexity is to determine which requirements apply to your organization and then map them to your organization’s controls. Where your controls fall short of meeting one or more legal or regulatory requirements, the gap must be closed. This mapping exercise can be time-consuming but is necessary to make sure that you are addressing data protection challenges holistically. Additionally, in your experience, what are the key challenges when ensuring that cybersecurity strategies not only meet legal requirements but also effectively protect against evolving digital threats? Legal and regulatory requirements are nothing more than a baseline that you cannot dip below.  All cybersecurity investments that go above and beyond meeting those baseline requirements should be risk-based. What I mean by that is that you should be working with the governing body of your organization to understand its risk appetite and set risk thresholds. You should then be performing regular (if not continuous) cybersecurity risk assessments. Where cybersecurity risks exceed risk thresholds, you should be investing in controls that mitigate that risk to an acceptable level. A risk-based approach to cybersecurity investment is far more effective (and cost-effective) than buying and deploying every “shiny object” you encounter. How do you personally stay sharp and continually develop your skills in the rapidly evolving field of cybersecurity? Are there specific resources or practices you find particularly valuable? Fortunately, I am passionate about what I do. I absolutely love being a cybersecurity professional. When you are passionate about something (whether it is cybersecurity, football, politics, or cost accounting), you tend to have an insatiable curiosity about all things related to that something. The resource I turn to most often is my peers. You can learn a lot from people who are facing the same challenges as you are. That means I attend a lot of CISO roundtables and summits. There is value in the big events (e.g., RSA and Black Hat), but even more value in more intimate venues like local CISO dinners and roundtables. When there is not time to wait for an event, I turn to blogs and podcasts to stay on top of the latest and greatest developments in the world of cybersecurity. There are far too many to list here, but Dark Reading, Krebs on Security, Schneier on Security, and, of course, The Cyber Express, are a few of my favorites. Given the interconnected nature of the digital landscape, do you engage in cross-industry collaboration regarding information security, and if so, how has this collaboration shaped your perspectives? Yes. Fundamentally, information security is not that different from one industry to the next.  The “crown jewels” may be different from one industry vertical to the next and different hacking groups may target different industries.  That is why there is so much value in belonging to the ISAC and ISAO for your organization’s industry. However, the fundamental methods that attackers use to go after the crown jewels and the methods that organizations use to defend against those attacks are not that different from one industry to another.  Furthermore, collaboration between all defenders is needed to counter the collaboration that already occurs between threat actors.  Organizations of all industry verticals must band together for their collective defense.  There is nothing to be lost, and much to be gained, by collaborating across industries. In conclusion, Schaufenbuel’s expertise illuminates the ever-evolving landscape of cybersecurity. His insights on upcoming trends, pragmatic principles for businesses, and the imperative of collaboration highlight the dynamic nature of safeguarding sensitive data in the digital age. As organizations grapple with evolving threats, Schaufenbuel’s holistic approach provides a valuable compass for effective cybersecurity strategies. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Feed

MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response

 000 in bug bounty rewards in one week Bu

Source: securityaffairs.com – Author: Pierluigi Paganini Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center Pierluigi Paganini December 16, 2023 The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another   show more ...

healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have […] La entrada Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini New NKAbuse malware abuses NKN decentralized P2P network protocol Pierluigi Paganini December 16, 2023 Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from   show more ...

Kaspersky’s Global Emergency Response Team (GERT) and GReAT uncovered a new multiplatform malware dubbed NKAbuse. […] La entrada New NKAbuse malware abuses NKN decentralized P2P network protocol – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: 1 Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development Alan Turing Institute Calls for ‘Shift in Mindset’ to Tackle National Security Risk Akshaya Asokan (asokan_akshaya) • December 15, 2023     The   show more ...

Alan Turing Institute called for measures including red lines, traceability and transparency for generative AI systems. […] La entrada UK AI National Institute Urges ‘Red Lines’ For Generative AI – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - CISO Strategics - CISO Learn &

La entrada EXPLAINING PENETRATION TESTING se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - SOC - CSIRT Operations - Red -

Embarking on the thrilling journey of penetration testing goes beyond basic cybersecurity; it’s a dive into the forefront of digital defense. From fundamentals to mastery, our guide ‘Penetration Testing, Beginners To Expert’ is a comprehensive roadmap for those seeking to understand, practice, and   show more ...

master the arts of ethical hacking. We’ll explore from the simplest concepts […] La entrada Pentration Testing, Beginners To Expert! se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - CISO Strategics - Risk & Compli

Our mission at AWS Security Assurance Services (AWS SAS) is to ease Payment Card Industry Data Security Standard (PCI DSS) compliance for Amazon Web Services (AWS) customers. We work closely with AWS teams to answer customer questions about understanding their compliance, finding and implementing solutions, and   show more ...

optimizing their controls and assessments. We have compiled frequently […] La entrada Payment Card Industry Data Security Standard (PCI DSS) v4.0 on AWS se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - SOC - CSIRT Operations - Cyber

Process for Attack Simulation and Threat Analysis (PASTA) is a threat modeling methodology, co-developed by VerSprite’s CEO Tony UcedaVelez. It provides a process for simulating attacks to applications, analyzing cyberthreats that originate them, and mitigating cybercrime risks that these attacks and threats pose   show more ...

to organizations. The process is employed by security professionals across industries to […] La entrada Process for Attack Simulation & Threat Analysis se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - CISO Strategics - Information S

What are passkeys? La entrada Passkeys: The End of Passwords? se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - CISO Strategics - Risk & Compli

Improper Credential Usage Threat Agents: Application Specific Attack Vectors: Exploitability EASY Security Weakness: Prevalence COMMON, Detectability EASY Technical Impacts: Impact SEVERE Business Impacts: Impact SEVERE Vulnerability Indicators Prevention Strategies La entrada OWASP Top 10 Mobile Risks se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.troyhunt.com – Author: Troy Hunt I’d say the balloon fetish segment was the highlight of this week’s video. No, seriously, it’s a moment of levity in an otherwise often serious industry. It’s still a bunch of personal info exposed publicly and that suchs regardless of the   show more ...

nature of the site, but let’s be honest, […] La entrada Weekly Update 378 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - SOC - CSIRT Operations - Red -

In the exciting world of cybersecurity, the Offensive Security Certified Professional (OSCP) certification stands out as a significant milestone for professionals looking to hone their skills in penetration testing. With the aim of facilitating and streamlining the preparation and execution of these tests, the OSCP   show more ...

Cheat Sheet emerges. This resource becomes the indispensable compass for […] La entrada OSCP Cheat Sheet se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0 - CT - CISO Strategics - Cybersecurity

Operation Blockbuster is a Novetta-led coalition of private industry partners, created with the intent to understand and potentially disrupt malicious tools and infrastructure that have been attributed to an adversary that Novetta has identified and named as the Lazarus Group. This group has been active since at   show more ...

least 2009, and potentially as early as 2007, […] La entrada OPERATION BLOCKBUSTER: Unraveling the Long Thread of the Sony Attack se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata   show more ...

and contact information. The American database software company said it first detected anomalous activity on […] La entrada MongoDB Suffers Security Breach, Exposing Customer Data – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Ryan Naraine MongoDB CISO Lena Smart said the company was not aware of any exposure to the data that customers store in the MongoDB Atlas product.  The post MongoDB Confirms Hack, Says Customer Data Stolen appeared first on SecurityWeek. Original Post URL: https://www.   show more ...

securityweek.com/mongodb-confirms-hack-says-customer-data-stolen/ Category & Tags: Data Breaches,Incident Response,Database Security,MongoDB,MongoDB Atlas,ransomware […] La entrada MongoDB Confirms Hack, Says Customer Data Stolen – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Lawrence Abrams MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they detected   show more ...

their systems were hacked on Wednesday evening […] La entrada MongoDB says customer data was exposed in a cyberattack – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2023-12
Aggregator history
Sunday, December 17
FRI
SAT
SUN
MON
TUE
WED
THU
DecemberJanuaryFebruary