Many departments and groups see the benefits of using generative AI tools, which will complicate the security teams' job of protecting the enterprise from data leaks and compliance and privacy violations.
Security professionals in Dark Reading's latest survey are well aware of the risks posed by generative AI in their organizations, but questions remain on what strategies to employ.
The violation comes after the personal data of over 320,000 local users was discovered being sold on the dark web. Carousell reported the incident last year, attributing it to a loophole exploited by hackers in its system migration process.
The hacker group known as Cloud Atlas has recently targeted a Russian agro-industrial enterprise and a state-owned research company in an espionage campaign. The group, believed to be state-backed, primarily attacks Russia and surrounding countries.
The MS Drainer operates through phishing websites, tricking users into approving malicious contracts and transferring their money to the attacker's wallet address without their consent.
The LONEPAGE malware, deployed through phishing messages and malicious attachments, can contact a command-and-control server to retrieve additional payloads and carry out activities like keylogging and stealing screenshots.
The vulnerability was due to improper validation of server certificates, allowing browsers to trust sites with certificates signed with outdated algorithms. ESET has released security patches and is not aware of any attacks exploiting this flaw.
The leaked data included personal information such as names, emails, phone numbers, and scanned copies of receipts, checks, contracts, and IDs, increasing the likelihood of targeted scams and unauthorized access to sensitive accounts.
Bandook malware, a remote access trojan, has evolved with a new variant that uses a PDF file to distribute its payload and injects it into msinfo32.exe, allowing remote attackers to gain control of infected systems.
A new analysis of the Predator spyware reveals that it now has the ability to persist between reboots on infected Android systems. Predator, developed by the Intellexa Alliance, is a sophisticated commercial spyware sold on a licensing model.
A group of Ukrainian hackers known as the IT Army claimed responsibility for disrupting the operations of Bitrix24, a Russian provider of customer relationship management (CRM) services.
As the year nears its end, the cybersecurity sector offers profound lessons through incidents like data breaches, leaks, and cyberattacks, which highlight the importance of learning from mistakes, emphasizing how even minor oversights can be the gateway for hackers, triggering repercussions not just for a company but show more ... for all its interconnected entities. Third-party breaches, ransomware assaults, vulnerabilities, and human errors have significantly contributed to the downfall of various organizations. However, these incidents also offer invaluable lessons, highlighting strategies to navigate the domain and thwart major attacks. In this article, The Cyber Express explores cybersecurity incidents from the past, aiming to showcase their role in addressing current security challenges. By revisiting these incidents, this article aims to illustrate how these security incidents have contributed to securing organizations against the volatility of the digital domain. 1. ICMR Data Breach In December 2023, the apprehension of four individuals by the Indian Police unveiled a significant data breach involving ICMR, the Indian Council of Medical Research, affecting the personal details of over 81 crore Indians. This incident, which unfolded over two months ago, exposed that sensitive information, such as Aadhaar and passport records, had purportedly been leaked from the ICMR’s data bank and offered for sale on the dark web. The arrested individuals, originating from Odisha, Haryana, and Jhansi, consist of a Bachelor of Technology graduate and two school dropouts. In the course of interrogation, the suspects asserted that they had not only accessed information from the ICMR but also infiltrated data from the United States Federal Bureau of Investigation (FBI) and Pakistan’s Computerized National Identity Card (CNIC). Lesson Learned: The lesson learned here is multi-pronged. Firstly, it highlights the need for enhanced data security measures at all levels, particularly sensitive government databases like the ICMR’s. This includes regular security audits, implementing encryption protocols, and restricting access to sensitive data only to authorized personnel. Secondly, it highlights the importance of individual vigilance. Awareness about online scams and phishing attempts, practicing strong password hygiene, and avoiding sharing sensitive information online can significantly reduce the risk of personal data breaches. Finally, the ICMR data breach highlights the global reach of cybercrime, as the suspects allegedly also accessed information from foreign agencies. This emphasizes the need for international cooperation and effective cybercrime legislation to combat such threats effectively. 2. Vinomofo Data Breach Vinomofo, an Australian wine company, recently fell victim to a cyberattack, exposing the personal information of approximately 500,000 customers. The breach included details such as names, addresses, dates of birth, email addresses, phone numbers, and other sensitive data. Fortunately, the company asserted that the risk was relatively low as they do not store financial information, credit card numbers, or driver’s licenses. Lesson Learned: The incident emphasized on the necessity for ongoing cybersecurity education for customers and the implementation of strong password practices. Regular collaboration with cybersecurity experts and authorities, as demonstrated by Vinomofo’s engagement with IDCARE, further reinforces the collective effort needed to address and mitigate the impact of cyber threats. 3. Slack Security Breach In a blog post on December 31, 2022, Slack’s Security Team disclosed a security breach involving unauthorized access to a subset of Slack’s code repositories. On December 29, suspicious activity was detected on the company’s GitHub account, leading to the discovery that a small number of employee tokens had been stolen and used to access the external repository. The perpetrator reportedly downloaded private code repositories on December 27. Fortunately, the company asserted that customers were not affected, and the incident was promptly resolved. No downloaded repositories contained customer data, ensuring the perpetrators couldn’t access user information or Slack’s primary codebase. Importantly, the threat actor did not breach other areas of Slack’s environment, including the production environment or additional resources. Lesson Learned: Slack’s transparency and swift resolution offer a valuable lesson in effective incident response and communication to mitigate potential impacts on users and maintain trust in organizational security. 4. Norton Healthcare Data Breach The Kentucky-based nonprofit healthcare system, Norton Healthcare disclosed in November 2023 that hackers gained unauthorized access during a ransomware attack in May, compromising the personal data of approximately 2.5 million individuals. The breach exposed a range of sensitive information, including names, dates of birth, Social Security numbers, health and insurance details, and medical identification numbers. Some individuals also faced the potential exposure of financial account numbers, driver’s licenses, or other government ID information. Notably, Norton Healthcare reported that the accessed data did not include medical records or electronic medical record systems. Lesson Learned: Norton’s admission of the breach after a “time-consuming” internal investigation highlights the need for swifter detection and response mechanisms in the face of evolving cyber threats. Further, the incident highlights the critical need for enhanced cybersecurity measures in the healthcare sector, emphasizing the importance of encryption and continuous monitoring to safeguard patient and employee data from evolving cyber threats. 5. CloudSEK Data Breach In December 2022, cybersecurity firm CloudSEK encountered a targeted cyber attack where an employee’s Jira password was compromised, allowing unauthorized entry into their Confluence pages. The attacker gained access to internal details like screenshots, bug reports, customer names, and schema diagrams, but didn’t compromise any databases or servers. CloudSEK initiated an investigation and communicated updates through a dedicated blog in real-time. The impact of the leaked JIRA credentials on CloudSEK was substantial. These credentials allowed the threat actor access to critical areas within the company’s infrastructure. This included training materials, internal documents, VPN and Endpoint IP addresses accessible via VPN configuration, and Confluence pages. The leaked customer data included the names and purchase orders (POs) of three customers along with several screenshots of product dashboards. Although there was no direct intrusion into databases or servers compromising user and customer data, the attackers made efforts to sell stolen information. This included items like codebase and product documents. However, doubts were raised regarding the authenticity of these claims. The repercussions were notable: internal operations at CloudSEK experienced temporary disruptions, and sensitive information, including customer purchase orders and names, was exposed. Lesson Learned: This incident at CloudSEK highlighted crucial lessons for cybersecurity practices. First and foremost, it emphasized the criticality of password security measures and stringent access controls to prevent unauthorized entry. Additionally, it showcased the necessity of regular vulnerability assessments and timely updates for internal systems, ensuring their resilience against evolving threats. Furthermore, the importance of transparent and clear communication during security incidents emerged as a vital aspect to uphold trust and manage the aftermath effectively. 6. Shein Data Breach Shein, the rapidly expanding ultra-fast fashion e-commerce platform, faced scrutiny over a 2018 data breach that came to light. Zoetop, the parent company of Shein and Romwe, was fined US$1.9 million by New York for inadequate handling of the security incident. The delayed notice was attributed to New York’s policy of not publicly releasing data breach notifications. Lesson Learned: The lesson learned here emphasizes the need for timely and transparent reporting of security incidents, coupled with proactive efforts to strengthen cybersecurity protocols to protect customer data effectively. 7. Boeing Data Breach The recent cyberattack on Boeing by the LockBit ransomware group has raised significant concerns about the cybersecurity vulnerabilities within large corporations. Boeing confirmed the breach after a period of speculation and confusion surrounding its inclusion and subsequent removal from LockBit’s list of victims on a dark web portal. The impact of the attack has been felt in Boeing’s distribution business and global services division, affecting certain aspects of parts and distribution operations. Lesson Learned: Companies, especially those in sensitive industries like aerospace, must continuously enhance their cybersecurity protocols to protect against evolving threats. Additionally, effective communication and transparency are crucial during and after a cyberattack. Boeing’s initial silence on the incident and subsequent confirmation highlights the need for timely and accurate information sharing with stakeholders, including customers and suppliers. 8. Okta Data Breach The Okta data breach initially underestimated in scope, revealed a significant compromise of customer support system data, impacting all users. Names and email addresses were among the compromised information. Okta, a provider of identity management solutions, is actively investigating the breach and plans to share a comprehensive report with affected customers. The incident led to an 11% drop in Okta shares, wiping out US$2 billion in market capitalization. Lesson Learned: Transparency is vital in addressing the Okta breach, as initial downplaying eroded trust. Prompt communication about compromised data and affected users is crucial for damage control. The incident emphasizes the need for proactive security measures, including strong multi-factor authentication. Okta’s collaboration with a digital forensics firm highlights the importance of industry-wide cooperation for effective breach response. Okta’s commitment to accountability, notifying affected individuals, and sharing a comprehensive report fosters trust and contributes to a more secure future. 9. Medibank Data Breach The Medibank data breach in October 2022 revealed a significant compromise of personal and health information for approximately 4 million customers, including those of its subsidiary AHM Health Insurance. The breach extended beyond domestic customers, affecting international student and Medibank customer data as well. The incident, characterized as a “terrible crime” by Medibank CEO David Koczkar, highlighted the vulnerability of individuals, especially in the context of sensitive health and personal information. Lesson Learned: Medibank’s commitment to supporting affected customers through reimbursement of identity document re-issuing fees, financial assistance, and specialized identity protection resources highlights the responsibility organizations have to mitigate the potential harm caused by such incidents. The fact that Medibank’s IT systems remained unimpacted and functional after the breach emphasizes the importance of implementing robust security measures to safeguard customer data. In the wake of the breach, Medibank’s pledge to provide mental health support to all its customers reflects an understanding of the emotional toll such incidents can take on individuals. 10. Cisco Data Breach Cisco, the American-based multinational technology conglomerate, confirmed that data posted on the dark web by the Yanluowang ransomware was indeed stolen during a cyberattack in May in 2022. The Lapsus$ Gang exploited an employee’s personal Google account to gain unauthorized access to Cisco’s network, stealing 2.8GB of data. Although the hackers accessed and released files on the dark web, Cisco reassured that this publicity did not affect its employees, businesses, or partners. While the compromised data was non-sensitive, Cisco’s response focused on revoking the attackers’ network access and avoiding ransom payments to prevent disclosure. Lesson Learned: The Cisco data breach imparts key cybersecurity lessons: prioritize ongoing employee training to combat phishing and MFA fatigue; acknowledge the persistent threat of social engineering; complement MFA with robust security measures like encryption and access controls; and emphasize the importance of transparent and prompt communication to maintain trust during incidents. 11. 23andMe Data Breach Data breach at 23andMe, a prominent U.S. biotechnology and genetic testing firm, revealed the compromise of information belonging to more than 1.3 million Ashkenazi Jewish and Chinese users. The breach, initially dismissed by 23andMe as “misleading,” was later confirmed to be a result of a credential stuffing attack, specifically targeting users of Ashkenazi Jewish heritage. The compromised data included names, genders, birth years, ancestral heritage results, genetic markers, profile and account numbers, and health data opt-ins. The attacker, who claimed possession of additional unreleased data, targeted accounts with recycled login credentials, emphasizing the dangers of credential-stuffing attacks Lesson Learned: Transparent communication is vital for user trust during security incidents. The targeted attack on Ashkenazi Jewish users emphasizes vigilance in handling sensitive genetic data. Strong password hygiene is crucial due to attackers focusing on recycled login credentials. The sale of personalized data underscores the need for robust data protection, especially in biotech. Prompt user advice and immediate action are vital, along with thorough investigation for industry-wide awareness and enhanced cybersecurity practices. 12. LastPass Breach LastPass, the leading password management software provider, fell victim to a cyberattack in 2022 when hackers accessed critical files and internal source code through a compromised employee account. Despite the breach, LastPass reassured its 25 million users and 80,000 commercial clients that no password vaults or customer information were compromised. The theft primarily targeted source code and private information at a linear level, with the company claiming that standard processes functioned correctly, sustaining zero damage post-breach. Lesson Learned: The LastPass breach is a wake-up call for all organizations dealing with sensitive data. By prioritizing layered security, vigilant employee training, and open communication, they can build more resilient defenses against increasingly sophisticated cyber threats. 13. Marriott Data Breach Marriott, a hotel group with a history of data breaches, had acknowledged its second significant data breach in recent years, in June 2023. The breach was facilitated by a hacking group that deceived an employee, ultimately gaining access to the computer system. As reported by databreaches.net, the group asserted possession of 20 GB of data pilfered from the server of BWI Airport Marriott in Maryland. Marriott has plans to notify 300-400 individuals affected by this breach. Lesson Learned: The Marriott data breach highlights the importance of employee training to combat social engineering, the need for stringent security protocols, and the significance of regular security audits. Transparent communication, swift incident response planning, and continuous improvement are essential, along with collaboration with authorities. Marriott’s commitment to notifying and supporting affected individuals highlights the importance of customer assistance in the aftermath of a breach. 14. Uber Data Breach In December 2022, Uber faced yet another data breach, this time linked to a third-party vendor, Teqtivity, with claims from the entity “UberLeak” associating themselves with the Lapsus$ hacking group. The leaked data, consisting of 20 million records, surfaced on the dark web, including sensitive information on 77,000 Uber employees. Uber confirmed the breach, attributing it to Teqtivity, and emphasized that it was unrelated to the September 2022 incident. Teqtivity acknowledged unauthorized access by a malicious third party, initiating investigations, notifying law enforcement, and implementing measures to prevent future occurrences. This marks the second major data breach for Uber in the year, highlighting the ongoing challenges in securing sensitive information. Lesson Learned: The Uber data breach emphasizes the need for organizations to focus on overall security. Prioritizing vendor risk management, employee awareness, and clear communication can help build stronger defenses against evolving threats in the digital landscape. 15. Capital One Data Breach In 2019, Capital One fell victim to a substantial cyberattack that compromised the data of over 100 million individuals, marking it as one of the most significant financial breaches at the time. Unauthorized access was gained through a misconfigured web server firewall, exposing personal information such as names, addresses, phone numbers, email addresses, Social Security numbers, bank account and credit card numbers, and other financial data. The breach was discovered in July 2019, following a report from an external security researcher, prompting immediate containment measures. The subsequent arrest of a software engineer, Paige Thompson, in connection with the breach occurred in August 2019. The fallout included substantial fines, with Capital One agreeing to pay $80 million to regulators and $190 million in a class-action lawsuit settlement. This incident not only heightened the risk of identity theft and fraud for millions but also inflicted financial losses and tarnished Capital One’s reputation. Lesson Learned: The Capital One breach emphasized the necessity of regularly patching vulnerabilities in both web applications and servers to prevent unauthorized access. Implementing strong access controls and data segmentation emerged as crucial safeguards against extensive breaches, highlighting the need for protective measures. Additionally, the incident highlighted the significance of continuous monitoring of systems to swiftly detect and address suspicious activities. Moreover, it emphasized the essential role of ongoing education for employees on cybersecurity best practices to fortify an organization’s defenses against potential threats. 16. Twitter Cyberattack In December 2022, a claim surfaced on a hacker forum by an actor named Ryushi, asserting the sale of data from 400 million Twitter users for $200,000. The alleged dataset supposedly included user handles, usernames, email addresses, and phone numbers, purportedly sourced from exploiting an API vulnerability previously patched in January 2022. This vulnerability had been linked to an earlier breach impacting 5.4 million users. Twitter swiftly responded, firmly refuting knowledge of any such extensive breach affecting 400 million users. They explicitly stated a lack of evidence indicating a compromise of their systems and disputed any connection between the claimed 400 million user data and the prior 5.4 million user breach. Lessons Learned: The purported 400 million user data breach, even though contested by Twitter, catalyzed important considerations. The incident highlights the necessity for Twitter to enhance its incident response strategies, emphasizing the need for a swift and transparent approach in addressing potential security breaches. Criticism arose due to the delay in Twitter’s response, prompting the need for a well-defined communication plan and established protocols for handling such situations effectively. Moreover, the reference to a previously patched API vulnerability highlighted the criticality of regular vulnerability assessments and prompt patching to avert unauthorized access. This episode also prompted questions regarding the overall security of Twitter’s systems, emphasizing the ongoing necessity to evaluate and fortify platform security measures continuously. Ultimately, prioritizing transparency in communications and proactive efforts to bolster user trust remain pivotal for Twitter to uphold confidence among its user base. 17. AIIMS Cyberattack All India Institute of Medical Sciences, a premier medical institution in India, encountered a significant cyberattack in November 2022, proving highly impactful as five servers were compromised, leading to the encryption of 1.3 TB of data. Hospital servers and services remained crippled for over 15 days due to a ransomware attack utilizing Wammacry, Mimikatz, and Trojan malware. This incident revealed vulnerabilities in the IT infrastructure and highlighted the need for proper network segmentation. The response involved collaborative efforts from CERT-In and DRDO to contain and recover from the attack. Investigations traced potential links to China and Hong Kong through email addresses used by the attackers. Lessons Learned: The AIIMS cyberattack highlights the growing vulnerability of healthcare institutions to cyber threats, emphasizing crucial lessons. Key takeaways include the imperative need for proper network segmentation, and effectively segregating critical systems to halt the lateral spread of malware. Regular vulnerability assessments and prompt patching of software and systems emerge as critical measures to address security flaws and prevent breaches. Investing in advanced security solutions like firewalls, intrusion detection/prevention systems, and anti-malware software is essential for bolstering defenses. 18. Log4j Shell Vulnerability The Log4j Shell Vulnerability, also known as Log4Shell (CVE-2021-44228), was a critical security flaw discovered in December 2021 within the widely used Apache Log4j Java logging library. This vulnerability allowed attackers to inject malicious code into application logs, granting them unauthorized remote access and control over affected systems. Its potential to impact millions of servers globally made it one of the most serious cybersecurity threats in history. The Log4j Shell Vulnerability, also known as Log4Shell (CVE-2021-44228), wasn’t just a blip on the cybersecurity radar – it was a massive earthquake that sent tremors through the entire digital space. Lesson Learned: The Log4j Shell Vulnerability incident highlighted the significance of open-source vigilance, emphasizing the potential widespread consequences of vulnerabilities within these libraries. To mitigate risks, increased collaboration and a heightened security focus within the open-source community are essential. Additionally, the incident emphasized the need for improved vulnerability disclosure processes, advocating for responsible disclosure procedures to address flaws before exploitation. Organizations were urged to prioritize software supply chain security by implementing robust vetting and security practices. 19. Colonial Pipeline Ransomware Attack The Colonial Pipeline ransomware attack of 2021 exposed vulnerabilities in critical infrastructure, leading to widespread consequences. As the largest fuel pipeline operator in the Eastern US, Colonial Pipeline’s breach by the DarkSide hacking group paralyzed operations after encrypting crucial data. The shutdown triggered fuel shortages, panic buying, and disrupted supply chains, causing economic impacts and raising national security concerns about infrastructure vulnerabilities. Facing the dilemma of paying a $4.4 million ransom or attempting independent recovery, Colonial Pipeline opted to pay the ransom for a swift restoration of pipeline operations. Lesson Learned: The aftermath of the Colonial Pipeline attack echoes throughout the cybersecurity space, shedding light on the pressing need for sustained vigilance and collaborative approaches to combat threats. It highlighted the urgency for cybersecurity measures, emphasizing substantial investments in infrastructure and comprehensive employee training to proactively prevent and mitigate future attacks. It also emphasized the need for a refined incident response strategies, advocating for clear protocols to swiftly and effectively address cyber threats, minimizing operational disruptions and potential damages. Lastly, it emphasized the importance of partnerships between the government and the private sector. 20. Kaseya VSA Ransomware Attack The Kaseya VSA ransomware attack, targeted the remote monitoring and management (RMM) software provider, Kaseya. Exploiting a zero-day vulnerability in Kaseya’s VSA software, the attackers deployed ransomware across MSPs’ systems and their clientele. With over 1,500 organizations affected in 17 countries, including educational institutions, hospitals, and businesses, the attack induced widespread disruption and financial repercussions. Executed by the REvil ransomware group, the attack demanded a staggering $70 million ransom for a decryptor to unlock encrypted data. Kaseya responded by releasing a patch for the exploited vulnerability and offering a free decryptor to affected entities. Lesson Learned: This cyberattack served as a wake-up call within the cybersecurity sphere, highlighting the significance of Managed Service Providers (MSPs) as prime targets for ransomware assaults due to their extensive reach. Secondly, the attack’s broad impact highlighted the far-reaching consequences ransomware attacks can impose on numerous organizations and sectors. The incident emphasized the critical need for prompt patching of software vulnerabilities to preempt such attacks. It also highlighted the necessity for organizations to establish comprehensive response plans to effectively tackle and mitigate the impacts of ransomware attacks. Conclusion These cyberattacks serve as critical reminders of the ongoing challenges in our interconnected digital world. From sophisticated supply chain attacks to targeted breaches in healthcare and genetic testing, each event underscores the need for a comprehensive defense strategy. The lessons from cyberattacks emphasize the importance of individual vigilance, enhanced security measures in specific industries, and the value of prompt communication. As cyber threats persist and evolve, organizations must prioritize ongoing employee training, implement robust security protocols, and engage in transparent communication to fortify their defenses. The continuous enhancement of cybersecurity practices is not just a responsibility; it’s an imperative for securing the digital future.
In the rapidly evolving landscape of financial technology, where transactions occur at the speed of light and data is both the lifeblood and the Achilles’ heel, the role of cybersecurity is more critical than ever. Hilal Ahmad Lone, Chief Information Security Officer (CISO) of Razorpay, recently provided show more ... exclusive insights to The Cyber Express at the World CyberCon India, the second edition into the strategies and technologies that FinTech companies employ to protect customer data and ensure vigorous cybersecurity. In this comprehensive feature, we delve into Lone’s perspectives, accompanied by his own words. Hilal Ahmad Lone On Data Protection Strategies As Lone opens the discussion, he paints a vivid picture of the vulnerability inherent in FinTech organizations due to their extensive data consumption. “FinTechs are one of the most vulnerable organizations with respect to data. We consume a lot of data,” Lone remarks, setting the stage for the complex strategies employed by Razorpay. The emphasis lies on a comprehensive approach to data protection, starting with the acquisition of only relevant data. “We want to make sure that it has complete access control, encryption, identification, masking, and continuous monitoring,” Lone explains, highlighting the multi-layered nature of their protective measures. On Regulatory-Driven Controls Navigating the unique challenges faced by FinTech companies, Lone brings attention to the regulatory landscape that often dictates their security measures. “FinTech companies have a very unique perspective on data security, driven by regulatory requirements,” he states. Razorpay, being a regulated entity, adheres to stringent controls such as multi-factor authentication, data encryption, and segmentation, all of which are mandated by regulatory bodies. “We are a regulated entity, meaning a lot of things are regulated, defined by regulatory bodies,” Lone emphasizes, highlighting the regulatory-driven nature of their security protocols. The Role of Employee Training In the dynamic world of cybersecurity, where threats evolve as swiftly as technology, Lone places a spotlight on the pivotal role of employee training. “Training and awareness are basically the cornerstone for any kind of security program,” he asserts. At Razorpay, this translates into a multifaceted approach involving mandatory training sessions, phishing simulations, and fraud detection exercises. “We want to ensure that the entire organization goes through that training to understand their respective responsibility towards safeguarding data,” Lone explains. The focus is not just on meeting regulatory standards but on instilling a culture of responsibility and awareness throughout the organization. Anticipated Trends in 2024 Peering into the future, Lone anticipates persistent vulnerabilities faced by FinTech companies. “I think FinTech companies actually have, like, they’ve always been vulnerable to multiple different attacks. Primarily, like distributed denial of service, phishing, and, like, faking up apps and picking up domains and things like that. So, I think that’s a trend that we’re actually seeing right now. And of course, like the supply chain, as well. So, vendor risk is always going to be,” he predicts. These challenges highlight the need for constant adaptation and innovation in cybersecurity strategies. The landscape is dynamic, and as Lone suggests, “FinTech companies need to stay one step ahead.” Conclusion Hilal Ahmad Lone’s insights offer a unique and comprehensive view of the cybersecurity landscape in the FinTech sector. As technology evolves, the proactive measures, regulatory adherence, and emphasis on employee training at Razorpay serve as a benchmark for organizations navigating the intricate world of financial technology. In safeguarding data, FinTech companies must not only meet regulatory standards but also anticipate and proactively address emerging threats to maintain the trust of their customers in this dynamic and ever-evolving industry.
by Lakshmi Mittra, Senior VP, Head of Clover Academy Upskilling refers to the process of acquiring new or additional skills, knowledge, and competencies to enhance one’s expertise and stay current in a particular field or industry. It has become an imperative in this rapidly changing business environment. It show more ... enables an individual to remain competitive in their careers, enhances their adaptability, and ensures that they can effectively contribute to their organization’s goals. Upskilling also plays a crucial role in strengthening cybersecurity defences by ensuring that cybersecurity professionals have the necessary knowledge and skills to address evolving cyber threats. Role of Upskilling in Strengthening Cybersecurity Defences Here are some key ways in which upskilling contributes to cybersecurity resilience: Adaptation to Emerging Threats – The cyber threat landscape is ever-evolving with attackers increasingly using new-age technologies to launch more sophisticated attacks. Upskilling enables cybersecurity professionals to stay abreast of the latest threats, vulnerabilities, and attack vectors, allowing them to proactively defend against new and emerging cyber risks. Up-to-date Knowledge – Cybersecurity is a dynamic field with various specializations such as penetration testing, incident response, threat intelligence, and more. Upskilling allows professionals to specialize in specific areas, acquiring deep expertise that is essential for effectively countering threats within those domains. Risk Mitigation – Upskilling helps cybersecurity professionals to understand the business context and the associated risks. This enables them to align cybersecurity strategies with organizational goals and implement effective risk mitigation practices, considering the specific needs of the business. Incident Response and Recovery – Cybersecurity upskilling includes training on incident response and recovery procedures. Cybersecurity professionals equipped with these skills can respond quickly and effectively to security incidents, minimize the impact of breaches, and ensure a swift return to normal operations. Compliance and Regulations – Cybersecurity upskilling includes staying informed about relevant laws, regulations, and compliance standards. This is crucial for ensuring that an organization’s cybersecurity practices align with legal requirements, reducing the risk of legal consequences and reputational damage. Employee Awareness – Upskilling efforts extend beyond technical teams to include general employee awareness. Training employees on cybersecurity best practices helps create a security-conscious culture, reducing the likelihood of human errors that could lead to security breaches. There are several ways to upskill in cybersecurity. Some popular methods include: Taking online courses or attending training seminars: There are many online resources available for learning about cybersecurity, such as courses on Coursera, edX, and Udemy. Also, there are many seminars and conferences offered by industry experts and leaders. Cybersecurity competitions and hackathons are a great way to get hands-on experience with cybersecurity tools and techniques. Getting certified: There are several cybersecurity certifications available such as the Certified Information Systems Security Professional (CISSP) and the Certified Ethical Hacker (CEH). Getting certified can help you to demonstrate your skills and knowledge to potential employers. Contribute to open-source cybersecurity projects on platforms such as GitHub. This not only provides hands-on experience but also exposure to real-world challenges and collaboration opportunities. In conclusion, upskilling is essential for building a robust cybersecurity workforce that is not only capable of adapting to the dynamic nature of cyber threats but also effectively protects the organization from security risks. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Source: thehackernews.com – Author: . Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that’s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a show more ... Magecart campaign targeting e-commerce websites, according to Sucuri. “As with many other […] La entrada Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: thehackernews.com – Author: . Dec 22, 2023NewsroomMalware / Cyber Threat Indian government entities and the defense sector have been targeted by a phishing campaign that’s engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been show more ... codenamed Operation RusticWeb by enterprise security firm SEQRITE. “New Rust-based payloads and […] La entrada Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: thehackernews.com – Author: . Dec 22, 2023NewsroomSocial Engineering / Malware Analysis A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. “Malware written in uncommon programming languages puts the show more ... security community at a disadvantage as researchers and reverse engineers’ unfamiliarity can hamper […] La entrada Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.cybertalk.org – Author: slandau Anthony (Tony) Sabaj is currently the Head of Channel Security Engineering for the Americas at Check Point, with over 25 years of experience in the Cyber/Information/Network security. Tony has been at Check Point since 2002 in a variety of sales and technical roles. show more ... Prior to joining Check Point, Tony was […] La entrada Expert Tony Sabaj on Managed Security Service Providers – Source: www.cybertalk.org se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.techrepublic.com – Author: Cedric Pernet Cybersecurity company ESET released its H2 2023 threat report, and we’re highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK spyware. show more ... Jump to: ChatGPT name is being abused by cybercriminals Lumma […] La entrada ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware’s Prevalence – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.techrepublic.com – Author: TechRepublic Staff Here’s a list of the 20 most popular articles published by TechRepublic in 2023. Read articles about ChatGPT, Google Bard, Windows 11 and more. This year, developments in generative AI dominated the tech world, and TechRepublic readers expressed a show more ... corresponding interest, specifically in content about AI art generators, ChatGPT […] La entrada 20 Most Popular TechRepublic Articles in 2023 – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: go.theregister.com – Author: Team Register Feature When AlphV/BlackCat’s website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews. The excitement lasted just show more ... five days, though, and its website is now back online, albeit […] La entrada Cyber sleuths reveal how they infiltrate the biggest ransomware gangs – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.proofpoint.com – Author: 1 Source: Karel Tupy via Alamy Stock Photo This fall, an unidentified threat actor executed dozens of varied social engineering campaigns against American and Canadian organizations across a variety of industries, with the goal of infecting them with the multifaceted show more ... DarkGate malware. In a blog post this week, researchers from Proofpoint […] La entrada ‘BattleRoyal’ Hackers Deliver DarkGate RAT Using Every Trick – Source: www.proofpoint.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.proofpoint.com – Author: 1 Too many requests — error 999. Original Post URL: https://www.proofpoint.com/us/newsroom/news/qr-code-attacks-probably-arent-coming-your-scan-order-menus Category & Tags: – La entrada QR code attacks probably aren’t coming for your scan-to-order menus – Source: www.proofpoint.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.proofpoint.com – Author: 1 Publicly traded companies are now required to disclose “material” cybersecurity incidents to the U.S. Securities and Exchange Commission, after the new agency rule went into effect Monday. While the SEC’s rule is aimed at providing investors with information on show more ... potential risks to replace the inconsistent disclosures of major incidents, the […] La entrada SEC disclosure rule for ‘material’ cybersecurity incidents goes into effect – Source: www.proofpoint.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: securityaffairs.com – Author: Pierluigi Paganini Akira ransomware gang claims the theft of sensitive data from Nissan Australia Pierluigi Paganini December 22, 2023 The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The show more ... Akira ransomware gang claimed to have breached Nissan Australia and […] La entrada Akira ransomware gang claims the theft of sensitive data from Nissan Australia – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: securityaffairs.com – Author: Pierluigi Paganini Member of Lapsus$ gang sentenced to an indefinite hospital order Pierluigi Paganini December 22, 2023 A member of the Lapsus$ cyber extortion group, Arion Kurtaj, has been sentenced to an indefinite hospital order. The UK Southwark Crown Court has show more ... sentenced Arion Kurtaj, a prominent member of the international cyber […] La entrada Member of Lapsus$ gang sentenced to an indefinite hospital order – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: securityaffairs.com – Author: Pierluigi Paganini Real estate agency exposes details of 690k customers Pierluigi Paganini December 22, 2023 An exposed instance contained information for a customer relationship management (CRM) system that likely belongs to Goyzer, a real estate property management show more ... software maker, the Cybernews research team has discovered. The data was leaked via a […] La entrada Real estate agency exposes details of 690k customers – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer Source: cryptoFX via Alamy Stock Photo In the last year and a half, attackers have exploited at least five vulnerabilities — including four zero-days — in a sensitive, kernel-level Windows driver. A series of reports published by show more ... Kaspersky’s Securelist this week lays out not just a handful […] La entrada Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.darkreading.com – Author: Dark Reading Staff Source: Aleksey Funtap via Alamy Stock Photo Cisco is closing out a busy year of acquisitions with a new deal to boost its multicloud networking and security capabilities. The networking giant announced its intention to acquire Isovalent, a cloud-native show more ... security and networking startup that helped develop two widely […] La entrada Cisco Bets Big on Multicloud Security With Isovalent Deal – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.darkreading.com – Author: Nathan Eddy, Contributing Writer Source: PREMIO STOCK via Shutterstock Google has issued an urgent update to address a recently discovered vulnerability in Chrome that has been under active exploitation in the wild, marking the eighth zero-day vulnerability identified for show more ... the browser in 2023. Identified as CVE-2023-7024, Google said the vulnerability is […] La entrada Google Releases Eighth Zero-Day Patch of 2023 for Chrome – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.bleepingcomputer.com – Author: Bill Toulas A new Python project called ‘Wall of Flippers’ detects Bluetooth spam attacks launched by Flipper Zero and Android devices. By detecting the attacks and identifying their origin, users can take targeted protection measures, and culprits can show more ... potentially be held accountable for their actions. Not an innocent prank The ability […] La entrada ‘Wall of Flippers’ detects Flipper Zero Bluetooth spam attacks – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.govinfosecurity.com – Author: 1 Fraud Management & Cybercrime , Healthcare , Industry Specific Hackers Crippled Systems, Stole Patient Data From ESO Solutions Rashmi Ramesh (rashmiramesh_) • December 22, 2023 Hackers carried out a double-extortion ransomware attack on medical software show more ... company ESO Solutions, exposing personal details and healthcare information of 2.7 million U.S. […] La entrada Millions of Patients Affected in Double-Extortion Attack – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.govinfosecurity.com – Author: 1 Arion Kurtaj Was a Member of Lapsus$ Group That Also Hacked Nvidia and Revolut Akshaya Asokan (asokan_akshaya) • December 22, 2023 A British judge sentenced a teenage member of the now-defunct Lapsus$ hacking group to indefinite hospital detention for his role show more ... in several high-profile hacks. See Also: JavaScript […] La entrada Teen Uber Hacker Sent to Indefinite Hospital Detention – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.govinfosecurity.com – Author: 1 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security , Endpoint Security Majority of Connected Medical Devices Contain Critical Vulnerabilities, FBI Says Chris Riotta (@chrisriotta) • December 22, 2023 The GAO warns of critical show more ... vulnerabilities in medical devices. A majority of medical devices in the U.S. carry […] La entrada Report Warns of ‘Catastrophic’ Medical Device Security Risks – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Source: www.securityweek.com – Author: Ionut Arghire A variant of the Chameleon Android banking trojan features new bypass capabilities and has expanded its targeting area. The post Chameleon Android Malware Can Bypass Biometric Security appeared first on SecurityWeek. Original Post URL: https://www.securityweek. show more ... com/chameleon-android-malware-can-bypass-biometric-security/ Category & Tags: Malware & Threats,Mobile & Wireless,Android – Malware & Threats,Mobile & Wireless,Android La entrada Chameleon Android Malware Can Bypass Biometric Security – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.
