Month: February 2022
The Great Resignation strikes cybersecurity teams too. Here's a checklist for CISOs to ensure security is retained even as security staff is not.
Toyota Halts Production After Suspected Supply Chain Attack
Toyota suspends production at all 14 plants in Japan after a supplier reported being hit by "some kind of cyberattack."
KnowBe4 Research: Half of Employees Use Unauthorized File Services to Complete Work
Report examines the prevalence of two common insecure practices.
Deep Instinct 2022 Threat Landscape Report Finds 125% Increase in Threat Types and Novel Evasion Techniques
The Deep Instinct Threat Research team monitored attack volumes and types and extrapolated their findings to predict where the future of cybersecurity is heading, determine what motivates attackers, and lays out the steps organizations can take now in order to protect themselves in the future.
Invicti Security Adds Software Composition Analysis to Its Industry- Leading AppSec Platform
Invicti SCA enables users to track and secure open-source components to reduce security risk.
Phishing Attack in Ukraine Could Be Prelude to Disinformation Campaign
Belarus-based APT behind the attacks may also be working in concert with Russia, researchers say.
Researchers Warn of Stealthy Chinese Backdoor Targeting Multiple Foreign Agencies
A stealthy backdoor program used by China-linked threat actors has targeted government computers at multiple foreign agencies, allowing attackers to retain a presence on sensitive networks and exfiltrate data while remaining undetected.
Companies Borrow Attack Technique to Watermark Machine Learning Models
Researchers continue to improve on a technique for embedded crafted outputs into machine-learning models, an anti-copying technique originally thought up by adversarial researchers.
How to Boost Shift-Left Security in the SDLC
Organizations will see big wins from applying security controls early in the development life cycle.
In a time of war, it’s important to stay secure
As Russia invaded Ukraine, seeing the disruption in the world occur in near real time on social media brought poignancy to what was happening. While I don’t know anyone in Ukraine, I know many people who have friends or family members that have been impacted by the war. Ukraine has many technology ties around the world. It’s also been a source of cyberattacks, which is why there’s extra concern about what we can do to protect ourselves in case of attack. (Eastern Europe has often been the source of many of the ransomware attacks that occur around the world.)
So what can tech users do to ensure you protect yourself from possible cyberattacks arising from the conflict?