433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Nudge Security launches SaaS attack surface management capabilities

Organizations face an average of six breaches in their SaaS supply chain every year, according to new data published by Nudge Security. With threat actors like Lapsus$ exploiting this modern attack surface, securing it has become a top cybersecurity priority and was the subject of a recent executive order. In fact, by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021, according to Gartner. To … More → The post Nudge Security launches SaaS attack surface management capabilities appeared first on Help Net Security.
http://news.poseidon-us.com/SjsDqj

Backdoor deployment overtakes ransomware as top attacker action

Deployment of backdoors on networks was the top action attackers made in almost a quarter of all incidents remediated in 2022. A spike in the use of the multi-purpose Emotet malware early in the year was the main culprit of this increase, accounting for 47% of backdoors deployed throughout the year, according to IBM Security X-Force Threat Intelligence Index. “Increased backdoor deployment may also be due to the amount of money this kind of access can generate on the dark web. Compromised corporate network access from an initial access broker typically sells for several thousands of US dollars,” stated the report. To read this article in full, please click here
http://news.poseidon-us.com/SjppBg

What is Traffic Light Protocol? Here’s how it supports CISOs in sharing threat data

Traffic Light Protocol (TLP) was created to facilitate greater sharing of potentially sensitive threat information within an organization or business and to enable more effective collaboration among security defenders, system administrators, security managers, and researchers. TLP grew out of efforts by various public-sector security incident response teams of various nations that began sharing security alerts. The protocol was developed so that recipients of threat data could assess its sensitivity and determine how to share it with others, without giving any aid to the bad actors, revealing personal data, or running afoul of data privacy regulations. To read this article in full, please click here
http://news.poseidon-us.com/SjpRvK

Resecurity warns about cyber-attacks on data center service providers

Resecurity warns about the increase of malicious cyber activity targeting data center service providers globally. According to the detailed report recently released by the California-based cybersecurity company, during September 2021, Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. Such organizations act as a critical part of the enterprise supply chain and become a juicy target for nation-state, criminal and cyberespionage groups. The details about this activity have been … More → The post Resecurity warns about cyber-attacks on data center service providers appeared first on Help Net Security.
http://news.poseidon-us.com/Sjp1lf

DNA Diagnostic Center fined $400,000 for 2021 data breach

DNA Diagnostics Center, a DNA testing company, will pay a penalty of $400,000 to the attorneys general of Pennsylvania and Ohio for a data breach in 2021 that affected 2.1 million individuals nationwide, according to a settlement deal with the states’ attorneys general.  The company will also be required to implement improvements to its data security, including updating the asset inventory of its entire network and disabling or removing any assets identified that are not necessary for any legitimate business purpose. To read this article in full, please click here
http://news.poseidon-us.com/Sjld9j

Why CISOs change jobs

Being a CISO is a hard job. You must constantly balance business, technology, and regulatory requirements against things like employee and adversary behavior. You can be a superstar, build a world-class cybersecurity program, and follow best practices, providing exceptional protection for the organization. Despite this excellence, a single employee can click on a malicious web link, share a password, or misconfigure an asset, leading directly to a successful cyberattack. When this happens, it’s your fault. Yup, CISOs have heavy responsibilities. How are they dealing with this burden? Not very well, according to research from ESG and the information systems security association (ISSA). The data reveal that 57% of cybersecurity professionals believe their organization’s CISO is only somewhat effective, not very effective, or not at all effective. To read this article in full, please click here
http://news.poseidon-us.com/SjlPpQ