Threats

The 2021 threat landscape has become more crowded as new adversaries emerge according to the 2022 Global Threat Report released today by CrowdStrike.

CrowdStrike Intelligence is now tracking more than 170 adversaries in total with 21 added last year. Financially motivated eCrime activity continues to dominate with intrusions attributed to eCrime accounting for 49 percent of all observed activity.

New figures released today from cyber exposure company Tenable show that over 40 billion records were exposed in data breach incidents last year, a whopping 78 percent increase over the previous year.

The company's 2021 Threat Landscape Retrospective report is based on analysis of 1,825 incidents publicly disclosed between November 2020 and October 2021. Since many reports didn't include details of the number of records breached the true figure is likely to be far higher.

The key takeaway from October’s Cybersecurity Awareness Month was the urgent need to make security a priority. To do this, many security operations teams are leaning into threat intelligence to understand specifically where and how to focus their efforts to better protect their organizations.

In fact, the SANS 2021 Cyber Threat Intelligence (CTI) Survey found that organizations of all sizes and across all industries are adopting CTI (cyber threat intelligence) programs, reflecting broad-based recognition of the benefits CTI programs can provide. This is quite an evolution from several years ago when CTI was conducted on an ad-hoc basis. 

A new study of 200 IT security decision makers working at organisations with more than 1,000 employees in the UK reveals that 89 percent think traditional approaches don't protect against modern threats.

The report from threat detection and response company Vectra also finds that 76 percent say they have bought tools that failed to live up to their promise, the top three reasons being poor integration, failure to detect modern attacks, and lack of visibility.

A new report shows that 86 percent of organizations believe they follow best practices for security hygiene and posture management, though they may not actually be doing so.

The report, created for asset management and governance company JupiterOne by Enterprise Strategy Group (ESG), finds that 73 percent of security professionals admit that they still depend on spreadsheets to manage security hygiene and posture at their organizations.

Energy organizations provide infrastructure that's essential for the safety and well being of society, but recent events like the Colonial Pipeline breach demonstrate that the industry is particularly vulnerable to cyberattacks.

A new report on energy industry threats finds that 20 percent of energy employees have been exposed to a mobile phishing attack in the first half of 2021, a 161 percent increase from the second half of 2020.

Global losses from cybercrime now total more than $1 trillion, recent figures indicate, meaning that every business now must implement an effective threat hunting program has to protect its data security -- and long-term future. Establishing a threat hunting program from scratch may seem daunting, but it doesn’t have to be. Like so many things in life, the hardest part is taking the first step.

Even on a tight budget, numerous tools -- with SIEM, logs, and analytics -- can help security professionals start a robust threat hunting program. Below are the three main steps involved:

High volumes of threats and shortages of skilled staff can lead to security teams becoming overwhelmed and this has led many companies to turn to professional and managed services.

Network detection and response (NDR) specialist ExtraHop is launching an expansion of its expanded Reveal(x) Advisor service that provides threat detection and hunting capabilities alongside network assurance analysis.

Cybersecurity company ESET has released new research into FamousSparrow, a cyberespionage group attacking hotels worldwide, as well as governments, international organizations, engineering companies and law firms.

The Advanced Persistent Threat (APT) group FamousSparrow has been exploiting the Microsoft Exchange vulnerability known as ProxyLogon, which allows hackers to take control of Exchange servers.

Despite a marked increase in concerns around malware attacks and third-party risk, only eight percent of organizations with web applications for file uploads have fully implemented the best practices for file upload security.

This is among the findings of the latest Web Application Security Report from critical infrastructure protection specialist OPSWAT.

The latest analysis of phishing data from the Cyren Incident and Response team shows that 88 percent of evasive threats were detected using real-time techniques like machine learning.

Of the remainder six percent were found with proprietary threat intelligence or readily matched patterns from previous attacks, and the remaining six percent were suspicious messages that required human analysis to confirm the detection.

Half of attacks on organizations that caused severe business disruption were by repeat offenders, according to a new study carried out by Ponemon for threat intelligence firm Team Cymru.

What's more, 61 percent of the victims of these attacks say they were unable to remediate these compromises, leaving critical systems and data at risk.

Threat modeling is a top priority in 2021 according to 79 percent of respondents to a new survey, yet many organizations are still falling short in taking action or updating their approach.

The research from Balanced Development Automation (BDA) platform Security Compass shows that traditional threat modeling practices are historically slow, and hinder an organization’s goals of getting applications to market quickly.

After scrutinizing numerous cybersecurity strategies in this book, Tim Rains, Microsoft’s former Global Chief Security Advisor, helps you understand the efficacy of popular cybersecurity strategies and more.

Cybersecurity Threats, Malware Trends, and Strategies offers an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.

Cyberattacks are happening more frequently and with greater sophistication. As a result, rapid threat detection and response is critical to finding threat actors and minimizing their impact on the enterprise. This task is easier said than done. Information security teams are understaffed and the digital infrastructures they must protect continue to increase in complexity. Time is also of the essence.

Every passing second dangerously prolongs a threat actor’s presence within the network, creating additional backdoors, pilfering critical data and assets, and increasing their chances of absconding with the crown jewels. In those especially urgent moments, when the security team is literally all hands-on deck, there isn’t time to run queries through a number of different tools and wait for results to come back. Security teams need real-time insights they can act upon quickly.