Contemporary organizations understand the importance of data and its impact on improving interactions with customers, offering quality products or services, and building loyalty. Data is fundamental to business success. It allows companies to make the right decisions at the right time and deliver the high-quality, personalized products and services that customers expect. There … [Read more...] about How GRC protects the value of organizations — A simple guide to data quality and integrity
organizations
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability's long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater (aka Cobalt Ulster, Mercury, Seedworm, or Static Kitten), which is linked to the Iranian … [Read more...] about Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations
The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts. The activity has been condemned 0ktapus by Group-IB because the initial goal of the attacks was to "obtain Okta identity credentials and two-factor authentication … [Read more...] about Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations
Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations
Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication (MFA). "The attackers then used the stolen credentials and session cookies to access affected users' mailboxes and perform follow-on business email … [Read more...] about Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations
North Korean Maui Ransomware Actively Targeting U.S. Healthcare Organizations
In a new joint cybersecurity advisory, U.S. cybersecurity and intelligence agencies have warned about the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021. "North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including … [Read more...] about North Korean Maui Ransomware Actively Targeting U.S. Healthcare Organizations
How Cisco Duo Is Simplifying Secure Access for Organizations Around the World
At Cisco Duo, we continually strive to enhance our products to make it easy for security practitioners to apply access policies based on the principles of zero trust. This blog highlights how Duo is achieving that goal by simplifying user and administrator experience and supporting data sovereignty requirements for customers around the world. Read on to get an overview of what … [Read more...] about How Cisco Duo Is Simplifying Secure Access for Organizations Around the World
Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In
India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily … [Read more...] about Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In
How Well-integrated Tech Can Boost Your Organization’s Security
When Cisco created the first earlier this year, five key practices emerged as being most critical to successful security programs. But why are these practices so impactful? And what should security leaders do to implement and maintain them? These questions (and more) have been answered in our newly published . As a part of that study, we’re diving even further into each of … [Read more...] about How Well-integrated Tech Can Boost Your Organization’s Security
Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetration testing tool — codenamed "Vermilion Strike" — marks one of the rare Linux ports, … [Read more...] about Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
Healthcare organizations are a focus of ransomware attacks
The adoption of electronic health records (EHRs) and even faster adoption of wireless medical devices and telemedicine has made patient information more accessible by more people. Over the past year and a half that’s been tremendously beneficial. The shift to remote care and the widespread adoption of EHR solutions by health systems have shaped digital transformation in … [Read more...] about Healthcare organizations are a focus of ransomware attacks