Monthly Archives: March 2023

As credential theft-focused phishing attacks continue to assist initial access brokers, new data shows banking fraud continues to be a material threat to individuals and businesses alike.

Despite a lot of focus on phishing and remote access as initial access vectors, new data shows the use of vulnerabilities is not only on the rise, but simply isn’t being properly addressed.

What have all these webinars got in common? They feature women at the top their cybersecurity game. March 8, 2023, is International Women’s Day, a focal point for recognizing the achievements and contributions that women have made to every element of … Read More

Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity … Read More

On International Women’s Day, we look back at the legacy of Rear Admiral Grace Hopper, an innovator and trailblazer in software development and standards for testing computer systems and components.  It would be wrong, as we reach International Women’s Day … Read More

New data shows just how impactful these attacks are, with 98% of victim organizations reporting some form of impact from email-based cyber attacks.

CyberheistNews Vol 13 #10  |   March 7th, 2023 [Eye Opener] BusinessWeek: The Satellite Hack Everyone Is Finally Talking About This week, Bloomberg News pointed at a brand-new article at BusinessWeek, one of their media properties. This is an excellent … Read More

ChatGPT, an artificial intelligence (AI) chatbot created by OpenAI, has risen in popularity since its release last year. Now, cybercriminals are using ChatGPT’s popularity to lure you into phishing scams. In one of these scams, cybercriminals try to trick you … Read More

Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated … Read More

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks.  Study: Gender No Barrier To Participating In … Read More

We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform.  The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a … Read More

Even the world’s most successful organizations have significant weaknesses in their cybersecurity defenses, which determined hackers can exploit at will. There’s even a term for it: Assume Breach.

Despite hearing mostly about BEC attacks in English-speaking countries, analysis of new attack groups highlight the threat of these kinds of attacks in other languages.

Since the goal of ransomware is to initially disrupt operations, the targeting of industrial control systems has been an increasing focus for specific ransomware groups.

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI last week issued a joint advisory on Royal ransomware. Royal is noteworthy for its ability to disable various anti-virus tools in the course of exfiltrating data in its double-extortion … Read More

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.  Threat Advisories and Alerts  NCSC Publishes Guidance … Read More

By Joe Fay China is ‘most active, and most persistent threat’ as government pinpoints need for a bigger and more diverse cybersecurity workforce to meet the long-term challenge.  The Biden administration has unveiled its long-awaited cybersecurity strategy, effectively putting the … Read More

So, today CISA released another ransomware notice. The Cybersecurity and Infrastructure Security Agency is an agency of the United States Department of Homeland Security that is responsible for strengthening cybersecurity and infrastructure protection. 

Financial services businesses are already in the sights of cybercriminals, and understanding how cyberattacks impact this sector specifically can help establish the need for improved preventative measures.

Check out the 24 new pieces of training content added in February, alongside the always fresh content update highlights, events and new features.