top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #21 - November 21, 2022

Feds Alert Healthcare, Other Sectors of Growing Hive Threats

Source: Data Breach Today

CISA, FBI and HHS Provide Lists of Latest IoCs and TTPs Identified. U.S. federal authorities are warning critical infrastructure sectors including healthcare to be on the lookout for indicators of Hive ransomware. As of this month, Hive actors - who follow a Ransomware-as-a-Service model - have hit more than 1,300 companies worldwide, collecting about $100 million in ransom payments, says a Thursday joint alert from the Cybersecurity and Infrastructure Security Agency, the FBI and the Department of Health and Human Services.




Insider threats accounted for more than a third of unauthorized access incidents in Q3

Source: SC Media

The pandemic saw a great number of employees seeking new opportunities as the workforce shifted to remote and hybrid models. The threat of insider risk, however, also increased along with the so-called “Great Resignation” of 2021 and 2022. According to a report by security risk management firm Kroll, insider threats peaked to its highest quarterly level to date in Q3 of 2022, accounting for nearly 35% of all unauthorized access threat incidents.




Many financial institutions say their own IT staffs pose the biggest risk to cloud security

Source: SC Media

Netwrix on Tuesday reported that 44% of financial institutions responding to its cloud security survey say their own IT staffs pose the biggest risk to data security in the cloud. A follow-on to a report released earlier this year, this deep dive into the financial sector also found that 32% of financial organizations experienced accidental data leakage compared to the average of 25% in other verticals.




Twitter Two-Factor Authentication Has a Vulnerability

Source: Info Risk Today

Security researchers warn that multifactor authentication on Twitter contains a vulnerability allowing potential account takeover. A researcher contacted Information Security Media Group on condition of anonymity to reveal that texting "STOP" to the Twitter verification service results in the service turning off SMS two-factor authentication.




Seven deadly sins hiding in the company’s attack surface

Source: SC Media

Much like the world has changed around us, an organization’s attack surface looks different today than it did in the past. Organizational attack surfaces were once well-defined and internally-focused on each organization’s physical network. Digital transformation, innovation, and the passing of time have changed this. Today, interactions between employees, customers, stakeholders, and the organization are taking place online via web-based SaaS apps and cloud services.



114 views

Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page