Daily Cyber Insights - Iain Fraser | Accredited Cybersecurity Journalist & Authority Writer

BITSIGHT: Creating Trust in an Insecure World - Report & Research  Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net  Google Indexed on 310323 at 12:40 CET  31st March 2023 Creating Trust in an Insecure World: Strategies for Cybersecurity Leaders in the Age of Increasing Vulnerabilities. Are you overwhelmed by the intricacies of your attack surface? Concerned about the rising risk of vulnerabilities in your and your partners’ digital ecosystems? New BitSight research finds that the average vulnerability remediation rate across organizations is about 5 percent per month, sparking concern that the status quo of exposure and vulnerability management is broken. Moreover, organizations face significant challenges in managing vulnerabilities in their extended, third-party ecosystem, and most security leaders do not have the tools to address these emerging threats. Download the report to gain actionable insights that can help you and your organisat...

COMPLIANCE: What does it take to be Cyber compliant in 2023? - NORDPass By Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 300323 at 12:44 CET via GEO´ Hype Newsroom 31 March 2023 The dynamic and developing threat of cybercrime, the growing complexity of the legislative landscape, and the demand for certifications-based compliance as a means to build trust, keeping up with compliance has never been more challenging for businesses.  In this guide by NordPass examines security compliance. You will learn the fundamentals of data security compliance — including where to start, how to get buy-in from the team, and how to address what’s at the heart of the regulatory measures: cyber risk. • A directory of data compliance standards. • A breakdown of data security fundamentals. • A guide to getting started with top tips informed by experts. • Information on how NordPass Business helps companies to adhere to strict data security Download the Guide | ...

Stay up to date: New Cybercrime Trends in 2023  Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar via IainFRASER.net Google Indexed on 290323 at 12:33 CET 29 March 2023 It’s no secret that attackers are always innovating, and technology is increasingly democratising cybercrime. In this month’s newsletter, dive into helpful information about the latest threats and trends in cyber security and strengthen your organisation's resilience to security risks: Learn more about the rise of AI, the diversification of attack channels, and other trends to watch for in 2023 in this report – and read what Ulrich Irnich, CIO at Vodafone Germany, thinks about the role of security teams in protecting organizations from attacks. Click to Download Cybercrime Trends 2023 About SoSafe Boosting digital self-defense We are the fastest-growing security awareness scale-up worldwide. By putting people first and focusing on behavioural science, we are disrupting the security awareness status-quo....

Cybersecurity 2023: Reinforcing Defences - Netwrix Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 90323 at 12:21 CET Want to stay one step ahead of cyber threats? Learn which cyber risks are most likely to impact organizations in 2023 and the key strategies to manage them by getting your copy of the new Cyber Chief Magazine Despite substantial increases in cybersecurity defences around the globe, 2022 was another year of high-profile cyber-attacks. Moreover, today’s economic and geopolitical uncertainty are adding to the risks that organizations face. In order to adjust to these realities, in 2023, companies will shift their cybersecurity priorities. According to Forrester, at least 10% of budgets will move from transformation to resilience. A key strategy will be understanding the most business-critical security risks. This edition of Cyber Chief Magazine dives into the key trends that will affect organizations of all sizes in 2023 and s...

NCA infiltrates cyber crime market with disguised DDoS sites Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar via IainFRASER.net Google Indexed on 290323 at 11:39 CET The National Crime Agency (NCA) has revealed that it has infiltrated the online criminal marketplace by setting up a number of sites purporting to offer DDoS-for-hire services. The announcement comes after the Agency chose to identify one of the sites currently being run by officers as part of a sustained programme of activity to disrupt and undermine DDoS as a criminal service. Distributed Denial of Service (DDoS) attacks, which are designed to overwhelm websites and force them offline, are illegal in the UK under the Computer Misuse Act 1990. DDoS-for-hire or ‘booter’ services allow users to set up accounts and order DDoS attacks in a matter of minutes. Such attacks have the potential to cause significant harm to businesses and critical national infrastructure, and often prevent people from accessing essent...

ChatGPT - The impact of Large Language Models on Law Enforcement - Europol Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar via IainFRASER.net Google Indexed on 280323 at 10:10 CET 28th Mar 2023  ChatGPT - the impact of Large Language Models on Law Enforcement  Large Language Models (LLMs) such as ChatGPT are undergoing rapid advances and have now entered the mainstream. This marks a significant step forward for machine learning, as it shows its ability to handle both mundane tasks and complex creative tasks. The developments with LLMs hold potential implications for all industries, including criminal ones. So what does this mean for law enforcement? In response to the growing public attention given to ChatGPT, the Europol Innovation Lab organised a number of workshops with subject matter experts from across the organisation to explore how criminals can abuse LLMs, as well as how it may assist investigators in their daily work. This Tech Watch Flash report analyse...

The average cost of a Cyber Attack is £3,080 - According to Government Body NCSC By Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 230323 at 12:57 CET According to the NCSC the average cost of a Cyber Attack on a small business is £3,080.  Using the link below both Small Businesses and Families/Individuals can get a free personalised Cyber Action Plan. By answering a few simple questions about your online practices the NCSC plan will detail the mistakes you may be making in your overall Cybersecurity protocols and will highlight what you need to do right now to protect against Cyber attacks. Don´t procrastinate - Investigate! Learn More /... Image Credit: Christiaan Colen

The Best & Worst States in America for Online Privacy (2023 Update) Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 230323 at 12:16 CET 23rd March 2023 How Online Privacy Laws Stack Up Across the United States Cybercrime in the US is expected to cost $10 trillion by 2025. In response to this and other factors, such as the increase in remote working and the Cyberwar with Russia, the US has passed an increasing amount of cybersecurity legislation. Your privacy is also under attack from within the US. In early 2023, Louisiana passed a law mandating online ID verification without giving much thought to the privacy implications for individuals. And with this kind of initiative quickly spreading to other US states, citizens should keep close tabs on legislation that impacts their privacy and rights. Let’s take a look at what the US is currently doing on federal and state levels to protect your online privacy. I’ll also show you which states ...

CYBER THREAT: Russian Hacktivists increasingly targeting Hospitals - Analysis By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed as Google Scholar on 200323 at 12:21 CET CYBER THREAT: Russian Hacktivists increasingly targeting Hospitals - Analysis There are mounting reports that Russian Hacktivists are increasingly targeting Hospitals and Government Departments globally. Cybersecurity researchers said this week that they have observed the pro-Russia hacking group known as KillNet increasingly launch distributed denial of service (DDoS) attacks targeting healthcare organizations since November. KillNet and affiliate hacktivist group appeared on the Cyber threat-map soon after Russia’s illegal invasion of Ukraine in February 2022, and specialises in DDoS attacks against Government Departments, Blue-chip Corporates and lately Hospitals. Learn More - Register Free to receive the full story & my full analysis direct to your inbox or smart device. About Iain...

UK Cyber Week 2023 - Where UK Businesses fight back against cyber crime Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 160323 at 12:59 CET 15th March 2023 UK Cyber Week 2023 - 4th-5th April 2023 Business Design Centre - Islington, London We are all in this together, but we believe there is a knowledge gap between the expertise of the cyber community and UK businesses leaders. We want to close that gap. Everyone has their part to play – policymakers, businesses, cyber professionals, IT departments, cyber vendors, software developers, law enforcement, media and educators. Join the community fighting back at UK Cyber Week. We’re bringing everyone together to level up UK cyber security, demystify jargon, share the latest thinking and learn from truly world-class experts. Our promise is that everyone, no matter how much or how little expertise they have, leaves knowing more and is better equipped. UK Cyber Week 2023 - 4th-5th April 2023 Busine...

Two Men Charged for Breaching Federal Law Enforcement Database and Posing as Police Officers to Defraud Social Media Companies Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 160323 at 11:11 CET 15th March 2023 According to the United States Attorney´s Office two men have been charged for Breaching Federal Law Enforcement Database and Posing as Police Officers to Defraud Social Media Companies. The Defendants Allegedly Used Compromised Law Enforcement Passwords and Foreign Government Email Accounts to Obtain Victims’ Personal Information and Threatened Victims with Release of that Information A criminal complaint was unsealed today in federal court in Brooklyn charging Sagar Steven Singh and Nicholas Ceraolo with wire fraud and conspiracy to commit computer intrusions.  The charges stem from Singh’s and Ceraolo’s efforts to extort victims by threatening to release their personal information online.  Singh was arrested this morning...

Cryptocurrency Exchange Exposed Sensitive Customer Records Online By: Jeremiah Fowler - co-founder of Security Discovery. Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 160323 at 10:27 CET March 15, 2023 Cybersecurity Researcher, Jeremiah Fowler, has recently reported a discovery of a non password-protected database to WebsitePlanet that contained records relating to a cryptocurrency sales platform. The records included customer names, bank account numbers, purchase and sales records, and more. Upon further research I identified that the database belonged to Fiatusdt.com that provides an online exchange currency platform for buying and selling cryptocurrency. A responsible disclosure notice was immediately sent to the company and the database was correspondingly secured from public access. According to Fiatusdt.com’s website: An online currency exchange, or electronic Forex exchange, is an internet-based platform that facilitates the exc...

National Protective Security Authority created to counter threat posed by State Actors Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 150323 at 14:49 CET 14th March 2022 The UK Government has announced the launch the NPSA (National Protective Security Authority) to counter the threat posed by so called State Actors Unlike the NCSC (National Cyber Security Centre) which is an integral part of GCHQ the NPSA (National Protective Security Authority is part of MI5  and will increase the UK’s resilience to state threats as well as terrorism, and will play an important part in strengthening our country’s economic security. State-sponsored attempts at stealing sensitive research and information can undermine UK businesses and harm our country’s competitiveness on the world stage. As part of the Integrated Review Refresh , the government has  announced the creation of the National Protective Security Authority (NPSA)  to help busine...

WEBINAR: Ensure the performance of security controls across the organisation Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 150323 at 13:01 CET Mar 22 2023, 12:30pm CET (Duration: 30 mins)   As organizations expand their digital footprint, they face a more complex set of challenges, given the growing number of cybersecurity threats and the volume of attacks that appear daily in the news.   This creates the need for superior cybersecurity risk management that can help them in this increasingly difficult mission to manage their cyber risk posture. However, they can focus on innovating and driving business growth by doing so more effectively.    Cyber risk management is key to helping you dramatically improve your cybersecurity program, thus working as an enabler of growth and competitive differentiation among your organisations industry peers. However, it requires the use of the right tools to make it less complex and mor...

The Cyber Threat Landscape for 2023 - Threat Analysis Posted By: Iain Fraser  - Cybersecurity Journalist Gibraltar www.IainFRASER.net Google Indexed on 140323 at 15:59 CET 14th March 2023 A recent paper issued by Gartne r has gone some way to predict Cybersecurity Focus for 2023. I think this is a brave call to effectively "predict" future Threat trends in the ever fluid Cybersecurity industry, so I have thoroughly examined the article and have gone some to analyse their Threat profile. My findings are that Gartner are more in touch with the current and developing Threat landscape than may of their peers who have not gone far enough to explain the omni- present threat facing businesses as we sweep into 2023. The Gartner paper - Predicts 2023: Cybersecurity Industry Focuses on the Human Deal. Constructed brilliantly by lead Deepti Gopal with Leigh McMullen opens with the fact that Organisations in the past have developed their cybersecurity program to address the ebbs and flow...

How vulnerable is the UK? - National Cyber Security Centre Syndicated By: Iain Fraser - Cybersecurity Journalist - Gibraltar IainFRASER.net Google Indexed on 090323 at 14:22 CET March 9, 2023 The first step towards effective, sustainable, cyber defence is to understand the threats you face. But when you’re talking about an entire country, this challenge becomes monumental.   The National Cyber Security Centre (NCSC) is building an accurate picture of the nation’s cyber security status. At this year’s CYBERUK event in Belfast, 19-20 April , technical experts from the NCSC will lay out the data-driven approach they’ve been taking to mapping the UK’s vulnerabilities.   This research will guide future tactical and strategic interventions. Find out how the picture is being built, what work is still to be done, and the insights which have already been gleaned. If you’re interested in the direction of travel for cyber in the UK, then this is a talk you need to hear. Learn ...

PHISHING: The 2023 State of the Phish Report - Proofpoint Syndicated By Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net Google Indexed on  070323 at 15:51 CET 7th March 2023 Proofpoint releases its annual State of the Phish report   Every year, threat actors look for new tactics to outwit victims and bypass defences; 2022 was no different. As businesses rolled out new security controls, cyber criminals found new, sophisticated ways to attack people.  One of ECSO 's newest Members,  Proofpoint, has released its ninth annual State of the Phish report, where they dive deep into complex new techniques that give attackers a new advantage.  Download the Full Report Here /... Here are a few highlights: 44% of people think an email is safe when it contains familiar branding BUT more than 30 million malicious messages sent in 2022 involved Microsoft branding or products. 300k-400k telephone-oriented attack delivery attempts were made daily, with a pe...

EUROPOL: Germany and Ukraine hit two high-value ransomware targets  Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 070323 at 12:23 CET 7th March 2023  On 28 February 2023, the German Regional Police (Landeskriminalamt Nordrhein-Westfalen) and the Ukrainian National Police (Націона́льна полі́ція Украї́ни), with support from Europol, the Dutch Police (Politie) and the United States Federal Bureau of Investigations, targeted suspected core members of the criminal group responsible for carrying out large-scale Cyberattacks with the DoppelPaymer ransomware.  This ransomware appeared in 2019, when cybercriminals started using it to launch attacks against organisations and critical infrastructure and industries. Based on the BitPaymer ransomware and part of the Dridex malware family, DoppelPaymer used a unique tool capable of compromising defence mechanisms by terminating the security-related process of the attacked systems. The Do...