Cybersecurity Digest #44: 21/02/2022 – 04/03/2022

24/06/2024

Cybersecurity Digest #44: 21/02/2022 – 04/03/2022

Cybersecurity news

Cybersecurity Blog Posts

  • “If you’re not measuring something, you can’t manage it”, – CIS experts explained how configuration assessments help improve cyber defenses.
  • Kasey Cross and Paul Kaspian discussed the role of SOC in creating a zero-trust enterprise. Although SOC is an important element of Zero Trust, organizations should think about how to implement innovations such as automation, analytics and machine learning to increase its effectiveness.
  • Anton Chuvakin released the third post on the XDR topic. His journey to XDR clarity has led him back to SIEM, SOAR and EDR. Specifically, one vision of XDR is that of consolidation married to simplification. Or, as he said, XDR as an integrated platform of minimized components.

Research and analytics

  • Code42 Software published 2022 Data Exposure Report. They surveyed 700 respondents – senior business leaders, senior cybersecurity leaders and cybersecurity practitioners – from US companies with 500 or more employees from a range of public and private sectors. As a result, it was found out that cybersecurity teams face unprecedented challenges when it comes to protecting confidential corporate data.
  • Neustar Security Services released Cyber Threats & Trends Report: Defending Against A New Cybercrime Economy. The company stated that it had fixed an unprecedented number of carpet-bombing attacks in 2021. Neustar mitigated a 1.3 Tbps attack in November 2021. While the timing of this attack may have been a coincidence, the fact is that it occurred during the beginning of the holiday season.
  • Ivanti released Ransomware Spotlight Year End 2021 Report. They identified 32 new families in 2021, clocking a 25.6% increase in the overall family count. With 157 ransomware families exploiting the 288 vulnerabilities, ransomware groups are poised to wage rampant attacks in the coming years.
  • Fortinet presented the semi-annual FortiGuard Labs Global Threat Landscape Report. Threat analytics for the second half of 2021 shows an increase in automation and the speed of attacks, demonstrating more advanced and persistent cybercrime strategies that are becoming more destructive and unpredictable.
  • Proofpoint released annual report 2021 State of the Phish. It examines in detail the awareness of users about phishing, vulnerability and resilience. The report shows that attackers were more active in 2021 than in 2020, with 78% of organizations facing email-based ransomware attacks, and 77% with corporate email compromise attacks.
  • According to report by The Brainy Insights global security and vulnerability management market is expected to reach USD 15.86 billion by 2030, at a CAGR of 9% from 2021 to 2030. Defending against a continuous information security breach is a challenge for businesses of all sizes. Security professionals are projected to remain ahead of the threats by using technology, policies, and procedures to secure sensitive data and prevent incoming attacks, resulting in market growth.
  • Researchers from the Institute of Applied Artificial Intelligence at Deakin University and the University of Wollongong claim that many of the approaches to protecting against Trojan attacks lag behind the pace of development of attack methods. In their study, the experts proposed two new methods of protection – Variational Input Filtering and Adversarial Input Filtering. Both methods are designed to examine a filter that can detect all Trojans in the model’s input data at runtime.
  • A team of researchers from the US State University of Pennsylvania and Zhejiang and Shandong Universities in China studied the susceptibility to deepfakes of some of the world’s largest face-based authentication systems. As the results of the study showed, most systems are vulnerable to developing new forms of deepfakes.
  • Cryptocurrency usage is growing faster than ever before. Across all cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from 2020’s totals. Such data is provided by analysts of the blockchain platform Chainalysis in The 2022 Crypto Crime Report. Given that roaring adoption, it’s no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase in illicit transaction volume was just 79% — nearly an order of magnitude lower than overall adoption — might be the biggest surprise of all.

Major Cyber Incidents