Cybersecurity Digest #79: 11/07/2023 – 25/07/2023

Cybersecurity news

Cybersecurity Blog Posts

Research and analytics

  • An independent review of the IPA cited a theoretical example where metadata could be used to search for “devices simultaneously connecting to legitimate banking applications and to malicious control points”. This would indicate potential fraud taking place, and tipping off law enforcement or the bank could potentially disrupt crime in progress.
  • Group-IB has  published Digital Risk Trends 2023, a comprehensive analysis of the world’s two most common cyber threats: scams and phishing. According to research, the average number of scam resources created per brand across all regions and industries more than doubled year-on-year in 2022, up 162%. Additionally, the total number of scam pages detected by Group-IB in 2022 was more than three times higher than in 2021.
  • The SpyCloud report revealed security leaders are concerned about attacks that leverage malware-exfiltrated authentication data, with more than half (53%) expressing extreme concern and less than 1% admitting they weren’t concerned at all. However, many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively mitigate follow-on attacks – with 98% indicating better visibility into at-risk applications would significantly improve their security posture.
  • Thales  released Thales Cloud Security Study, which found that more than a third (39%) of businesses have experienced a data breach in their cloud environment last year, an increase on the 35% reported in 2022. In addition, human error was reported as the leading cause of cloud data breaches by over half (55%) of those surveyed. Three quarters (75%) of businesses said that more than 40% of data stored in the cloud is classified as sensitive, compared to 49% of businesses this time last year.
  • The Identity Theft Resource Center released its U.S. data breach findings for the first half (H1) of 2023. According to the H1 2023 Data Breach Report, there were 951 publicly-reported data compromises in the quarter, a 114 percent increase compared to the previous quarter (445 compromises). It is the most breaches the ITRC has tracked in a single quarter.

Major Cyber Incidents