If you are involved in the cyber security processes, you must have heard of the term threat hunting. In this article, we discussed this rather popular concept in detail. Being one of the buzzing concepts of cyber security, threat hunting has been increasingly popular, but what does it refer to? Do you need it? Should you be doing it? We will answer all these questions in detail.
Photo by BENCE BOROS on Unsplash Welcome to the world of Internet of Things (IoT) and a glimpse into the future. The IoT is where the physical world merges with the digital world. Soon, we expect the world IoT population to outnumber the human population tenfold—perhaps as many as 80 billion connected devices by 2025.
The digital world has become a dangerous place. It’s like the Wild West (the movie kind, not the real kind, which was decidedly less wild than it’s portrayed), with outlaws out to do you harm and make off with your precious data. Fortunately, like any good western, there are also honour-bound gun slingers seeking to bring law, order and – most importantly – security to the digital landscape.
Security sources have found that the European aerospace giant Airbus has been hit by a series of cyberattacks by hackers who targeted the company's suppliers in search of technical secrets, with suspicions the attack is linked to China. Two security sources involved in the investigation claim there have been four major attacks on Airbus within the last 12 months.
Organizations worldwide are grappling with the effects of cybersecurity breaches and its impact on business to enhance enterprise security. Hackers are willing to do what it takes to eavesdrop on vulnerable IT environments to steal intellectual property or sensitive information. They have the skills to infiltrate and break barriers in a highly connected and digitized business environment.
Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until ransom is paid. Ransomware spreads through phishing emails, malvertising, visiting infected websites or by exploiting vulnerabilities. Ransomware attacks cause downtime, data leaks, intellectual property theft and data breaches. Ransom payment amounts range from a few hundred to hundreds of thousands of dollars. Payable in cryptocurrencies like Bitcoin.
An information security policy (ISP) is a set of rules, policies and procedures designed to ensure all users and networks within an organization meet minimum IT security and data protection security requirements. ISPs should address all data, programs, systems, facilities, infrastructure, users, third-parties and fourth-parties of an organization.
An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware designed to infect users’ computers. Researchers at WordFence went public about how hackers are exploiting a zero-day vulnerability in a third-party WordPress plugin called Rich Reviews to inject malvertising code into vulnerable WordPress sites.
Like storytelling, data visualization can be used to provide a narrative about your organization’s cybersecurity posture. Cybersecurity is never a single thing; it is an amalgamation of an often growing list of issues that never seem to end. So in order to make some sense of what it means for the health of your organization, I am combining several metrics to define a singular one—cybersecurity posture—in a visual manner.
