So, you’re a ransomware gang and you want to ensure that you have caught the attention of your latest corporate victim. You could simply drop your ransom note onto the desktop of infected computers, informing the firm that their files have been encrypted. Too dull? You could lock infected PCs and display a ghoulish skull on a bright red background (most ransomware seems to insist upon using a shade of red.

The use of publicly accessible MQTT brokers is prevalent across numerous verticals and technology fields. I was able to identify systems related to energy production, hospitality, finance, healthcare, pharmaceutical manufacturing, building management, surveillance, workplace safety, vehicle fleet management, shipping, construction, natural resource management, agriculture, smart homes and far more.

One significant negative implication of technology’s continual evolution is proportional advancement in nefarious internet activities, particularly cyber attacks. The past few years have seen a rising sophistication in cyber attacks at levels never experienced before. The worst fact is that attacks will likely only continue to get more advanced. To fight them, enterprises need to be armed with greater security tools. Legacy approaches to cybersecurity no longer cut it.

Digital attack attempts in industrial environments are on the rise. In February 2020, IBM X-Force reported that it had observed a 2,000% increase in the attempts by threat actors to target Industrial Control Systems (ICS) and Operational Technology (OT) assets between 2018 and 2010. This surge eclipsed the total number of attacks against organizations’ industrial environments that had occurred over the previous three years combined.

The coronavirus 2019 (COVID-19) pandemic shifted the cybersecurity landscape. According to a PR Newswire release, the FBI tracked as many as 4,000 digital attack attempts a day during the pandemic. That’s 400% more than what it was prior to the pandemic. In response to these attacks, 70% of CISOs told McKinsey that they believed their security budgets would shrink by the end of 2020 but that they’d be asking for significant increases in 2021.

Compliance is very important to any organization. Organizations have many standards to choose from including PCI, CIS, NIST and so on. Oftentimes, there are also multiple regulations that are applicable in any country. So, organizations need to commit some time and resources in order to apply security standards and achieve compliance. Even so, organizations encounter challenges when it comes to maintaining their compliance with security controls for their workflows, processes and policies.

Recently, the Securities and Exchange Commission’s exam division issued a Risk Alert (the “Alert”) where it carried out several targeted cybersecurity investigations. The agency is now concerned with how there’s been an increase in a specific type of hack known as “credential stuffing.“ This cyberattack involves using stolen credentials to log into web-based systems and issue the unauthorized transfer of client funds.

An undisclosed number of customers of outdoor clothing retailer The North Face have had their passwords reset by the company, following a credential-stuffing attack. The company has revealed that on October 9, 2020, it became aware that hackers had used usernames and passwords stolen from a third-party website to gain unauthorised access to customer accounts.

The number of successful ransomware attacks on the education sector increased 388% in the third quarter of 2020. According to Emsisoft, the education sector reported 31 ransomware incidents in Q3 2020. That’s a 388% increase over the 8 incidents that occurred in the previous quarter. Nine of the 31 ransomware attacks disclosed in the third quarter of the year involved data exfiltration, a tactic which has become common with ransomware gangs over the past year.

One of the major improvements that the avionics industry is undergoing is an Internet of Things (IoT) upgrade. And this is inevitably affecting how airlines approach aircraft safety. From the beginning, safety has been paramount to the aviation industry. But while it is a welcome innovation, the incorporation of IoT devices in aircraft comes with attendant challenges that are not unrelated to cybersecurity risks. Safety for aircraft no longer rests upon physical security.