Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When someone impersonates you by exploiting your personal information to perpetrate fraud or gain other financial advantages, this is known as identity theft or identity fraud. Your personally identifiable information includes your name, residence address, email ID, login and passwords, Social Security number, driver’s license number, passport number, or bank number.

Getting hold of a set of working login credentials is the simplest way for a cybercriminal to breach any network, which is why employee passwords are so highly sought-after by threat actors. Thanks to cloud computing, smart devices, mobility and the rise of remote work, organizations have more people and devices connecting to their networks, from more locations, than ever before.

As you look back on the state of cybersecurity in 2022 and set your security priorities for 2023, Zero Trust Data Access should top your New Year’s Resolutions list. Zero trust was probably the most talked about security trend last year and for good reason – it is clear no matter how much we layer our defenses hackers, malicious insiders and simple negligence are impossible to eradicate.

It’s estimated that 63.5 percent of the world’s total population—or 5.07 billion people—uses the Internet today, with a projected 30.9 billion devices connected to the Internet by 2025. (This means even more proving to CAPTCHAs that we’re not robots–good luck picking out all the fire hydrants in the grids!) With more people working from home, combined with a greater reliance on cloud services and ecommerce, the potential for cyberattacks has never been higher.

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel. Victims are being targeted by phishing emails that appear to be from Singapore Post or Singtel. In these emails, users were sent messages informing them of fake billing issues or outstanding payments with links to fraudulent websites that asked for their personal information.

Over the winter holidays, Southwest Airlines, one of the U.S.’ largest and most reputable airlines was forced to cancel around 45% of its scheduled flights. It’s difficult to pinpoint the exact reason for this meltdown, but in my opinion this is likely due to outdated infrastructure and IT systems. Other airlines also had to deal with bad weather and holiday traffic, but were not faced with the same level of disruption.

It’s rare that a week goes by without at least one data breach making the news. Criminals are targeting companies of all sizes to see if they can slip past their digital defenses and steal confidential data.

Every year, millions of people make New Year’s resolutions, both personally and professionally, and we all know how difficult resolutions can be to keep. One of the top workplace resolutions cybersecurity professionals are making this year is to pursue security automation initiatives.

Another year, another reshaping of the never-boring and constantly evolving world of online crime. Old favorites like phishing, MITM attacks, and, of course, ransomware carried on strong while new variations and tricky workarounds continued to develop. For our final monthly cyber attack roundup of the calendar year, let’s take a look at four cases that stood out for the versatility of their executions, the escalation of their tactics, and/or the aggressiveness of their perpetrators.

I am often struck by the similarities in the skill set required for both parenting and cybersecurity. With children—as with employees—it is much easier to keep everyone safe if you have a little bit of visibility into what’s actually going on. The hardest child to parent effectively is one who shuts themselves away in their bedroom, operating in isolation and giving no clues as to the risks they may be exposing themselves to.