The complexity of technology is ever-increasing and the number of breaches (and the cost of dealing with them) is growing right along with it. Governments are cracking down and turning cybersecurity from nice to have to absolutely mandatory. In response, organizations across industries are taking a more serious look at their security posture and, with that, the need to perform thorough vulnerability assessments.
Top tips is a weekly column where we highlight what’s trending in the tech world today and list out ways to explore these trends. This week we’re looking at five steps every organization should take to prevent cyberattacks and keep their data secure. The recent ransomware attacks on MGM Resorts in Las Vegas and Marriott Hotels have shown that we must be better prepared to identify and prevent phishing attacks.
Scalper bots have had a busy year snatching and reselling Yeezy trainers, as adidas exhaust their final existing stock. This resulted in the Yeezy Slide Onyx topping the Netacea Quarterly Index of most-scalped items in Q2 of 2023.
Trustwave has achieved two highly sought-after achievements from Microsoft, reaching Microsoft Verified Managed Extended Detection and Response (MXDR) Solution status and becoming a FastTrack Ready Partner for Microsoft 365. These achievements will allow Trustwave to utilize the skills of its elite SpiderLabs team to better secure clients and deeper security solutions and integration with Microsoft Sentinel and Defender.
Welcome back to the final part of my blog series on taking Power Platform security and governance to the next level. In Part 2 (which you can read here), I dove into essential strategies for securing and governing Power Platform environments. Today, I’ll encourage everyone to push the envelope further by exploring advanced techniques to establish good hygiene for citizen development, maintain audit logs, implement automation playbooks, and provide ongoing education for builders and makers.
Many threat actors tend to gravitate towards using some type of remote access trojan (RAT) in their campaigns. RATs are a type of malware that is designed to allow the attacker to have control over an infected device. RATs are a popular choice for hackers to use due to their many capabilities from reconnaissance and data exfiltration to long-term persistence. Throughout the last couple of months, a new Android banking trojan has been making headlines.
Read also: Ukraine and Germany hunt for DoppelPaymer ransomware actors, a Nigerian scammer faces up to 20 years in prison, and more.
Penn State University is in hot water again for legal and compliance violations. This time, the activities in question are related to the university’s claim to be compliant under NIST SP 800-171, as required by Executive Order 13556 (2019). As a contractor and partner of the U.S. Government, Penn State is required to implement a minimum set of security controls around Controlled Unclassified Information (CUI) it collects, creates, or handles as part of its partnership with the government.
When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.” As any infosec professional working for a financial institution can tell you, loads of cybercriminals will likely agree with that sentiment. Banks and similar organizations are no stranger to cyber threats.
