Cyber News of the Week

Welcome to this week's Cyber News Weekly Update! As technology continues to advance, so do the risks associated with it. Every week, we gather the latest news and insights on cyber threats, data breaches, and other essential topics in the world of cyber security.

1. The UK’s National Cyber Security Centre (NCSC) has updated its cyber security guidance for the #LegalSector, in order to help law firms avoid #CyberThreats and reduce the chance of data breaches. The UK’s law sector is worth around ￡44 billion, but last year it was revealed by 普华永道 that the top 100 law firms only spent an average of 0.46% of their fee income on cyber security. The NCSC revealed that nearly 75% of the country’s top law firms had been affected by cyber attacks, with the main threats being #Phishing emails and ransomware.

It’s no surprise that law firms are prime targets for cyber criminals, as they often safeguard highly confidential, commercially sensitive, and personal information. The effects of a breach can be damaging to law firms - as well as the financial cost, it would also affect the firm’s reputation. All firms - especially those in the legal sector need to take steps to protect their sensitive information and ensure their network has adequate protection. At Infosec K2K , we work for clients in a variety of sectors, and can assess your cyber defences for you and alert you to any risks and prevent attacks.

Learn more about the NCSC’s latest report on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/ncsc-cybersecurity-guidance-legal/?

1. Earlier this week, the shipping company 美国联合包裹服务 alerted its customers that some of their personal information had been exposed after a phishing attack. The company revealed that it had been receiving reports of SMS phishing messages that contained the names and addresses of customers around the world. The breach took place between February 2022 and April 2023, although UPS has told customers that it has now implemented measures that are designed to restrict access to users’ sensitive data.

#DataBreaches pose significant dangers, to both individuals and organisations alike. They can result in identity theft, financial losses, reputational damage, and compromised privacy, and the stolen data could then be used for fraud, targeted attacks, or even sold on the dark web, perpetuating a cycle of #CyberCrime. At Infosec K2K , we work closely with our clients, monitoring their networks around the clock for cyber threats. We can eliminate the threats quickly and efficiently, and if the worst happens and you’re hit by a breach, our expert team is trained to respond and deal with any size of attack, thanks to our #CrisisResponse strategies.

Find out more about the data breach on BleepingComputer : https://www.bleepingcomputer.com/news/security/ups-discloses-data-breach-after-exposed-customer-info-used-in-sms-phishing/?

1. The US cyber security firm Armis has revealed in a new study that millions of medical devices in NHS Trust hospitals are vulnerable to #Ransomware attacks. #IoT devices, ranging from security cameras to blood monitors, are either not capable of running security software or have out-of-date versions. Some are totally unmonitored - one in six devices on hospital networks are not monitored for cyber security risks at all. While this study highlights hospitals in England, this problem is affecting hospitals all over the world.

Vulnerability management is crucial in cyber security. It involves identifying, assessing, and mitigating vulnerabilities in computer systems and networks. Regular scanning, patching, and proactive monitoring are essential to prevent exploitation by attackers and ensure the overall security and resilience of an organisation's #DigitalInfrastructure. Our #VulnerabilityManagement at Infosec K2K helps your organisation stay one step ahead of #CyberCriminals, and with #PenetrationTesting, we can ensure your network remains impenetrable.

Learn more about the risks of internet-connected devices in the #HealthcareIndustry on the @Evening Standard: https://www.standard.co.uk/tech/cybersecurity-nhs-trust-hospitals-ransomware-hackers-b1089347.html?

1. The number of ransomware victims grew by 24% last month, according to an analysis from NCC Group ‘s Global Threat Intelligence team. The spike was largely due to 8base, a new ransomware group that specialises in a double #Extortion strategy - although relatively new, the group claimed responsibility for 15% of all ransomware attacks in May. Most victims were in North America, which was the target of 51% of the monitored attacks, while 24% were in Europe.

Cyber threats are constantly evolving, and the number of ransomware attacks has been on the rise in recent years. It’s one of the biggest dangers in the cyber security sector, with criminals encrypting valuable data and rendering it inaccessible until a ransom is paid. Organisations face significant financial losses, operational disruptions, and potential data loss, while individuals suffer from privacy breaches and the coercion of their personal information. Infosec K2K offers a range of solutions to monitor your network for cyber threats like these, including our #SecurityOperationsCentre (#SOC) - with a team of experts based in the UK and India, we offer 24/7 protection.

Learn more about the latest ransomware threats on SDxCentral: https://www.sdxcentral.com/articles/ransomware-victims-spike-24-in-may-as-new-threat-actor-8base-discovered/2023/06/?

1. More than 100,000 login credentials for OpenAI ’s #ChatGPT have been leaked online over the past year according to Group-IB , a Singaporean cyber security firm. The credentials have been sold on the #DarkWeb, and could give malicious actors access to confidential information about individuals and businesses - Group-IB noted that there had been an uptick in the number of people using ChatGPT for work.

By stealing confidential information, cyber criminals could exploit it and undertake further attacks against companies or individual employees. Businesses need to be able to control user access to their company’s critical and private data. As specialists in #IdentityAndAccessManagement at Infosec K2K , we understand the importance of secure #IAM, and can provide your IT teams with all the tools you need to manage the roles and access privileges of your network users, and avoid unauthorised users gaining access.

Read more about the risks of ChatGPT on Cointelegraph : https://cointelegraph.com/news/dark-web-chatgpt-logins-leaked-group-ib-open-ai?

Got questions about this week’s news? We’re here to help! Learn how best to bolster your cyber security defences when you get in touch with our expert team at Infosec K2K.?

Stay updated on all things #CyberSecurityNews when you subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!