Cyber News Of The Week

Welcome to Infosec K2K’s Weekly News Update! As technology continues to advance, so do the risks associated with it. Every week, we gather the latest news and insights on cyber threats, data breaches, and other essential topics in the world of cyber security.

In The News This Week

The Allianz Risk Barometer has revealed that cyber incidents - including ransomware and data breaches - are considered the top global risk in 2024, accounting for 36% of overall responses. Cyber incidents are now the number one concern in 17 countries around the world, including France, Germany, and the UK. Supply chain disruption is the second-largest threat, followed by natural disasters.

Find out more on Security Magazine : https://www.securitymagazine.com/articles/100326-cyber-incidents-ranked-most-important-risk-globally?

Calvià City Council in Spain suffered a #Ransomware attack this week. The attack, which hit municipal services, prompted the formation of a crisis committee for damage assessment and mitigation planning. While no ransom group claimed responsibility, a local media outlet revealed the €10 million (￡8.5 million) ransom demand. Calvià's mayor, however, confirmed that no ransom payment would be made.

Find out more on BleepingComputer : https://www.bleepingcomputer.com/news/security/majorca-city-calvi-extorted-for-11m-in-ransomware-attack/?

The World Economic Forum (WEF) has reported that global ‘cyber insecurity’ is a major concern this year, with over 80% of surveyed organisations feeling more exposed to cybercrime than they were last year. The WEF’s study has revealed a growing divide between cyber-resilient firms and struggling organisations, with small and medium-sized businesses experiencing a significant decline in cyber resilience.?

Find out more on ITPro : https://www.itpro.com/security/world-economic-forum-warns-of-growing-cyber-insecurity-amid-heightened-threat-landscape?

The British Library's catalogue is back online in ‘read-only’ mode after a #CyberAttack last year by the #Rhysida ransomware gang, believed to be Russian-based. The library faced a month-long shutdown, during which the hackers released data - including personal information - on the dark web. The attack's estimated cost is ￡7 million, and has affected annual payments to around 20,000 authors.?

Find out more on Euronews : https://www.euronews.com/culture/2024/01/16/british-library-puts-catalogue-back-online-after-2023-cyber-attack?

The Stats This Week

94%

In 2023, 94% of businesses faced phishing attacks, according to Egress, a KnowBe4 company ’ Email Security Risk Report 2024 - a 2% increase from the previous year. The top three phishing techniques included malicious URLs, malware and ransomware attachments, and compromised account attacks. The report revealed 95% of cyber security leaders are stressed about email security, and they’re also concerned about AI tools being used? in phishing attacks, with 63% troubled by deepfakes and 61% by AI chatbots.?

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/94-firms-hit-phishing-attacks-2023?

40,000

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency have issued a warning about the #Androxgh0st malware botnet, which is targeting Amazon Web Services (AWS) and 微软 credentials. First detected by Lacework Labs in 2022, the #Botnet controls a network of more than 40,000 devices. Androxgh0st focuses on stealing files containing sensitive data, such as credentials, which they can then use to conduct spam campaigns and deploy malicious tools.?

Find out more on BleepingComputer : https://www.bleepingcomputer.com/news/security/fbi-androxgh0st-malware-botnet-steals-aws-microsoft-credentials/?

178,000?

Over 178,000 SonicWall next-generation firewalls are potentially vulnerable to two denial-of-service (DoS) #Vulnerabilities, with the potential for remote code execution (RCE) attacks. BishopFox's research has revealed two vulnerabilities that can result in #DoS and firewall crashes. The impact of #RCE attacks could be severe, disrupting network access, and organisations are advised to test and secure vulnerable devices promptly.

Find out more on ITPro : https://www.itpro.com/security/almost-180000-sonicwall-firewall-devices-are-vulnerable-to-dos-and-possible-rce-attacks?

Thoughts from Infosec K2K

Recent research from both Allianz and the World Economic Forum has highlighted the fact that more and more people are concerned about cyber security threats. The WEF's Global Cybersecurity Outlook 2024 report revealed that over eight in ten organisations now feel more exposed to cybercrime than they did in 2023. It’s clear to see that because of the heightened cyber threat landscape, businesses (regardless of their size) should be prioritising stronger cyber security measures these days.?

With cyber criminals increasingly turning to more advanced tools such as generative AI-driven phishing and deep fakes, businesses need to stay ahead of these emerging threats. One of the critical challenges highlighted in the WEF’s report is the widening gap in cyber resilience. Large enterprises have shown notable gains in cyber resilience, while small and medium-sized businesses are facing significant declines. By implementing robust cyber security solutions, however, businesses can adapt to these emerging challenges.

Cyber threats are becoming increasingly complex, but Identity and Access Management (IAM) solutions are a crucial component of any comprehensive cyber security strategy. At Infosec K2K, the #IAM solutions that we offer can ensure only authorised individuals have access to your most sensitive data and systems. Even as cyber threats become increasingly sophisticated, we can help your business become more cyber resilient, and bolster your cyber defences.

Read the WEF’s new report here: https://www.weforum.org/publications/global-cybersecurity-outlook-2024/?

—

Got questions about this week’s news? We’re here to help! Learn how best to bolster your cyber security defences by getting in touch with our expert team at Infosec K2K.?

Stay updated on all things #CyberSecurityNews when you subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!