WEEK IN HEADLINES
REGULATIONS - Lawmakers Advocate for Enhanced Reporting Regulations
- SUMMARY: Some Florida lawmakers are pushing for stronger data breach reporting regulations. They argue that quicker reporting is essential to mitigate the impact of data breaches on consumers. The proposed regulations aim to ensure that companies promptly inform affected individuals and authorities about breaches, enhancing consumer protection and trust.
- INSIGHT: If your company (in any state) collects data about your customers and doesn't already categorize and encrypt that data, you should look into how you'll accomplish this. There is growing pressure to require companies to protect consumer data and privacy.
GOVERNMENT - Government Hit by Major Cyber Attack
- SUMMARY: There are reports of a significant cyber-attack on the Mexican government, resulting in the exfiltration of 313GB of sensitive data. The breach, attributed to inadequate cybersecurity measures, highlights the urgent need for enhanced data protection protocols within government agencies. The incident underscores the vulnerabilities in current systems and the critical importance of robust cybersecurity defenses to safeguard national information.
- INSIGHT: There are reports that this was the result of insufficient cybersecurity measures. At the very least (especially for a government at any level) this is where advanced encryption standards are required when you're exchanging, passing through, or holding sensitive data.? And, while you're at it, consider NIST Post Quantum Cryptography standards.
RANSOMWARE - New Attack Exploits Memory Forensics to Evade Detection
- SUMMARY: The emergence of Ymir ransomware, which leverages advanced memory forensics techniques to bypass traditional security measures. This sophisticated malware targets critical systems, making it difficult for conventional antivirus solutions to detect and mitigate the threat. The incident is an example of the need for enhanced cybersecurity strategies because of evolving ransomware tactics.
- INSIGHT: EDR may be a good defense because of the continuous monitoring and analysis of activities to detect and respond to threats. We'll note that Detection and Response is incomplete for cyber risk management.? You must have a Resolution, steps beyond Responding. If you only know about a threat and do nothing to mitigate or resolve the threat, you're not any more secure than being blissfully unaware.
FINANCIAL SERVICES - Sector Targeted by Sophisticated QR Code Malware
- SUMMARY: A sophisticated malware attack targeting the Swiss financial sector, exploiting QR codes to infiltrate systems. The malware, designed to evade traditional security measures, compromised sensitive financial data, highlighting the urgent need for advanced cybersecurity protocols. This incident underscores the vulnerabilities in current defenses and the critical importance of robust security measures to protect financial institutions.
- INSIGHT: You should be educating your employees about various attack types, so they stop and consider their actions before reacting impulsively and creating a security risk to your company. The other is this attack works because MFA is often overlooked by companies as being "too difficult and slows productivity."? WRONG - it's basic cyber hygiene.
PHISHING - SVG Attachments Employed to Bypass Detection Systems
- SUMMARY: A new trend in phishing attacks is active where cybercriminals use SVG (Scalable Vector Graphics) attachments to evade detection by traditional email security systems. These SVG files contain malicious scripts that execute when opened, compromising the recipient's system. The increasing use of SVG attachments in phishing emails highlights the need for advanced email security measures to protect against evolving threats.
- INSIGHT: Consider an advanced email filtering solution, they often have machine learning and heuristic analytics to detect and block suspicious attachments, including SVG files. Content and behavior of attachments are evaluated to identify and quarantine potentially harmful emails before they reach your employees. By implementing filtering technology, it may have prevented the breach by detecting the malicious SVG attachments.
E-COMMERCE - Fake Shopping Sites to Steal Credit Card Information
- SUMMARY: Sophisticated attackers have created 4,700 fake shopping websites to steal credit card information from shoppers looking for big brands. These fraudulent sites mimic legitimate online stores, tricking users into providing their payment details. The incident highlights the urgent need for enhanced security measures in the e-commerce sector to protect consumers from such deceptive practices.
- INSIGHT: You are likely to have not heard of this before, but it is a growing cybersecurity protocol… DMARC is an email authentication configuration standard that helps prevent domain spoofing by ensuring that emails are properly authenticated before reaching the recipient. By implementing DMARC, e-commerce platforms can protect their domains from being used in phishing attacks. While not widely known or implemented, for those organizations that have implemented DMARC, they swear by it to help them sleep at night.
TECHNOLOGY - Malware Targets macOS Systems
- SUMMARY: A malware campaign attributed to North Korean hackers, targeting macOS systems through applications built with the Flutter framework. The malware exploits vulnerabilities to gain unauthorized access and exfiltrate sensitive data. This incident underscores the need for enhanced security measures to protect against advanced persistent threats (APTs) targeting macOS environments.
- INSIGHT: Often for organizations of all sizes, employees find ways to help them do their jobs more easily, more efficiently, or in a "cool, new way". Sometimes these applications are installed without the knowledge or awareness of the IT staff or the compliance team. You may want to consider having an Application Control Policy and establish a clear policy to define which apps are allowed or prohibited. This policy often includes criteria for evaluating and approving applications, as this keeps employees engaged and part of the solution and not the problem.?
INSIGHTS & EXPERT PERSPECTIVES
Cyber Risk Governance Live: From Alert Overload to 90% Faster Response
A Security Automation Success Story
Join Stanley Li and Sean Mahoney from Netswitch Technology Management alongside Tim MalcomVetter from ?Wirespeed for an exclusive deep-dive into one security team’s transformative journey.
Discover how they eliminated alert fatigue, improved response times by 90%, and saved $655K over three years.
Event Highlights:
- Proven Financial Impact in 90 Days
- $655K cost reduction over 3 years
- 70% lower operational costs
- $200K saved in analyst hours annually
- 9-month path to ROI
Who Should Attend:
- Security Leaders
- IT Directors
- Risk & Compliance Officers
- SOC teams
- Executives focused on operational efficiency and ROI
??? Event Details:
Tuesday, November 26, 2024?@ 10 am Pacific / 1 pm Eastern
Netswitch Sharpen Your Cyber Edge with Netswitch
Master Compliance & Minimize Risks:
- Independent Security Audit: Identify network risks with our automated Security And Risk Assessment (SARA). Get a clear picture, prioritize improvements, and optimize resource allocation. Contact Netswitch.
- Free "Quick Start" Program: Gain a free cyber risk and governance health check. Enroll now and start building resilience.
Deepen Your Knowledge:
- Join Our LinkedIn Group: Collaborate with industry leaders in the CyberRisk Governance Community on LinkedIn. Share insights and stay ahead of the curve.
- Live Events: Participate in interactive LinkedIn Live sessions. Explore cyber risk topics with executives, technologists, and governance professionals.
Don't wait.
Contact Netswitch Technology Management today to take control of your cyber risk.
Disclaimer: The information and links provided in this newsletter are for informational purposes only. Netswitch does not warrant the accuracy or completeness of such information and is not liable for any damages arising from its use.
