Cybersecurity News & Updates - December, 2022
Inspirisys Solutions Limited (a CAC Holdings Group Company)
Experience Possibilities
Check out the latest updates on high vulnerabilities, data breaches and ransomware attacks.
High Vulnerabilities
Web applications, often in the form of Software as a Service (SaaS), are now the cornerstone for businesses all over the world. SaaS solutions have revolutionized the way they operate and deliver services, and are essential tools in nearly every industry, from finance and banking to healthcare and education. Read more
__________________________________________________________________________
Three-quarters of industrial control devices used in operational technology (OT) networks remain unpatched and laden with severe vulnerabilities, according to new research from Microsoft. Statistics from the tech giant’s latest Cyber Signals bulletin showed that threats against operational technology systems and internet of things (IoT) products are rising steeply and posing significant risks for businesses globally. Read more
__________________________________________________________________________
As technology continues to evolve, so too does the cyber-threat landscape. Keeping up with the latest security vulnerabilities is critical for security and technology teams. With the new year just around the corner, let’s look at some of the top security vulnerabilities organizations should be aware of from?2022. Read more
__________________________________________________________________________
Google on Tuesday announced the open source availability of?OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about various projects. The?Go-based tool, powered by the Open Source Vulnerabilities (OSV) database, is designed to connect "a project's list of dependencies with the vulnerabilities that affect them," Google software engineer Rex Pan in a?post?shared with The Hacker News. Read more
__________________________________________________________________________
Software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop, TechCrunch reported, citing a study by Stanford. “Code-generating systems are currently not a replacement for human developers,” TechCrunch quoted a scientist as saying in the report. Read more
__________________________________________________________________________
Ransomware Attacks
From 2016 to 2021, there was an increase in ransomware attacks on health care delivery organizations, exposing the personal health information (PHI) of nearly 42 million patients, according to a study. Read more
__________________________________________________________________________
领英推荐
Based on current analysis by stakeholders concerned, about 1.3 terabyte data were encrypted in the recent ransomware attack on the All-India Institute of Medical Sciences’ (AIIMS) information technology network by unknown threat actors, according to the government. Read more
__________________________________________________________________________
Over the last year, gangs have dissolved and reformed, but one thing's for certain – they keep coming back. Despite all efforts, the problem of ransomware continues to grow, with a recent report from cloud security firm Zscaler recording an 80% increase in ransomware attacks year-on-year. Read more
__________________________________________________________________________
Scripps Health patients both former and current have begun receiving ransomware attack settlement notifications in the mail. The bi-fold cards with postage paid and a settlement administrator in Portland may prompt some to wonder if these notices, which offer “$100 in CASH and other benefits” are legit or just the latest sophisticated attempt of scammers looking to pilfer personal information. Read more
__________________________________________________________________________
In 2022, security practitioners struggled to address the growing attack surface created by their rapid push to remote work and cloud-based operations during the previous two years. Cyber criminals exploited new vulnerabilities — including those introduced by the growing use of third-party software — to launch ransomware and other attacks. Read more
__________________________________________________________________________
Data Breaches
Based on data collected from more than 750,000 unique?endpoints, distributed around the world, the company's report claims the average cost of a data breach is expected to hit $5 million by next year.?To make matters even worse - the researchers expect the number of breaches to increase significantly, as well. The threats from malicious and phishing emails rose by 60% year-on-year, they said. Read more
__________________________________________________________________________
Data breaches can?be extremely harmful to organizations of all shapes and sizes — but it’s how these companies react to the incident that can deal their final blow. Read more
__________________________________________________________________________
LastPass, a password managing platform, recently said that hackers, who illegally accessed the company's cloud-based storage environment in August of 2022, have a copy of consumer data. In the wake of this data breach,?Computer Emergency Response Team (CERT-In) has issued an advisory and has warned Indian users that cybercriminals can undertake phishing attacks to compromise their accounts. Read more
__________________________________________________________________________
The data breach picture?for 2022 isn’t pretty. At the start of the year, the number of victims per data breach incident was actually falling across the country, suggesting that companies with lots of customers might be doing a better job of protecting their data than in years past. Read more