Data Breaches in the USA in September 2024: 3,451,574 People Impacted

Welcome to this week’s edition of Security Spotlight from IT Governance USA, where we shine a light on:

• Data breaches in the USA in September 2024: 3,451,574 people impacted
• How long does it take to detect a cyber attack?
• Our two-hour workshop to improve your skills in conducting an information security risk assessment
• North Korean hackers using new VeilShell backdoor in stealthy cyber attacks
• CISA issues warning about another Ivanti flaw under active attack
• National Cybersecurity Awareness Month: Save 15% on selected services

Data Breaches in the USA in September 2024: 3,451,574 People Impacted

Analyzing the Maine Attorney General’s data For September 2024, IT Governance USA’s analysis of the Office of the Maine Attorney General’s data breach notifications found the following:

• 73 new data breaches, affecting 3,451,574 individuals*
• 5 updates to previously reported data breaches

We look at what’s reported to a regulator to help us identify significant real-world trends and patterns. For instance, after a spike in reported data breaches in August, the number has dropped back in line with the numbers for June and July. Meanwhile, the number of individuals impacted continues to decline.

Read more??

How Long Does It Take to Detect a Cyber Attack?

One of the biggest misconceptions in cybersecurity is a belief that ‘it won’t happen to us.’

Despite a growing awareness of cyber attacks and data breaches, organizations often mistakenly believe that they won’t become a target. ‘Why would they target us? We don’t hold anything of value.’

Read more??

Information Security Risk Assessment Workshop

What does this workshop cover?

• Overview of information security and ISO 27001 risk assessment principles and their importance in cybersecurity and regulatory compliance.
• Techniques and best practices for conducting accurate and efficient risk assessments.
• The benefits of regular risk assessments, including support for ongoing compliance and security improvement.
• How different types of risk assessments help identify and mitigate potential threats, ensuring protection and resilience.
• Conducting two risk assessments using our CyberComply platform: one scenario-based and one asset-based, guiding participants through practical application.
• Scenario-based and asset-based risk assessments to illustrate different approaches to the assessment process.

Sign up now??

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries.

Continue?reading??

CISA issues warning about another Ivanti flaw under active attack

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week.

The remote code execution flaw in Ivanti Endpoint Manager (EPM), a tool that helps organizations manage and secure their fleets of employee devices, was first disclosed by Trend Micro’s Zero Day Initiative in April and patched by Ivanti the following month.

Continue?reading??

NCSAM: Defend your organization with our expert solutions and save 15%

Secure your world, protect the future.

Cybersecurity is everyone’s responsibility. Defend your organization with our expert solutions – from basic levels of protection and staff training, through to advanced penetration testing and compliance solutions.

Simply use code NCSAM24 at checkout on any of the products listed and save 15%.

T&Cs apply.

Find out more