Infosec K2K Cyber News Of The Week - Friday 9th February

Welcome to Infosec K2K’s Weekly News Update!

As technology continues to advance, so do the risks associated with it. Every week, we gather the latest news and insights on cyber threats, data breaches, and other essential topics in the world of cyber security.

In The News This Week

More than 35 countries have joined forces and signed a declaration to combat ‘#Hackers for hire.’ A declaration dubbed the Pall Mall Process has been signed by countries including France, the UK, and the US, and it aims to establish principles for managing commercially-available cyber intrusion capabilities. The declaration emphasises accountability, oversight, and transparency in cyber security, and has also been signed by companies such as 谷歌 , 苹果 , BAE Systems , and 微软 .

Find out more on ITPro : https://www.itpro.com/security/uk-leads-international-efforts-to-tackle-hackers-for-hire?

Chinese hackers infiltrated the Dutch Ministry of Defence, deploying #Malware on compromised devices. There was limited damage due to network segmentation, and the incident affected fewer than 50 users. A persistent #RAT malware named #Coathanger infected FortiGate network security appliances, surviving firmware upgrades. The attack was linked to Chinese state-sponsored hackers, and is thought to be part of a broader attack against the Netherlands and allies.

Find out more on BleepingComputer : https://www.bleepingcomputer.com/news/security/chinese-hackers-infect-dutch-military-network-with-malware/?

In the second half of 2023, Malware-as-a-Service (MaaS) emerged as the top threat to organisations. A new report by Darktrace also noted a rise in Ransomware-as-a-Service (RaaS) attacks following the #Hive ransomware group's dismantling last year. The report warns of increasingly sophisticated tactics, including double and triple extortion, with attackers leveraging AI in phishing campaigns.?

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/malware-service-top-threat/?

A massive health data breach in France has left millions of people at risk of fraud. Viamedis , which manages third-party payments for 84 insurance providers, reported the breach, which affects over 20 million individuals. The stolen data includes information like names, social security numbers, and insurance details. No bank details were compromised, but phishing attempts are a concern, and individuals have been advised to avoid responding to suspicious emails and calls.

Find out more on The Connexion : https://www.connexionfrance.com/article/French-news/Millions-at-risk-of-fraud-after-massive-health-data-hack-in-France?

The Stats This Week

63,206?

Verizon has reported an insider data breach affecting 63,206 employees, with criminals accessing sensitive information like Social Security numbers and compensation details. Although the breach was discovered in December 2023, it occurred three months earlier, and there's been no evidence of data being shared online. The incident prompted Verizon to enhance its internal security measures, and offer all affected employees two-year identity theft protection.?

Find out more on Infosecurity Magazine : https://www.bleepingcomputer.com/news/security/verizon-insider-data-breach-hits-over-63-000-employees/?

2 million

费埃哲公司 's Fraud, Identity, and Digital Banking Report has revealed that nearly 2 million people in the UK fell victim to financial identity fraud in 2023. While the number’s down from the previous year, 5.4% believe their identity was likely misused. Identity theft is the top financial crime concern for 30% of UK citizens. Strong fraud protection is crucial when selecting financial services, and biometrics are increasingly being used for authentication.

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/brits-victims-financial-id-fraud/

97%

A survey by CybSafe has revealed that 97% of employees trust their cyber security teams, despite limited visibility into communications processes. Most see these teams as vital because of the surge in cyber threats, although there are concerns that new security measures may hinder productivity. Many employees lack awareness of cyber security team roles - the study suggests a need for more cyber training among staff, and emphasises that there is a collective responsibility for cyber security.?

Find out more on Tech Monitor : https://techmonitor.ai/technology/cybersecurity/97-of-employees-trust-their-security-teams-despite-visibility-concerns?

Thoughts from Infosec K2K

The recent Fraud, Identity and Digital Banking by FICO highlighted the alarming reality that nearly two million people in the UK fell victim to financial identity fraud in 2023 alone. This underscores the urgent need for enhanced security measures to safeguard individuals' identities and their financial wellbeing online. Last year, a Verizon report revealed that 90% of successful cyber attacks and 70% of successful data breaches originate at employees’ endpoint devices, and these devices need more protection. With cyber attacks and identity theft more rampant than ever, robust tools like Identity and Access Management (IAM) are crucial to protect people’s identities and data.

One effective tool in the fight against identity fraud is biometric authentication. Biometrics, such as fingerprint scanning, face recognition, and iris scans, offer a means of identity verification that’s both secure and convenient. According to FICO’s report, 87% of respondents said that they viewed biometrics as providing excellent security, with 38% saying fingerprints were their preferred method. Just 17% of people surveyed believe that usernames and passwords provide adequate protection -? this growing acceptance that people need more security online shows a positive shift towards adopting advanced verification and authentication methods.

As consumers are beginning to prioritise fraud protection when selecting their financial service providers, organisations need to be looking at tools that can enhance security while still being convenient for users. Here at Infosec K2K, we understand the importance of IAM solutions, and realise that by strengthening your organisation’s cyber defences, you can enhance customer trust and loyalty at the same time. That’s why we provide cutting-edge technologies that can help safeguard users’ identities and protect your digital assets at the same time.

Read FICO’s report here: https://www.fico.com/en/latest-thinking/ebook/fraud-identity-and-digital-banking-consumer-survey-2023-united-kingdom

—

Got questions about this week’s news? We’re here to help! Learn how best to bolster your cyber security defences by getting in touch with our expert team at Infosec K2K .

Stay updated on all things #CyberSecurityNews when you subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!