With cyber attacks against financial and banking institutions now a daily occurrence, cyber threats have become the biggest risk to the global financial system, according to Federal Reserve Chairman Jerome Powell. During an interview on CBS News’ 60 Minutes, Powell said cyber risks surpass even the types of lending and liquidity risks that led to the Great Recession in 2008. The chances of a financial collapse akin to 2008 are “very low,” he said. “But the world changes, the world evolves, and the risks change as well. The risk we keep our eyes on the most is cyber risk.” If... Read more →
95 posts categorized "Malware"
22 April 2021
Cyber Threats: The Financial System’s Top Risk
Posted by (ISC)² Management on 22 April 2021 at 07:30 AM in Cybersecurity Training, Cybersecurity Workforce, Malware, Ransomware, Risk | Permalink
|
Comments (0)
25 June 2020
(ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack
The original article by Diego Delfino can be found at https://delfino.cr/2020/05/caso-maze-bcr-expertos-comparten-reflexiones-lecciones-y-sugerencias Óscar Monge España, founding member of (ISC)² chapter Costa Rica has 16 years of experience in multiple fields of cybersecurity, such as incident response, threat intelligence, risk management and vulnerability management at the corporate level and in the cloud methodology Agile and ITIL, information security expert and cloud security professional. His work in the field led him to obtain the award as the best security participant for America (America’s ISLA) awarded by the renowned organization ISC2 in 2017. He currently works for RaboBank in The Netherlands as a cybersecurity... Read more →
Posted by (ISC)² Management on 25 June 2020 at 01:19 PM in (ISC)² Chapters, Malware | Permalink
|
Comments (0)
(ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack
El artículo original fue publicado por Diego Delfino en: https://delfino.cr/2020/05/caso-maze-bcr-expertos-comparten-reflexiones-lecciones-y-sugerencias Óscar Monge España, miembro fundador de (ISC)² capitulo Costa Rica, tiene 16 años de experiencia en múltiples campos de la ciberseguridad, como lo son la Respuesta de Incidentes, Inteligencia de Amenazas, Manejo de Riesgos y Manejo de vulnerabilidades a nivel corporativo y en la nube, metodologías ágiles e ITIL, experto en seguridad de la información y profesional en seguridad en la nube. Su trabajo en el campo, le llevó a obtener el galardón como el mejor practicante de seguridad para America (America’s ISLA) otorgado por la reconocida organización (ISC)² en... Read more →
Posted by (ISC)² Management on 25 June 2020 at 01:06 PM in (ISC)² Chapters, Malware | Permalink
|
Comments (0)
29 May 2020
Study: Pandemic Boosts Cybersecurity Demand
Demand is up for cybersecurity solutions and services as businesses try to cope with the effects of the COVID-19 pandemic. In a survey of technology firms, industry association CompTIA found that customer inquiries regarding cybersecurity were up by 36% in April -- second only to inquiries about communications, collaboration and A/V technologies. The increased demand for cybersecurity and collaboration technologies makes sense in light of the sudden increase in work-from-home (WFH) numbers. The ranks of remote workers shot up as a result of stay-at-home and lockdown directives issued by governments in efforts to manage the spread of COVID-19. Recent (ISC)2... Read more →
Posted by (ISC)² Management on 29 May 2020 at 08:00 AM in Cybersecurity Workforce, Government , Malware, Network Security, Operations Security, Risk | Permalink
|
Comments (0)
06 April 2020
Cyber Threats Are Spiking as Remote Worker Ranks Soar
The number of people working from home is skyrocketing as the COVID-19 pandemic forces companies to close offices and practice social distancing. The sudden explosion of makeshift home office environments is adding to the burden of already overtaxed cybersecurity workers, who now face the massive task of trying to protect a remote workforce against cyber threats. While cybersecurity professionals put in extra hours to handle the situation, the increasing ranks of remote workers are catching the attention of another group – cyber attackers. Cyber criminals are betting that many of these hastily outfitted work-from-home environments will not have the same... Read more →
Posted by (ISC)² Management on 06 April 2020 at 07:55 AM in Cybersecurity Workforce, Malware, Network Security, Privacy, Risk | Permalink
|
Comments (0)
24 February 2020
Threat Hunting: Is Your Security Operation Ready to Launch Such a Program?
As published in the November/December edition of InfoSecurity Professional Magazine. It could be a blended attack as slick as a multichannel marketing campaign. Or a spontaneous crime of opportunity by a single dis-gruntled employee. It could even be an innocent configuration error. When a threat exists, there will be indicators. The perennial challenge is to hunt for signs in the right places and to isolate the signal from the noise. How best to find—and remove, where possible—such threats remains up for debate. Lance Cottrell, chief scientist at Ntrepid, approaches threat hunting less as a specific set of techniques than as... Read more →
Posted by (ISC)² Management on 24 February 2020 at 08:45 AM in IT Security, Malware, Network Security, Operations Security | Permalink
|
Comments (0)
13 February 2020
Breaches Increased in 2019, but the Number of Exposed Records Declined
The number of U.S. data breaches bumped up 17% in 2019 but despite the increase, the volume of sensitive consumer records that were exposed declined substantially by 65%, according to a newly published report. These statistics are a complete reversal of what happened in 2018, when the number of exposed consumer records soared by 126% and breaches declined by 23%, according to the Identity Theft Resource Center’s (ITRC) End-of-Year Data Breach Report for 2019 Data breaches tracked in 2019 in the United States jumped to 1,473, from 1,257 in the previous year, the report revealed. Meanwhile, 164,683,455 sensitive records were... Read more →
Posted by (ISC)² Management on 13 February 2020 at 08:00 AM in Cloud Security, Cybersecurity Certifications, Cybersecurity Training, Cybersecurity Workforce, Malware, Network Security, Operations Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
05 December 2019
Cyber Threats to Healthcare on the Rise
Hospitals are set up to fight infections, but not necessarily the kind that has been plaguing healthcare institutions lately – malware. A new report estimates that cyber threats against healthcare targets increased 60% since January, surpassing the total number of threats identified in all of 2018. The most common threat targeting the healthcare industry is Trojan malware, which increased 82% in the third quarter from Q2, according to the report by Malwarebytes, Cybercrime Tactics and Techniques: The 2019 State of Healthcare. Most of the Trojan attacks involved Emotet and TrickBot, which are the two most dangerous Trojans around since 2018.... Read more →
Posted by (ISC)² Management on 05 December 2019 at 09:00 AM in Cloud Security, Cybersecurity Certifications, Cybersecurity Workforce, Malware, Network Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
21 December 2018
Beware of Scams this Holiday Season
By Tony Vizza, CISSP, (ISC)² Director of Cybersecurity Advocacy, APAC Over the past few weeks, I have noticed a marked increase in the number of phishing attempts, both using cyber based methods as well as traditional methods such as phone calls, text messages and even postal service scams. Scammers rely on psychological trigger points to succeed. December, in particular, is a stressful time for many people. Boozy Christmas parties, buying presents for your family (and finding something your partner will like), planning the holiday getaway with the kids and of course wrapping up end-of-quarter and end-of-year and you have a... Read more →
Posted by (ISC)² Management on 21 December 2018 at 08:00 AM in Center for Cyber Safety and Education, Malware, Risk | Permalink
|
Comments (1)
03 December 2018
Report: Cyberattacks Pose Big Business Risks Around the Globe
Cyberattacks rank as the number one risk of doing business in North America, Europe and the East Asia-Pacific region, according to a World Economic Forum report, Regional Risks of Doing Business. While business leaders in other areas of the globe are more concerned about unemployment, unstable governments and oil prices, cyber risks rank as the fifth highest worldwide. The concern about cyberattacks shows just how critical cybersecurity has become, ranking even higher than terrorism in the global top 10. Not surprisingly, cyber risks are a bigger concern among the most industrialized areas of the globe such as North America, where... Read more →
Posted by (ISC)² Management on 03 December 2018 at 09:05 AM in Malware, Risk | Permalink
|
Comments (0)
03 July 2018
Don't be a sitting duck in the next OT cyberattack
By Ravindra Krishna, CISSP In a recent Operational Technology (OT) cyberattack, Monero Crypto-currency mining malware was discovered in the ICS network of a water utility company located in Europe. The company found the malware during a routine monitoring check of their OT network and confirmed that the malware infected five servers including the Human machine interface (HMI), which is used to control and manage physical components of OT networks. This attack provides further evidence that OT networks are not simply vulnerable, but actually easy targets. The Post-Stuxnet OT Cyberattack Era I believe that we can divide OT attacks into two... Read more →
Posted by (ISC)² Management on 03 July 2018 at 08:30 AM in IT Security, Malware, Network Security, Operations Security, Ransomware, Risk | Permalink
|
Comments (2)
26 January 2018
(ISC)² Secure Summit UK Insights: The Future Impact of AI in Cybercrime
(ISC)²’s two-day Secure Summits bring multi-subject sessions from hands on practical workshops to keynotes and panel discussions, featuring local and international industry experts to maximise the learning experience and CPE opportunities. Serving the entire (ISC)² EMEA professional community with regional events, the Summits offer a wealth of educational value, networking opportunities, and a community forum for like-minded professionals, all of which are FREE to (ISC)² members & (ISC)² Chapter members. Read on for insights from one of our popular Secure Summit UK sessions... You’re the CEO of an international oil and gas company. Business risk and risk management planning is... Read more →
Posted by (ISC)² Management on 26 January 2018 at 04:00 AM in (ISC)² Events, Cybersecurity Training, Insider Risk, Malware, Ransomware | Permalink
|
Comments (0)
02 January 2018
Do You Feel What I Feel? Cybersecurity’s Impact of Humans and Machines
Organizations, individuals feel pain of breaches, critics silenced, and China outraged. As analysts and cybersecurity experts make predictions about the future of cyber and the advancements we can expect to see in artificial intelligence (AI), it’s worth taking a moment to think about the power of machines and their impact on human emotions. AI holds the promise that someday computers will possess emotional intelligence, but will computers ever really be able to mimic our natural human emotions? Everything from mere words, names, and numbers evokes strong feelings in people, and few names elicit the strong emotional response as that of... Read more →
Posted by (ISC)² Management on 02 January 2018 at 03:00 PM in Government , Malware, Ransomware | Permalink
|
Comments (1)
10 November 2017
Weekly Security Headlines: Hearings, guidelines and news
New guidelines, increased government oversight, and mounting stress in cybersecurity With the 4th quarter underway, we are starting to see lots of predictions about what the cybersecurity industry can expect to see come 2018. Thinking about the future makes it easy to forget about what is happening right now, though. Let’s take a look back at the news that happened this week to remind us of where we are, before we focus too much on where we’re going. Arguably the biggest industry-wide news of the week was the Senate Commerce Committee hearing, “Protecting Consumers in the Era of Major Breaches.... Read more →
Posted by (ISC)² Management on 10 November 2017 at 02:10 PM in Ethics, Government , IT Security, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (1)
27 October 2017
Security Headlines: Hopping Around
This week’s National Cybersecurity Awareness campaign focused on feeding the pipeline to narrow the skills gap in the cybersecurity workforce. While StaySafeOnline declared “The Internet Wants You: Consider a Career in Cybersecurity,” Ransomware hopped to the headlines. Rabbit on the run ‘Bad Rabbit’, the third global outbreak of the year with similarities to NotPetya, struck companies throughout Russia and Eastern Europe with file-encrypting malware. This strand of ransomware metaphorically knocks on the user’s door by way of a malicious pop-up offering a Flash update. Though the outbreak was first reported, it’s suspected that the group behind the attack has been... Read more →
Posted by (ISC)² Management on 27 October 2017 at 11:10 AM in Malware, Network Security, Ransomware | Permalink
|
Comments (0)
22 September 2017
Security Headlines: Do you know where your data records are?
It’s 2:00 pm. Do you know where your data records are? Here are the security headlines from the week of September 18, 2017. Say it ain’t so, SEC. Say it ain’t so! It looks like the U.S. Securities and Exchange Commission (SEC) suffered a cyber attack in 2016. Hackers have been trading using non-public information. In more cybercrime news, Help Net Security has a list of most wanted malware and mobile malware. We’re all hoping the risk of wearable devices is worth the health benefit – or is that just what I tell myself about my FitBit? But what if... Read more →
Posted by (ISC)² Management on 22 September 2017 at 02:00 PM in Malware, Privacy, Risk | Permalink
|
Comments (1)
01 September 2017
Security Headlines: Spying & Stealing
Spying, stealing, defacing. It’s been a busy week. These are the top security headlines for the week of August 28, 2017: The U.S. Navy says there’s no evidence of a cyber attack in the crash of the USS John S. McCain – but hypothetically, this is how it would work. Reuters reports cyber spies are using malware to target India and Pakistan – including decoy clickbait with Reuters reports. Yes, you read that right. Hurricane Harvey is a once in a 1,000 years disaster, but be careful before you donate. Scammers are registering domains to collect “donations” for bogus organizations.... Read more →
Posted by (ISC)² Management on 01 September 2017 at 11:14 AM in Ethics, Government , Malware, Ransomware | Permalink
|
Comments (0)
25 August 2017
Security Headlines: Word Malware, Cloud Disasters and More
Malware through Word, hacked robots and cloud disasters? No wonder we have anxiety. These are the top security headlines for the week of August 21, 2017: Clippy never warned us about this! Attackers are exploiting a Microsoft Word feature that auto-updates links to install malware. The financial impact of a breach is always being reported on, but what about the mental and emotional cost? What’s its mission? Collaborative and industrial robots are under the “hacker microscope” according to Dark Reading and could be vulnerable. Cloud causing more damage than a hurricane? It’s possible. Further proving the “it’s not if, but... Read more →
Posted by (ISC)² Management on 25 August 2017 at 02:30 PM in Cloud Security, Malware | Permalink
|
Comments (1)
11 August 2017
Security Headlines: Payouts and Panic
WannaCry and NotPetya aftermath means payouts and panic. Here are the top security headlines for the week of August 7, 2017: Big money, no whammies! It seems like the hackers behind WannaCry have cashed out their bitcoin into Monero, a harder to track cryptocurrency. Mo money means mo malware. The success – can we call it that? – of WannaCry and NotPetya means ransomware is not going away any time soon, because… well, people and businesses pay the ransom. What’s that definition of insanity? Oh yeah, doing the same thing and expecting a different result… Tripwire research indicates that two-thirds... Read more →
Posted by (ISC)² Management on 11 August 2017 at 11:28 AM in Government , Insider Risk, IT Security, Malware, Network Security, Operations Security, Ransomware | Permalink
|
Comments (0)
20 June 2017
Looking for cybersecurity job? Healthcare is hiring!
While the projected 1.8 million cybersecurity workforce gap is a staggering number, the Global Information Security Workforce Study did reveal which sectors are most aggressively looking to address this talent shortfall. Healthcare, retail and manufacturing top the list of industries looking to increase their cybersecurity workforce by more than 20% over the next year. Healthcare, in particular, is aiming for a 39% increase. It’s not surprising that they’re leading the charge to staff up, as Privacy Rights Clearninghouse reports that there were 223 known breaches to healthcare organizations in the United States in 2016 - and another 46 disclosed so... Read more →
Posted by (ISC)² Management on 20 June 2017 at 03:00 PM in Cybersecurity Certifications, Cybersecurity Training, Malware, Ransomware, Risk | Permalink
|
Comments (1)
Search
Categories
- (ISC)² Chapters (16)
- (ISC)² Events (102)
- Center for Cyber Safety and Education (45)
- Cloud Security (90)
- Cybersecurity Certifications (283)
- Cybersecurity Training (275)
- Cybersecurity Workforce (147)
- Digital Forensics (27)
- Ethics (48)
- Government (85)
- Insider Risk (52)
- IT Security (348)
- Legal (41)
- Malware (95)
- Network Security (149)
- Operations Security (115)
- Privacy (93)
- Ransomware (38)
- Risk (155)
- Software Development (38)
- Spotlight (54)