Últimas notícias

Fique informado

New Report Explains COVID-19’s Impact on Cybersecurity

17 de setembro de 2020


Reconhecimento facial sem prova de vida está com os dias contados, afirma CEO de uma das principais plataformas brasileiras de biometria facial

Conversamos com José Luis Volpini, CEO da CredDefense, uma das pioneiras e mais conceituadas plataformas de biometria facial do mercado brasileiro.

6 de janeiro de 2021

Carimbo do Tempo dá início ao fim da era dos protocolos proprietários na ICP-Brasil. Ouça

Segundo Dr. Roberto Gallo, o fim da era dos protocolos proprietários na ICP-Brasil tem data marcada e deve beneficiar fabricantes, prestadores de serviços e clientes finais.

28 de dezembro de 2020

Em tempo de mobilidade extrema e home office, como controlar o perímetro de segurança da empresa? Ouça

Conversamos com Jan Rochat da AET Europe, sobre a eficiência das tecnologias que protegem as informações das empresas, especialmente nesse momento de extrema necessidade de mobilidade das pessoas em “home office.

8 de dezembro de 2020

Identificar, confiar e conectar. Quantas vezes por dia nos autenticamos?

Controlar credencias de acesso nas organizações é tão difícil quanto

2 de dezembro de 2020

Doutor Fabiano Menke Concede Entrevista Sobre a Evolução das Assinaturas Eletrônicas

Nesta entrevista Dr. Fabiano Menke fala sobre a Lei 14.063 de setembro de 2020 e sobre o Decreto 14.543 de novembro de 2020 sobre os tipos de assinaturas eletrônicas

25 de novembro de 2020

Safe handling of digital identities: 5 key questions.

During the coronavirus crisis, the subject of digital identities has come to the forefront

21 de julho de 2020

Maximum SSL/TLS Certificate Validity is Now One Year. By Patrick Nohe

Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple, at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.

1 de julho de 2020

Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks

Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible, is taken.

While many have anecdotally suggested ways in which Covid-19 related cyberattacks would unfold, we have little data supporting the actual impact of Covid-19 on cybersecurity. Several have reported that the number of malicious emails with the subject related to Covid-19 has grown several hundred percent and that the majority of Covid-19 related emails are now malicious.

Beyond the anticipated increase in Covid-19 related malicious emails, videos, and an array of downloadable files, which we all anticipated, what else is going on behind the scenes?

Interestingly, cybersecurity company Cynet has just released a report (download here) detailing changes in cyberattacks they’ve observed across North America and Europe since the beginning of the Covid-19 pandemic. The report shares several interesting data points and findings, such as the cyberattack volume change observed in various industry sectors, the increased use of spear-phishing as an initial attack vector, and the approaches being used to distribute malware in spear-phishing attacks.

The two more interesting findings follow.

Fighting Fire with Fire

Cynet found that cybercriminals are not just “sort of” leveraging the Covid-19 pandemic, they’re going all in. Cybercriminals are pulling out their entire arsenal of new attack methods to ensure attack success best. This is like a sports team using all the new plays they’ve developed in one game rather than spreading them out across the season.

The report states that the percentage of attacks using new techniques has historically been around 20%. That is, 80% of attacks have used well-known techniques that are easily identified, assuming companies have updated preventative measures in place.

Since the Covid-19 pandemic, Cynet found that new attacks jumped to roughly 35% of all attacks. New attack techniques cannot be sufficiently detected by antivirus software alone and can only be effectively discovered using newer behavioral detection mechanisms. That is, the new detection approaches must be used to detect the new attack techniques being deployed.

Overburdened Security Staffs

Another interesting observation in the Cynet report is a huge spike in clients requesting expert assistance from their detection and response team (which Cynet calls CyOps). Client engagements increased a whopping 250% during the pandemic.

Beyond using advanced detection and response mechanisms, deep cybersecurity skills are required to detect and mitigate the sharp rise in the new attack techniques deployed during the Covid-19 pandemic.

The Cure?

Unfortunately, many companies do not yet have advanced detection and response technologies, such as Extended Detection and Response (XDR), or ongoing access to a 24×7 managed detection and response (MDR) team. When cyberattacks using new techniques spike as they are during this pandemic (or could do at any time), companies without these advanced protections are at higher risk.

We strongly recommend investigating both XDR and MDR solutions as a way to futureproof and immunize your cybersecurity stack.

And regardless of the security stack you have deployed, be wary of new malware attacks. Use threat hunting techniques to scour your systems to ensure new malware has not slipped through the cracks. The uptick in new malware means prevention and detection become trickier, and continuous threat hunting must become the norm.

Download the report here.

Source: The Hackers News

Bluetooth Flaw Could Let Hackers Attack You Wirelessly From 800 Feet Away

North Korea-Linked Hackers Are Now Spreading Their Own Ransomware

The Future of Privacy – Why Using and Protecting Personal Data Is a Vital Business Imperative

Content Syndication

Content Syndication – the content distribution is a method of republishing content developed by your company on other websites to reach a wider audience and bring new visitors to your site. Contact us about Content Syndication, contato@cryptoid.com.br | +55 11 3881 0019.

Surprise yourself with the quality of our audience! Media Kit.