Tag Archive for: cybersecurity

Hack The Box Redefines Cybersecurity Performance, Setting New Standards in the Cyber Readiness of Organizations

/in


The innovative Cyber Performance Center approach helps businesses present a united front against cybercrime by aligning cybersecurity and corporate goals.

NEW YORK, NY, LONDON, UK and SYDNEY, AUSTRALIA / ACCESSWIRE / April 10, 2024 / Companies can level up their cybersecurity defenses – eliminating the skills and knowledge gaps that criminals regularly exploit thanks to Hack The Box’s Cyber Performance Center.

Hack The Box’s Cyber Performance Center unites individual ability, business management practices, and the human factor in the cybersecurity industry and it is designed to help organizations take a coordinated approach to their cyber readiness, reducing the vulnerabilities created when cybersecurity is siloed or treated as a tick-box requirement.

Its innovative model transcends the limits of traditional cyber training, taking a 360º overview that considers a business’s processes and technology investments along with the requirements of its cybersecurity teams. By matching processes and exercises to organizational outcomes it helps to align cybersecurity and business objectives.

Hack The Box’s disruptive approach also directly addresses the key human element within corporate cybersecurity, focusing on the upskilling and development cyber professionals need to perform to their best while providing clear career paths to encourage retention and combat the increased burnout and fatigue within the sector. This is critical as the global cybersecurity industry currently faces a skills shortage of four million people.

It is estimated that, by next year over half of significant cyber incidents will be caused by human error or skill shortages1. The Cyber Performance Center approach helps organizations tackle their security as a company-wide goal, considering the needs of its cybersecurity team, business processes, and respective technology investments to promote a healthy security culture.

Hack The Box combines these three organizational pillars with a continuous learning journey based on the latest technologies, vulnerabilities, and solutions for all cybersecurity domains. The approach enables customers to create and maintain a robust cyber strategy, unlocking the skills of each member of…

Source…

Ransomware Attack on Brewery Shows Cybersecurity Risks

/in


The recent ransomware attack against the Duvel Moortgat Brewery demonstrated the very real risk that cybersecurity incidents pose to the alcohol industry, reportedly halting operations for several days at four of Duvel Moortgat’s facilities in Europe and the United States. This attack comes after other major alcohol producers experienced disruptive ransomware attacks in the last several years. Incidents like these can be devastating for a company’s business and reputation, and hackers’ strategies are constantly evolving to maximize their damage. But companies can be prepared with an information security program designed to prevent successful attacks and quickly respond if one occurs. Experienced partners such as McDermott are critical resources throughout this process, enabling companies to better update and fortify their security programs.

The Growing Threat of Attack

Hackers have extorted companies through ransomware attacks for decades, but hacker strategies have evolved to increase the risks to companies, often resulting in a larger ransom for the hacker. A “ransomware” attack traditionally refers to a strategy in which a hacker gains access to a victim’s computer system, encrypts the information on those systems and demands a ransom payment to unlock that information. Victims may try to avoid paying the ransom by restoring most of their systems from backups, but hackers have recently introduced additional strategies that can complicate that recovery. Today, hackers often try to steal the victim’s information before encrypting it on the victim’s system, so that they can sell or publish the information if the victim refuses to pay the ransom. Hackers also may try to “corrupt” backups so that the victim cannot effectively restore its system without the hacker’s assistance. One ransomware group, AlphV, says that it also reports its publicly traded victims to the US Securities and Exchange Commission if they don’t pay the ransom.

Determining whether to pay a ransom is a complicated decision, with either choice presenting notable risks. The ransom will likely be expensive and must be paid without any guarantee that the hacker will make good on its promises….

Source…

Sullivan County uses NYSSOC to combat cybersecurity threats

/in


Cybersecurity threats are a worldwide issue.

New York state is working to combat this with its New York State Security Operations Center (NYSSOC).

What You Need To Know

  • Sullivan County is the first county to start utilizing the NYSSOC

  • The NYSSOC facility is based in Brooklyn and dedicated to detecting and responding to real-time threats 24/7

  • Tompkins County will be the next to launch it, and 45 counties have shown interest in subscribing to NYSSOC

Sullivan County is the first county to start utilizing the NYSSOC.

It allows the state to monitor for cyber threats with a goals of preventing them and improving responses to incidents.

“The county, as well as the state, as well as the nation, are under attack constantly from foreign adversaries just looking to wreak havoc on the infrastructure and environment that we work in and with. So, it’s important for us to know what’s happening quickly, to be able to respond quickly, and to mitigate those risks as quickly as possible,” said Commissioner of Information Technology Services and CIO for Sullivan County Lorne Green.

The NYSSOC facility is based in Brooklyn and is dedicated to detecting and responding to real-time threats 24/7.

“Anything that they see that, you know, red flags, anything, even some minor occurrences that go through, they will alert us. And then, we can take action on those to either let them know that this is a low priority, high priority, medium, and then, whatever that comes through as, we can take action,” said Deputy CIO for Sullivan County Dan Smith.

Officials said Sullivan County went live with NYSSOC in late March. It was selected due to relationships with New York State Homeland Security and the State’s Center for Internet Security.

Officials collected log data from security appliances and servers to feed to NYSSOC to get the project rolling.

“They then parch that data and put it into their recording solution for analysis and further determination as to whether or not there are any incidents that need to be addressed,” Green said.

One of the major aspects of this effort is ensuring threats are being tracked even when local information technology services staff members are not…

Source…

I’m a cyber-security expert – this is how I live to avoid getting hacked

/in


Jake Moore could hack into your WhatsApp account in just a few clicks. He isn’t a scammer, but he knows how they operate. He has been a cybercrime expert for 13 years and, as the former Police Head of Digital Forensics, he has seen most of the tricks. These days though, the tricks are becoming increasingly advanced.

According to data from the accounting firm BDO, the amount of online fraud committed in the UK more than doubled in 2023, costing £2.3 billion. UK Finance reported that romance scams and ID theft are among the fastest-growing categories with a total of 1.4m cases recorded.

William Wragg, a senior Conservative MP, recently fell victim to a targeted online scam. He admitted to handing over the personal phone numbers of colleagues, after being blackmailed by someone on the dating app Grindr.

Moore advises companies on how to avoid these sorts of ever-changing security risks. It starts with simple, daily habits. “I find it interesting that the more I talk to people about basic cybersecurity, the more I realise that people either don’t know about it, or they just put it off,” says Moore. “It’s like doing your insurance. It is a bit boring.”

But by putting off these easy, everyday steps, phone users are at increasing risk of alarmingly complex scams, from fake calls by AI voice software to webcam hacking. The secret to safety is consistency: “It’s all about that balance between security and convenience.”

Here, Moore shares what he does regularly to make sure his personal life is safe from fraud, and online blackmail.

I never send texts

Moore would never send an SMS text; not even an iMessage. These are too vulnerable to hacking, as they can be intercepted by third-party software. “WhatsApp offers end-to-end encryption, which is an absolute must. It means that the communication cannot be intercepted by anyone, even Meta, which owns WhatsApp,” he says.

Read Next

I tried the Danish art of doing nothing and realised how much of life passes me by

If a hacker can type into your texts, they can steal personal information needed to commit fraud.

“Going one step further. You can use platforms such as Signal. Everyone that I speak to in cybersecurity will use Signal for messaging as it is extremely privacy-focused,” says Moore. Both…

Source…