Report offers new insight into Dallas ransomware attack – NBC 5 Dallas-Fort Worth
Report offers new insight into Dallas ransomware attack NBC 5 Dallas-Fort Worth
Tag Archive for: Insight
Insight – Horizon3.ai Annual Review Snapshot 2022
As Horizon3.ai wraps up the year with our highly anticipated Horizon3.ai Year in Review (2021-2022): Through the Eyes of the Attacker coming soon, we want to ensure our customers are continuing to think through:
- What does my environment look like?
- Are my security tools effective?
- Did we detect the right activity?
- Are we logging the right things?
- Are my crown jewels and keys to the kingdom– sensitive data and privileged credentials– reachable and exploitable?
While looking through the eyes of an attacker, Horizon3.ai empowers our customers to gain perspective to answer these questions honestly and accurately, staying relevant to how attackers view their environment. This helps our customers find what is exploitable, fix what matters, and consequentially verify those fix actions.
Over the past year, Horizon3.ai pentests revealed cybersecurity vulnerability trends across multiple industry sectors around the globe. Specifically, the top 3 systematic issues NodeZero surfaced are:
- Credential Policies Are Weak, Or Often Not Enforced
- Patching Is Rare, Misconfiguration Fixes Are Even Rarer
- Security Tools Require Oversight and Fine Tuning to be Effective
Our Annual Review focuses on these 3 themes and show you how the top weaknesses NodeZero found and exploited over the past year led to critical impacts, deeper implications, and ultimately positive action by the customer to remediate vulnerabilities and weaknesses. Additionally, the 3 themes presented align with CISA’s Top 15 Routinely Exploited Vulnerabilities list and their Known Exploited Vulnerabilities List (KEVL) catalog. The list below highlights the top 10 vulnerabilities and weaknesses that NodeZero enumerated and exploited over the last year:
1) Credential Policies Are Weak, Or Often Not Enforced
Attackers don’t “hack” in, they log in. Regardless of what the headlines in our newsfeeds may say, cyber threat actors do not often use sophisticated hacking tools and techniques like zero-day exploits to gain access to a network; they simply log in with legitimate user credentials. Our customers are keenly aware of the risks that credential-based attacks pose to their organizations because NodeZero allows them to safely…
DarkOwl Ransomware API offers insight into content from ransomware websites hosted on the darknet
DarkOwl released Ransomware API, the latest in their suite of darknet products. By enabling users to monitor darknet ransomware sites for their strategic assets – including first and third party vendors – organizations have the most accurate information available as to whether an entity has been extorted or compromised in a ransomware attack.
Ransomware API accesses the same database of darknet content as DarkOwl’s other data products, but targets results to content that was posted on ransomware group websites. These sites include those where actors post about their victims, and frequently leak compromised data that resulted from their attacks. Using this data, a company could expose potential risk for their own organization, assess supply chain vendor risk, or calculate risk to support cybersecurity insurance underwriting processes.
“As ransomware actors become ever more prevalent and advanced in the darknet, companies need tools that allow them to monitor and stay ahead of any cyberattacks. We hope that our deep coverage of this space can help illuminate a criminal economy that is constantly shifting and evolving,” said Mark Turnage, President and CEO of DarkOwl.
DarkOwl’s newest product was developed as a direct result of market demand, and is the first in the industry to offer streamlined, targeted insight into ransomware-hosted content on the darknet. As stated by DarkOwl’s Director of Product Technology, Sarah Prime, “We’re excited to release this new endpoint as a response to what we were hearing from our customers. Our insight into this area of darknet is unique, particularly our historical archive. Through this API product, organization mentions on these sites can now serve as a critical risk indicator.”
Top 10 insight articles in 2021
Our most popular articles in 2021 provide a good reflection of the state of the industry. Taken together, the Top 10 Articles of 2021, as measured by reader clicks, cover big subjects such as smart cities and cybersecurity. They address new innovations in video surveillance, including systems that are smarter and more connected, and a new generation of computer chips that improve capabilities at the edge.
A recurring theme in 2021 is cybersecurity’s impact on physical security, embodied by a high-profile hack of 150,000 cameras and an incident at a Florida water plant. There is also an ongoing backlash against facial recognition technology, despite promising technology trends.
Cross-agency collaboration
Our top articles also touch on subjects that have received less exposure, including use of artificial intelligence (AI) for fraud detection, and the problem of cable theft in South Africa. Here is a review of the Top 10 Articles of 2021, based on reader clicks, including links to the original content:
Smart cities have come a long way in the last few decades, but to truly make a smart city safe
Safety in Smart Cities: How Video Surveillance Keeps Security Front and Center
The main foundations that underpin smart cities are 5G, Artificial Intelligence (AI), and the Internet of Things (IoT) and the Cloud. Each is equally important, and together, these technologies enable city officials to gather and analyse more detailed insights than ever before. For public safety in particular, having IoT and cloud systems in place will be one of the biggest factors to improving the quality of life for citizens. Smart cities have come a long way in the last few decades, but to truly make a smart city safe, real-time situational awareness and cross-agency collaboration are key areas that must be developed as a priority.
Fraud detection technology
How AI is Revolutionising Fraud Detection
Fraud detection technology has advanced rapidly over the years and made it easier for security professionals to detect and prevent fraud. Artificial Intelligence (AI) is revolutionising fraud detection. Banks can use AI software to gain an overview of a…