As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- Critical Vulnerability in Fortra FileCatalyst Workflow
June 27, 2024
Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or ...
- Stopping Chinese cyberattacks is officially now the biggest priority for US security forces
June 25, 2024
The US Department of Homeland Security (DHS) has shuffled its priorities to place battling the “cyber and other threats posed by the People’s Republic of China” at the top of the list, at least until the end of 2025. China has been conducting numerous cyber attacks against US infrastructure, particularly focussing on internet-facing endpoints within water ...
- U.S. Department of Homeland Security Bolsters Indo-Pacific Maritime Cybersecurity through Partnership with Indonesia
June 18, 2024
WASHINGTON – From June 10-13, the U.S. Department of Homeland Security (DHS) partnered with the Government of Indonesia under U.S. Department of State International Narcotics and Law Enforcement and U.S. Department of Defense Threat Reduction Agency programs to enhance the security and resilience of the international maritime transportation system. This reflects a joint commitment by both ...
- London Hospitals Knew of Cyber Vulnerabilities Years Before Hack
June 14, 2024
A group of London hospitals struggling to contain the fallout from a cyberattack against a critical supplier had known for years about weaknesses that left them vulnerable to hacks, according to documents reviewed by Bloomberg News. The Guy’s and St Thomas’ NHS Foundation Trust, which runs five major hospitals in the London area, has failed to ...
- How to Recognize and Defend Against Malicious Insider Threats
June 12, 2024
Insider threats arise from careless users, users with compromised credentials, or users who seek to cause harm intentionally. The latter type of user—the malicious insider—can be the most daunting for security teams to manage. It requires them to analyze a user’s behavior and determine whether they have bad intentions. Although less frequent, malicious insiders are costly. ...
- MediSecure put into administration weeks after massive data breach
June 5, 2024
Online prescription provider MediSecure has collapsed into administration and liquidation just weeks after a large-scale ransomware attack resulted in customer details being leaked on the dark web. The Melbourne-based health provider last month confirmed the massive data breach had taken place, with the personal information and some limited health information of people who used the service ...

