As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- ING CISO says data sharing is key to financial cybersecurity
October 30, 2023
Compliance has been the traditional focus of IT departments in financial institutions, but as cyber threats continue to evolve, the financial industry needs to look to each other to help protect the wider ecosystem. Finextra spoke with Beate Zwijnenberg, chief information security officer at ING, about some of the challenges the bank is facing across ...
- Kansas court system down nearly 2 weeks in `security incident’ that has hallmarks of ransomware
October 26, 2023
Kansas officials are calling a massive computer outage that’s kept most of the state’s courts offline for two weeks a “security incident” and, while they have provided no explanation, experts say it has all the hallmarks of a ransomware attack. The disruption has left attorneys unable to search online records and forced them to file motions ...
- Responding and Defending Against IdP Vendor Compromise
October 25, 2023
Based on Okta’s statement on October 20 regarding a recent security breach, it has been determined that the threat actor successfully gained access to Okta’s customer support system. Once inside the system, the threat actor was able to view files uploaded by Okta customers in relation to recent support cases with valid session tokens. By ...
- Philippines to recruit ‘cyber warriors’ for online defence
October 19, 2023
The Philippine military is creating a cyber command to improve defences against almost daily cyber attacks and will relax recruitment rules to ensure it can attract online experts, the chief of the armed forces said on Thursday. Several government agencies, including the lower house of Congress, have recently reported cyber attacks and the chief of the ...
- Automatic disruption of human-operated attacks through containment of compromised user accounts
October 11, 2023
Based on incidents analyzed by Microsoft, it can take only a single hop from the attacker’s initial access vector to compromise domain admin-level accounts. For instance, an attacker can target an over-privileged service account configured in an outdated and vulnerable internet-facing server. Highly privileged user accounts are arguably the most important assets for attackers. Compromised domain ...
- Cybersecurity’s Importance in Military Maritime Operations
October 11, 2023
In an era defined by interconnectedness and digital transformation, the role of cybersecurity in modern maritime warfare has grown. The maritime domain is increasingly vulnerable to cyber threats which can have serious consequences to national security. Cybersecurity is no longer just a matter of protecting data, but also protecting critical defence assets, and the ability ...

