All posts tagged: Cybersecurity

Cyber Incident Trends Report (NCSC)

No comments

October 2018 to April 2019

Cybersecurity Incident Trends Report
Cyber Incident Trends Report – NCSC UK

The UK’s National Cyber Security Centre (NCSC) recently released its cyber incident trends report for the period between October 2018 and April 2019. The report covers five main cyber attack trends seen in the UK – (1) attacks on Office 365 deployments (and cloud services in general), (2) ransomware, (3) phishing, (4) vulnerability scanning, and (5) supply-chain attacks. “All the incident types noted have resulted in compromises within the UK, some significant in nature,” it says. 

EthicalHatCyber Incident Trends Report (NCSC)
Read More

Network-based attacks

No comments

Cyberattacks come in all shapes and forms. They are everywhere, and whether you know it or not, you’ve likely been a victim of one at some point. Even an occasional look at IT news will tell you just how widespread cybercrime is and how many areas of life it affects. Yet many of us don’t have more than a superficial idea of how cyberattacks work, where they originate, and how severe their repercussions can be. 

EthicalHatNetwork-based attacks
Read More

Cyber Attack Trends 2019 – Check Point Research

No comments
Cyber Attack Trends 2019

Check Point Research released its 2019 mid-year report on Cyber Attack Trends last month. The report puts targeted ransomware attacks at the top of its list of dominant ongoing trends in 2019. Cryptomining attacks, on the other hand, have declined considerably over the past year, with only 21 percent organizations affected by cryptominers’ attacks this year, compared to 42 percent in 2018. 

EthicalHatCyber Attack Trends 2019 – Check Point Research
Read More

SANS SOC Survey 2019

No comments
SOC Best Practices – 2019

The SANS Institute released its 2019 SOC Survey report – Common and Best Practices for Security Operations Centers – earlier this month. The survey was designed to “provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs”. The average size of the SOC teams represented in the survey was 10, with a majority of the respondents based either in North America or Europe, and drawn predominantly from the cybersecurity industry, followed by government, banking and finance, technology, and a few others.

EthicalHatSANS SOC Survey 2019
Read More

CIS CSAT – A web-based tool to track your implementation of CIS Controls

2 comments
CIS CSAT Dashboard

CIS CSAT is a free web-based tool that allows organizations to assess their cybersecurity strategy and infrastructure against the Center for Internet Security’s 20 Critical Controls. The tool was developed for CIS by EthicalHat Cyber Security, and is based on AuditScripts’ popular CIS Controls Manual Assessment spreadsheet. It helps businesses easily track their documentation, implementation, automation and reporting of CIS Controls, and compare their own security performance with the industry average.

EthicalHatCIS CSAT – A web-based tool to track your implementation of CIS Controls
Read More

First American Financial Corp facing the heat after data exposure

No comments

Company sued by client; Data leak under investigation

Real estate giant First American Financial Corp (NYSE:FAF), that suffered a serious data leak recently, was sued by a client late last month for failing to implement “even rudimentary security measures” and putting millions of clients’ information at risk.

EthicalHatFirst American Financial Corp facing the heat after data exposure
Read More

SANS 2019 Cloud Security Survey findings

No comments

The SANS Institute released a new cloud security report recently based on a survey of several hundred companies across the US, Asia, Europe, and Canada. The companies surveyed ranged from the small (under 1000 employees) to the very large (over 50000 employees) and represented a variety of industries including 32 percent from the technology sector and 11 percent from the finance sector.

EthicalHatSANS 2019 Cloud Security Survey findings
Read More

Adobe releases 87 patches for vulnerabilities in Acrobat, Reader, Flash Player, Media Encoder

No comments

In a massive patch update on Tuesday, Adobe released security patches for 87 vulnerabilities in four of its products – Adobe Acrobat, Adobe Reader, Adobe Flash Player, and Adobe Media Encoder. As many as 84 of the 87 patches address vulnerabilities in Acrobat and Reader.

EthicalHatAdobe releases 87 patches for vulnerabilities in Acrobat, Reader, Flash Player, Media Encoder
Read More

A few tips to find out if that suspicious-seeming email you received is really malicious

No comments

We all receive malicious or spammy emails from time to time, and while most are easy to tell apart from legitimate mail, there are some that require greater attention to detect. An Unsolicited Commercial Email (UCE), more commonly known as spam, may be an irritant, but it is not a threat to you. Malicious emails, on the other hand, are intended to swindle or steal, and are far more dangerous.

EthicalHatA few tips to find out if that suspicious-seeming email you received is really malicious
Read More