July 10, 2024 at 12:54PM Israeli startup Cytactic secures $16 million in seed-stage funding led by Evolution Equity Partners for developing a “cyber crisis readiness and management” platform. The company aims to provide an automated, data-driven solution to enhance readiness, response, and recovery for businesses facing security crises like breaches and ransomware infections. Cytactic’s product … Read more
April 22, 2024 at 08:00AM A 2024 survey by Pentera revealed staggering results: 51% of organizations experienced a cyberattack in the past two years, despite investing in an average of 53 security solutions. Breaches led to significant damage, prompting heightened board involvement. The survey also highlighted the need for more frequent and continuous security testing … Read more
April 10, 2024 at 04:47AM Join Silobreaker’s webinar on April 18th to learn from CISO Andy Grayland about using threat intelligence to minimize third-party security risks. With 29% of incursions originating from third parties, the webinar will provide insights into identifying and mitigating these risks. Sign up and receive a reminder for the webinar. Sponsored … Read more
April 1, 2024 at 04:31PM The UK regulator reported that one of the world’s most toxic sites faced cybersecurity “offenses” from 2019 to 2023. Based on the meeting notes, it seems that the UK regulator mentioned that a particularly hazardous site had experienced cybersecurity “offenses” from 2019 to 2023. This suggests a serious breach of … Read more
March 6, 2024 at 05:31PM FILI notified 30,000 individuals of a third-party data breach, affecting names, Social Security numbers, bank account details, and more. This is the second breach involving IMS this year. Jeff Margolies points to increased third-party security breaches and the need for better third-party access management. Fidelity offers 24 months of credit … Read more
January 10, 2024 at 05:26PM Mandiant, a cybersecurity firm and Google subsidiary, had its Twitter account hijacked by a Drainer-as-a-Service gang. The attacker redirected over 123,000 followers to a phishing page to steal cryptocurrency, with an estimated minimum of $900,000 in assets stolen. Verified organizations like the U.S. Securities and Exchange Commission have also been … Read more
January 9, 2024 at 05:31PM The U.S. Securities and Exchange Commission’s account, X, was hacked to falsely announce the approval of Bitcoin ETFs. The tweet, promptly deleted, led to a temporary spike in Bitcoin prices. However, the SEC clarified that no such approval had been granted. This incident follows a string of account breaches targeting … Read more
November 15, 2023 at 04:37AM Organizations are struggling to implement adequate logging measures, which makes it difficult for defenders and incident responders to identify the cause of information security attacks. In many cases, organizations lack the necessary telemetry logs to analyze events properly. Cybercriminals often disable or wipe logging capabilities to evade detection and attribution. … Read more
October 31, 2023 at 12:22PM New US law enforcement regulations allow for the delay of public disclosure of security breaches if a written request for an extension is granted. The amendment applies to breaches involving the theft of unencrypted data belonging to at least 500 consumers. The FTC estimates that the amendment will affect approximately … Read more