The 2021 edition of Proofpoint s Voice of the CISO report based on a survey of more than 1,400 CISOs in 14 countries found 66 percent of the executives acknowledged their organizations were unprepared to handle a targeted cyberattack this year. In addition, more than half the CISOs admitted they are more concerned about the repercussions from a cyberattack this year than they were in 2020.
The U.S. Department of Justice announced this week that the Federal Bureau of Investigations had successfully removed malicious scripts from hundreds of vulnerable computers in the United States – without necessarily informing the computer owners they were doing so. Combating cyber threats requires partnerships with private sector and government colleagues, said Acting U.S. Attorney Jennifer B. Lowery of the Southern District of Texas in a press release. This court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers shows our commitment to use any viable resource to fight cyber criminals, Lowery added.
WHY IT MATTERS
SHARE
With a series of data breaches hitting the social networking site Facebook and the world’s largest professional network LinkedIn, it is difficult to determine if your sensitive data has been compromised or not.
The National looks at recent leaks and explores potential tools to find out if your digital identity is safe.
Facebook and LinkedIn leaks
The data of more than 533 million Facebook users resurfaced on an online hacking forum on April 3. The data, which was first leaked in 2019, included millions of files containing users’ personal information.
On Tuesday, data from more than 500 million LinkedIn profiles was put up for sale on another hacker forum, according to CyberNews, an online publication.
SHARE
The world’s largest professional network LinkedIn faces a probe by the Italian privacy watchdog following a leak of users’ personal data, including names and phone numbers, according to a report.
The Italian authority said in a statement that it started an investigation after “the dissemination of user data, including IDs, full names, email addresses, telephone numbers”, according to Bloomberg.
The regulator warned that anyone getting hold of such data and using it could face sanctions. It said Italy has one of the highest number of subscribers to LinkedIn in Europe and called on affected users to “pay particular attention to any anomalies” related to their phone number and their account.
Enterprises Remain Riddled With Overprivileged Users and Attackers Know It
Attackers commonly focus on finding users with too much privileged access as their ticket to network compromise. What can companies do?
Recent breaches have underscored the dangers of overprivileged user accounts and software processes, highlighting the need for companies to discover and mitigate the privileged accounts that could be used by attackers to further compromise important systems and applications.
Last month, the breach of an administrative account at video service provider Verkada left the firm s customers among them, Tesla and Cloudflare open to surveillance by online intruders. Verkada s cloud video service appears to have allowed super users unrestricted access to customer video streams and cameras, allowing a single breach to have massive impact. Similarly, through the compromise of the update process for SolarWind s Orion remote management software, attackers gained complete access