Blog

  Financial services firms are favorite targets for cyber criminals. The firms are a treasure trove of tradeable data varying from credit card credentials, customer information, and corporate data that can be abused or sold on the dark net. Compared to other industries, the financial sector still remains extremely vulnerable. Overall, the chance of a financial institution being breached is 300 times higher than that of other organizations. While US companies in general are attacked around 4.

  In recent years, cyber-attacks on industrial control systems and critical infrastructure all together have been on the rise. A recent study by Bitkom shows that cyber-attacks cost the German industry almost $50 billion. Those attacks are not limited to Europe’s strong economy. Hackers are known to have manipulated critical industrial safety systems to cause physical damage. This poses a major question: Which sectors are the most critical and at risk? The United States Home Land Security (HLS).

  Cybercriminals just love targeting healthcare organizations and have been doing it quite often for many years. As can be seen on the table below, during the past couple of months cybercriminals have been working hard on these types of targets. where they hit with ransomware attacks or breach to exfiltrate medical records which they can monetize. These medical records are a treasure trove of information that is easy to sell on the dark web. In contrast to e.g., financial institutions,.

Academia is Still a Preferred Target for Cyberattacks. In our blog post of June 6 last year, we wrote that although the attacks in the academic sector had received much less media attention than those in other sectors, academic institutions have been favorite targets of cybercriminals for over 3 decades. We also mentioned that those attacks are not likely to go away. Sadly enough, this has proved to be true. Date Target Attack Result March 2018 140 American research universities.

Smart cities have become a lucrative target for cyber attackers due to the increasing number of connected systems embedded throughout the smart city’s infrastructure. The numbers talk volumes - global investment in smart cities will reach $80bn in 2018, and is expected to reach $135bn by 2021 (Source: IDC’s Smart cities spending guide) For smart threat actors, it’s quite easy to take control of the smart lighting system of Barcelona (which uses sensors to collect air quality data) or New York’s.

  Iranian-based hacker group OilRig keeps cyber drilling, posing a persistent threat! In a previous post, we mentioned Advanced Persistent Threat attacks (APTs) that are waging ongoing sophisticated hacking attempts targeted e.g., certain countries or institutions. These kinds of attack are especially popular with rogue regimes such as North Korea and Iran. The latter uses those to bring cyberwarfare to a whole new level, with Iranian hacker group OilRig (also known as PT34 or Helix Kitten).

According to security and analytics experts, companies worldwide have spent a combined $114b on security products (both hardware and software) and services last year. This figure is expected to exceed $140b by 2021. In 2017, the average cost of one data breach for organizations was $3.62 million and 66% of respondents believe data breaches or cyber-security exploits will seriously diminish their organization’s shareholder value. Organizations are making protection of customer data and.

Cyber-crooks are masters of crime constantly developing, testing and fine-tuning their techniques to mine valuable and sensitive information for their own profit. As such, cyber-attacks come in a wide range of shapes and forms. To illustrate, cyber-criminals use: Advanced Persistent Threat attacks (or APT in short) waging ongoing sophisticated hacking attempts targeted a person, business, or country; phishing attacks (including spear phishing an whaling) to steal sensitive information; .

To keep on giving our customers the tools to boost their cybersecurity posture, our Cymulate Labs are constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up to date. That’s why one of the unique (and highly popular) features in our platform is the Immediate Threat assessment, which allows organizations to test themselves their vulnerability head-on those latest threats within just few hours. .

In our first blogpost about MITRE’s ATT&CK™ framework, we explained what it exactly is and how it contributes to cybersecurity. In our second blogpost, we dove deeper into the various features. In this blogpost, the third and final one in this series, we will discuss the future of MITRE’s ATT&CK™ framework as we see it. To recap: ATT&CK™ is a MITRE-developed, globally-accessible knowledge base of cyberattack strategies and techniques that have been detected and reported. This knowledge base is.