DDoS on X was avoidable, but inevitable
The DDoS attack on X.com this week provided a certain amount of schadenfreude for people less than enamored by Elon Musk. It also rang alarm bells in the cybersecurity community.
The DDoS attack on X.com this week provided a certain amount of schadenfreude for people less than enamored by Elon Musk. It also rang alarm bells in the cybersecurity community.
Space systems have become an indispensable component of modern infrastructure, supporting global communications, navigation, defense, and scientific exploration. Cybersecurity, once an afterthought in space mission design, is now a critical priority.
For this year’s International Women’s Day, considering what’s going on in the world, it’s more important than ever to reflect on gender equality in the workplace. The theme for this year is “Accelerate Action,” focusing on hastening the progress toward equality for women.
Read more...We recently sat down with Sarah Armstrong-Smith, Microsoft Europe’s Chief Security advisor and advocate for female representation in STEM subjects….……more...
Phishing attacks are on the rise again with the help of sophisticated generative-AI tools. However, new defenses and increased wariness among potential victims are blunting phishing’s potential for widespread harm.
Read more...Picture a fortress with impenetrable walls protecting valuable assets inside. For decades, organisations built digital security following this ancient model – constructing firewalls and intrusion detection systems around a trusted internal network. But business has fundamentally changed. Remote work, cloud services, and digital partnerships have blown holes through these walls, creating countless paths for data to flow beyond traditional boundaries.
Discovering a cyberattack requires combining people, processes, and technology. A proper detection system is needed to sound the alarm, but people with the right skills must react to the emergency.
Read more...The EU's Digital Operational Resiliency Act (DORA) went live in January. This legislation's goals seem to conflict with the US administration’s willingness to ignore technology security standards. The question is: Who will stand up to protect corporate and consumer data?
DORA is highly targeted at the stability and resilience of the financial services sector. It ensures financial institutions can respond to, withstand, and recover from ICT-related threats and disruptions. It also requires robust strategies and policies to manage ICT risks in financial institutions.
Arnaud Treps, chief information security officer at Odaseva, said, “DORA is very different from previous regulation where you have to change where you operate. DORA is about having proper backups, the capability to restore quickly, and building redundancy.”
Europe takes the lead
But does the US rejecting data privacy regulation mean walling America off from the rest of the world? Meta has threatened to potentially limit
An independent threat intelligence team warned the Treasury Department that representatives of Elon Musk's Department of Government Efficiency was a significant “insider threat.” The warning made the problem of insider threats a new worry for US citizens, sparking multiple discussions on social media. It also made a new case for technology that defended against the threat.
Insider threats are not the most common form of security weakness, but they are the hardest to defend against. Even if a company successfully screens out potential bad actors in the hiring process, they have to make sure who they hired is who shows up to get their security badge. And if they get past those two processes, there’s always the possibility of an unbalanced or angry employee bringing a firearm into the office to commit mayhem. Luckily there are technologies in place, such as advanced detection and response, identification validation, and AI-driven weapons detection available in the market.
Identifying the threat
According to the Verizon Data Breach Investigation report for 2024, 80 percent of breaches are based on social engineering and phishing making them the top attack vectors. However, the report said that 32 percent of breaches involving an insider are considered malicious. That is a cause for significant concern when hiring new workers. Identifying a potential threat is easier than repairing the damage it causes later.
MFA technologies are now under significant pressure from threat actors, who are using highly sophisticated – and successful – strategies to circumvent what was once considered to be effective protection. Here's what you can do.