Week in review: Attackers abandoning malicious macros, average data breach cost soars

Cybersecurity news

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure
In a building under construction at the Advanced Technologies Park in Be’er Sheva, the “cyber capital” of Israel, a new governmental lab is also taking shape: the National Cyber-Kinetic Lab for ICS and OT.

Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed.

Why firms need to harness identity management before it spirals into an identity crisis
Digital transformation is at the top of every organization’s agenda today. But while it is easy to make bold, forward-looking plans on paper, the reality of implementing digitalization can be slow and frustrating work.

The global average cost of a data breach reaches an all-time high of $4.35 million
IBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations.

The infosec investment landscape: Which tech gets the most bucks?
How many cybersecurity vendors are active at the moment? What are they offering? How is their business doing? These are just some of the questions that Richard Stiennon, Chief Research Analyst at IT-Harvest, is trying to answer on a daily basis.

Benefits of modern PAM: Efficiency, security, compliance
Many legacy Privileged Access Management (PAM) solutions are still very manual regarding what they do and how they manage user access and permissions.

1 in 3 employees don’t understand why cybersecurity is important
According to a new Tessian report, 30% employees do not think they personally play a role in maintaining their company’s cybersecurity posture.

Building trust into every aspect of an organization
In this Help Net Security video, Matthew Chiodi, Chief Trust Officer at Cerby, talks about building trust not just when it comes to applications and data, but also with employees and customers.

Targeted campaign uses infostealer to hijack Facebook Business accounts
WithSecure researchers have discovered an ongoing operation, dubbed “DUCKTAIL”, that targets individuals and organizations operating on Facebook’s Ads and Business platform.

Minimizing risk: Key cybersecurity-related M&A considerations
In this Help Net Security video, Lenny Zeltser, CISO at Axonius, shares key cybersecurity-related considerations that both acquirer and acquired should keep in mind as they go through M&A.

Trust in fintech security has been wavering
The growing rate of cybercrime has added to the market unrest and questioned fintech preparedness; some claimed that the industry players are more susceptible to virtual threats than traditional banking, with greater resources at their disposal.

Major shifts and the growing risk of identity fraud
In this Help Net Security video, Will LaSala, Field CTO, OneSpan, talks about the dangers of identity fraud and how these attacks prey on our ability to trust people.

Monitoring the impact of security solutions on user experiences is critical
Modern organizations are challenged by conflicting demands to secure the enterprise while delivering excellent end-user experiences, according to Broadcom Software.

Organizations are struggling with SaaS security. Why?
In this Help Net Security video, Yoav Kalati, Head of Threat Intelligence at Wing Security, illustrates how it’s no surprise that SaaS security is failing.

How SMBs are evolving their cybersecurity operations practices
Cybercriminals and threat actors work around the clock, with attacks originating from around the world. Therefore, all businesses, including SMBs, need to be always on alert for new threats and available to respond at any moment to an incident.

The future of attack surface management (ASM)
In this Help Net Security video, David Monnier, Team Cymru Fellow, talks about what lies ahead for attack surface management, the findings from the recent State of Attack Surface Management report, and offers advice for security leaders evaluating existing or potential ASM platforms.

Infosec pros want more industry cooperation and support for open standards
Driven by security operations complexity, 46% of organizations are consolidating or plan on consolidating the number of vendors they do business with.

Why there is no quick fix for cyber attacks
In this Help Net Security video, Stefano Maccaglia, Incident Response Practice Manager at Netwitness, discusses how building awareness and investing in people helps prepare organizations for today’s cyber attacks.

Product showcase: The Cynomi Virtual CISO (vCISO) platform
Cynomi enables managed service providers and consulting firms to provide ongoing vCISO services at scale by automating much of the manual, expert and time-consuming vCISO work, empowering their existing teams.

Find out why developers love Pentest as a Service (PtaaS)
Pentest as a Service (PtaaS) allows organizations of all sizes to manage an efficient pentest program with on-demand access to expert security talent and a modern SaaS delivery platform.

New infosec products of the week: July 29, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, NetApp, Rapid7, Runecast, and Teleport.

More about

Don't miss