ATLANTA — June TK, 2024 — Cyble, the leading provider of AI-driven cybersecurity solutions, has been recognized by Forrester (Nasdaq: FORR) in its report, The Attack Surface Management Solutions Landscape, Q2 2024 Report.  This report offers valuable insights for organizations seeking to evaluate and select an attack surface management (ASM) solution that aligns with their unique attack surfaces and threats. It provides an overview of the ASM solutions market, explores the value that security and risk (S&R) professionals can expect from ASM vendors, and offers guidance on vendor options based on company size and market focus. It also notes how ASM is essential for building a proactive program, offering valuable insights that enhance SecOps solutions.   “We provide organizations with the tools and insights they need to proactively identify and mitigate potential cyber threats before they escalate. Our inclusion in the Forrester report will only further the resolve," said Beenu Arora, Founder and CEO of Cyble. “Cyble develops AI-powered solutions that help businesses protect their digital assets and maintain a strong security posture, and we’re constantly innovating to help customers keep pace with the rapidly evolving threat landscape.”  Cyble Vision X, the successor to its award-winning Cyble Vision 2.0 threat intelligence platform elevates the user experience by empowering decision-makers with immediate access to critical information through its AI-powered insights and intuitive design. The platform covers the entire breach lifecycle, encompassing pre-breach, during-breach, and post-breach stages. 

Key Capabilities of Cyble Vision X include: 

• Attack Surface Management: Ensures digital security by identifying and mitigating threats.  

• Brand Intelligence: Comprehensive protection against online brand abuse, including brand impersonation, phishing, and fraudulent domains. 

• Cyber Threat Intelligence: Helps organizations gain insights and enhance their defense with AI-driven analysis and continuous threat monitoring. 

• Dark Web and Cyber Crime Monitoring: Helps organizations stay vigilant and ahead of cybercriminals 

• Third-Party Risk Management (TPRM):  Helps organizations identify, assess, and mitigate risks that may arise from a business's interactions with third parties. 

"By leveraging Cyble Vision X’s unmatched coverage, organizations gain total visibility and control over their attack surface, ensuring a robust security posture amid evolving cyber threats," added Arora.  Cyble’s ASM is powered by ODIN, a groundbreaking attack surface monitoring capability that scans the entire IPv4 and IPv6 space. ODIN empowers infosec teams with an accurate map of the internet, enabling them to fortify their security perimeter and proactively hunt for threats on their attack surface. To learn more about ODIN, Cyble Vision X, and how Cyble can help you stay ahead of cyber threats, visit www.cyble.com.  About Cyble:  Cyble, a trailblazer in Cyber Threat Intelligence, is committed to democratizing Dark Web Threat Intelligence through advanced AI and Machine Learning solutions. Recognized as one of the most sought-after workplaces, Cyble’s culture fosters innovation, collaboration, and professional growth.  With a proven track record in delivering cutting-edge research and proactive monitoring, Cyble stands at the forefront of the cybersecurity landscape. Headquartered in Atlanta, Georgia, with a global presence spanning Australia, Malaysia, Singapore, Dubai, Saudi Arabia, and India, Cyble is the trusted authority empowering organizations to proactively combat evolving cyber threats. Media Contact  Matt McLoughlin  matt@gregoryfca.com Cyble Inc.  enquiries@cyble.com  Ph: +1 678 379 3241  

Source: www.databreachtoday.com – Author: 1 Finance & Banking , Fraud Management & Cybercrime , Fraud Risk Management It’s Time for Big Tech to Be Held Accountable for Rampant Online Fraud Suparna Goswami (gsuparna) • June 19, 2024     From account takeover threats to fake investment schemes, you don’t have to spend much time on […]

La entrada Ever Tried to Report a Scam on Facebook? Good Luck! – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

An analysis of ransomware attacks claimed to have been perpetrated by cybercriminal syndicates that was published today by NCC Group, a provider of managed security services, finds LockBit 3.0 has reemerged to claim the top spot amongst the most prominent threat actors. Previously dormant following the groups’ takedown by law enforcement officials earlier this year,..

The post Report Details Reemergence of Lockbit 3.0 Ransomware Syndicate appeared first on Security Boulevard.

Titania, specialists in continuous network security and compliance assurance solutions, announced the release of compelling new research that highlights a significant shift in cybersecurity spending towards proactive security measures. The report, "Emerging Best Practice in the Use of Proactive Security Solutions," indicates a marked increase in investments aimed at preemptively mitigating cyber threats. According to the study, over 70% of businesses reported increased spending on proactive security solutions, such as attack surface management and risk-based vulnerability management, over the past year. This growth notably outpaces investments in both preventative and reactive measures.

Strategic Implementation and Cybersecurity Industry Trends

Conducted in partnership with Omdia, a global analyst and advisory leader, the study surveyed over 400 security decision-makers across North America, the UK, France, and Germany. The findings highlight a rapid adoption of proactive security measures driven by three key objectives:

• Reducing the opportunity for cyber threats
• Reducing the mean time to remediate known vulnerabilities
• Minimizing the attack surface.

These proactive solutions are becoming an essential layer of protection, providing a comprehensive understanding of the threat landscape and attack surface to enhance organizational resilience and readiness.

Geographic and Sectoral Insights

The trend towards proactive security is particularly pronounced in the EMEA region, where 74% of respondents increased their budgets compared to 67% in North America. The financial services sector (54%) and critical infrastructure organizations, including energy and utilities companies (53%), show a strong inclination towards these investments. Nearly half (47%) of the respondents reported that their top cybersecurity goals for the next 12-24 months include reducing the opportunity for threats through proactive security. In contrast, only 27% of organizations plan to focus on improving tactical outcomes such as better threat prevention, detection, and response.

Enhancing Security Posture

Organizations are increasingly recognizing the need to improve their security posture through proactive security tools, which significantly enhance attack surface management and security control optimization. Many organizations reported limited visibility into the security posture of their network assets, such as firewalls, switches, and routers. Approximately half of the surveyed organizations check their network devices at most monthly, and some only monitor devices in critical segments or a sample of devices across their networks. Critical infrastructure organizations reported lower confidence than other industries in their ability to maintain adequate network segmentation and prevent unauthorized network access.

Anticipated Organizational Impact

Almost half (48%) of all respondents anticipate a high level of organizational disruption due to the broader adoption of proactive security solutions, highlighting the transformative impact these measures are expected to have. “This research vividly illustrates a widespread and rapid shift towards proactive security to improve operational readiness and resilience,” said Tom Beese, Executive Chairman of Titania. “Organizations recognize the critical need to stay ahead of known threats and shut down attacks by investing in solutions that offer real-time visibility of their security posture and remediation actions that continuously minimize their exposure.” Businesses emphasized the importance of consolidating proactive security tools, with 65% highlighting better visibility and management of the attack surface, 60% focusing on improved security control optimization, and 54% noting manpower productivity improvements.

Critical Proactive Security Capabilities

The survey identified several critical proactive security capabilities:

• The ability to view risks through different attack frameworks (61%).
• Full asset context (60%).
• Integration with existing security fabric to implement temporary mitigations (57%).

Andrew Braunberg, Principal Analyst at Omdia, explained, “While the cybersecurity industry has clung to the 'assume breach' mantra with its preventative and reactive solutions, organizations are awakening to a smarter strategy: proactively understanding attack surfaces, mapping attack paths, and plugging vulnerabilities to prevent breaches. Network device configurations are crucial to security posture management, and the adoption of proactive security solutions that automate configuration assessments could have a transformative impact.” The report highlights a gap in industry guidance on best practices for building a proactive security strategy. It notes that the US Defense Department’s Command Cyber Readiness Inspection program (CORA) and the EU’s Digital Operational Resilience Act (DORA) requirements align well with the need for proactive security solutions.

Additional contributors to this report: Grayson North, Jason Baker May 2024 closed with an increase in overall victim volume, though […]

The post GRIT Ransomware Report: May 2024 appeared first on Security Boulevard.

Not our fault, says CISO: “UNC5537” breached at least 165 Snowflake instances, including Ticketmaster, LendingTree and, allegedly, Advance Auto Parts.

The post Ticketmaster is Tip of Iceberg: 165+ Snowflake Customers Hacked appeared first on Security Boulevard.

Recent high-profile data leaks, including incidents involving Santander and Ticketmaster, have highlighted the ongoing issue of data breaches affecting a wide array of industries, from banking and logistics to online stores and entertainment. While companies typically take steps to protect their affected clients, individuals can also enhance their digital security. Kaspersky experts offer advice on what to do if your data has been leaked. Data leaks often involve logins, passwords, addresses, and phone numbers. In some cases, they may include passport details and bank card information. While any data leak is concerning, it’s crucial not to panic. Instead, pause and consider the necessary steps to secure your information.

Data Leak? Immediate Actions to Take

1. Change Compromised Account Details: If you suspect your account details have been compromised, immediately change your password and enable two-factor authentication. If cybercriminals have already accessed your account, contact technical support to restore access and determine what other information might have been compromised. 2. Address and Phone Number Leaks: If sensitive data such as your address or phone number is leaked, it is usually not critical but still concerning. A leaked address typically doesn’t pose a threat unless it leads to targeted attacks like stalking. In such rare cases, contact the police promptly. For a leaked phone number, ensure accounts using that number as a login have two-factor authentication, change your password, and remain vigilant for potential fraud calls. 2. Passport or ID Leaks: If your passport or ID details become leaked, stay alert for potential social engineering attacks. Scammers might use your passport details to appear more credible. However, there is usually no need to obtain a new document. Using leaked passport data for fraud, such as taking out a loan, requires additional personal information and substantial criminal expertise. To mitigate future risks, avoid giving away your passport details unnecessarily—they are primarily needed for banking and e-government apps, and occasionally logistics services. 3. Bank Card Details: Act promptly if your bank card details are leaked: monitor bank notifications, reissue the card, and change your bank app or website password. Enable two-factor authentication and other verification methods. Some banks allow setting spending limits for added protection. If account and balance details are leaked, be extra vigilant against phishing emails, SMS, and calls. Cybercriminals might target you based on this information. In unclear situations, contact your bank directly. 4. Organizational Security Measures: Various types of leaked employee data can be used for OSINT (open-source intelligence) to further access internal systems. To counter these threats, organizations are advised to use advanced security solutions, implement strong cybersecurity policies, and conduct employee training. 5. Educating and Protecting Against Social Engineering: Amin Hasbini, Director of META Research Center Global Research and Analysis Team (GReAT) at Kaspersky, emphasizes the importance of being aware of data leakage risks and avoiding oversharing. He advises educating relatives, especially children and the elderly, about the dangers of social engineering attacks. "A crucial thing also is to educate your relatives, especially kids and elderly people. For example, explain that if someone refers to personal information, such as full name and even passport details, by telephone, messengers, social networks or e-mail, it’s not necessarily the bank or social service representatives, but might be scammers. In personal issues it’s advised to have a code word or question that only relatives know, while with organizations if some actions are required it’s better to use official contact information for double checking”, says Amin Hasbini, Director of META Research Center Global Research and Analysis Team (GReAT), at Kaspersky. As data breaches continue to affect various industries, individuals need to take proactive steps to secure their personal information. By following these experts' advice, you can mitigate the risks associated with data leaks and protect yourself from potential cyber threats.

In the ever-evolving landscape of cyberthreats, email remains a prime target for malicious actors, with zero-hour Business Email Compromise (BEC) and advanced phishing attacks posing significant risks to organizations. A recent independent study by The Tolly Group, commissioned by SlashNext, highlights the company’s Gen AI powered Integrated Cloud Email Security (ICES) solution, demonstrating its superior […]

The post The Tolly Group Report Highlights SlashNext’s Gen AI-Powered Email Security Prowess first appeared on SlashNext.

The post The Tolly Group Report Highlights SlashNext’s Gen AI-Powered Email Security Prowess appeared first on Security Boulevard.

Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7's 2024 Attack Intelligence Report suggests that this will change.

The post Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report appeared first on SecurityWeek.