SecureOps Cyber Spotlight
Our team at SecureOps Marketing is so excited about the response the cyber community has given us with regard to our Cyber Brief Newsletter. We are rolling out a weekly “Cyber Spotlight” news brief, and this is the inaugural edition. Our goal is to bring you the “best of the best” cyber-related stories of the week that inform, educate, and hopefully entertain just a bit.
In this week’s Cyber Spotlight, we are providing four of the top articles and current news that we feel rises to the top of our very stringent criteria. In addition, we’ll try and add a blog post or two from our own library for any supporting information that is relevant. Most importantly, and as always, we strive to deliver content that is accessible, informative, and actionable, ensuring that you can make informed decisions and take proactive steps to enhance your digital defenses.
We hope you enjoy the brand new, weekly SecureOps Cyber Spotlight, and as always, you may reply with any questions, comments, or concerns, and we’ll have a consultant reach out to you.
Better yet, to speak to a cybersecurity specialist, please reserve a 15-minute introductory meeting by clicking the link below.
SecureOps Blog Post of the Week
The Benefits of Building a Zero-Trust Network
Zero Trust is a network security model that operates on the basis of strict identity verification. This framework enforces the principle that only authenticated and authorized users and devices are granted access to applications and data without exception. Its core focus is on safeguarding sensitive data, including personally identifiable information (PII), protected health information (PHI), payment card information (PCI), and intellectual property (IP).
In addition to this article we have it linked to two other articles discussing Zero-Trust, which is now one of the trending topics
Cyber Storm Predicted at the 2023 World Economic Forum
Global geopolitical instability has been a major factor influencing cyber strategies for 74% of organizations
According to the Global Cybersecurity Outlook 2023, both cybersecurity leaders (93%) and business leaders (86%) believe that a far-reaching cyber crisis is on the horizon within the next two years. In fact, 43% of organizational leaders think their own organization will be severely affected by a cyberattack in this timeframe.
List of Data Breaches and Cyber Attacks in 2023
A commentary on the largest and most significant breaches of the year
Discover the latest in cybersecurity trends with IT Governance’s comprehensive report on the 87 security incidents that occurred in July 2023. These incidents exposed a staggering 146,290,598 compromised records. For a detailed breakdown of the biggest cyber attacks of the month and the year thus far, check out the full list provided below.
You can stay informed and ahead of the curve by bookmarking this page. IT Governance will regularly update it with the most recent figures and relevant links, ensuring you’re always in the know about the latest data breaches. Each month, IT Governance we’ll update this page with the latest figures and links, so be sure to bookmark it to keep an eye out for the latest data breach news.
‘;–have i been pwned?
Check if your email address is in a data breach
Of course, we had to choose this website. It is one of our favorites! They provide all the information about a data breach just as you see the DoorDash breach description below. Clean, easy to read fact about the data breach including dates, the PII that was compromised, the size of the breach and like the DoorDash write-up, a link where you can find a good source to learn more about the breach. You can also enter your e-mail address on the home page to see if your e-mail address was compromised.
In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed “third-party vendor” they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.
Breach date: 2 August 2022
Date added to HIBP: 7 January 2023
Compromised accounts: 367,476
Compromised data: Email addresses, Geographic locations, Names, Partial credit card data
Attacker Breakout Time Shrinks Again, Underscoring Need for Automation
Just 79 minutes — that’s how long it takes attackers to move from an initial compromise to extending their infiltration of a firm’s network.
Attackers are getting faster. New research shows that they now only need 79 minutes to launch an attack on other devices after gaining initial access to a system. This is a decrease from 84 minutes in 2022. The fastest time recorded was just seven minutes. These findings come from CrowdStrike’s 2023 Threat Hunting Report, which analyzed over 85,000 incidents.
Breakout time measures how quickly attackers can compromise corporate networks. Another important metric is dwell time, which is the time between the initial compromise and the detection of the attacker. In 2022, dwell time hit a record low of 16 days, according to Mandiant’s annual M-Trends report. These numbers suggest that attackers are taking advantage of compromises and have free rein for over two weeks before getting caught.
Interpol Shuts Down African Cybercrime Group, Seizes $2 Million
Operation Jackal involved law enforcement agencies in 21 countries and yielded more than 100 arrests.
Over 100 cybercriminals from West Africa have been arrested, and over €2 million seized in a global investigation called Operation Jackal. The main target of this operation was the notorious Nigerian gang, Black Axe, known for their involvement in various cyber crimes such as email scams, fraud, and money laundering.
Interpol, along with law enforcement agencies from 21 countries, led this successful operation, sending a strong message to West African crime networks that they cannot hide in cyberspace. Isaac Kehinde Oginni, director of Interpol’s Financial Crime and Anti-Corruption Centre, hailed the operation as a model for future financial crime enforcement.