controlgap.com

Posts about:

Ransomware

Cybersecurity, Ransomware, Phishing, pen-testing, IRS, passwords, offensivesecurity, Malware, breaches, hurricane, third-party

Cyber Attack Seasons: Key Times When Businesses Are at Risk

While cyber attacks remain a persistent, year-round threat to organizations, cybersecurity professionals have discovered patterns in the frequency and intensity of attacks throughout the year. These attacks are influenced by various factors, including economic cycles, sporting events, and even the seasons. Understanding these patterns can help organizations prepare and reinforce defenses during high-risk periods. Here's a detailed look at when organizations are most vulnerable to cyber attacks.

CG Blogger
Read More
Ransomware, NIST, [in]security, Cybercrime, PCI 4.0

This Week's [in]Security - Issue 272

Welcome to This Week’s [in]Security. PCI and payments: PCI updates: MPoC RFC. Payments: chargebacks and friendly fraud. New breaches: credentials, Elasticsearch. Follow-ups & Fall-out: Desjardins. Privacy: TikTok, Location data, tracking tech. Laws & Regs - Canada: cybersecurity law, C-11. US: privacy, copyright, World: cookies, deepfakes, Assange. Standards: NIST. Defense - Training & events: PCI SSC CM, NICE. global initiatives. Tools & Techniques, Vulnerabilities - Advisories: Zerodays, Patching: Splunk, WordPress, Other: Citrix, CPUs, Hertzbleed. Azure, Sharepoint/OneDrive, Drupal, FastJSON, Siemens, Zimbra. Vulnerability research: AI/ML, Crypto-research: Cybercrime - Trends: Crime & Enforcement: Nation States and mercenaries. Other Risks: Googles Chatbot, Self-drive crashes. Disinformation, Health, Safety, Environment, Crypto-crash. Russia v. Ukraine. Innovation and more.

CG Blogger
Read More
Ransomware, [in]security, Bill C11, zeroday, AES

This Week's [in]Security - Issue 270

Welcome to This Week’s [in]Security. PCI and payments: Payments: New breaches: Pegasus Airlines, ACY Securities, Elasticsearch Buckets. New Ransomware, Follow-ups & Fall-out: largest breaches. Privacy: Consumer Trust, Tim Hortons. Laws & Regs - Canada: C-18, C-11. US: ethical hacking, privacy bill, right to repair. World: Crypto-AML. Defense - Tools & Techniques, Vulnerabilities, Advisories: CISA & FDA. Zerodays, dangerous Follina/MSDT, Confluence, Horde, ICS Doh! Patching. Other: Bulletproof TLS, MySQL, web-scraping. Vulnerability research: remote touchscreen control. Crypto-research: Quantum, AES. Cybercrime: Trends: WordPress Plugins, scams. Crime & Enforcement: Disrupting DDoS. Nation States and mercenaries. Other. Other Risks: General: bias, scammers. Health, Safety, Environment, Disinformation, Economy. Russia v. Ukraine. Innovation and more.

CG Blogger
Read More
Ransomware, [in]security, PCI 4.0, privacy, Malware, Microsoft

This Week's [in]Security - Issue 269

Welcome to This Week’s [in]Security. PCI and payments: PCI updates: Brazil. Skimmers. Payments: New breaches: Nuclear documents, Brexit, GM, Colleges, Toronto. Follow-ups & Fall-out: MGM Resorts, GitHub, NPM. Privacy: DuckDuck, Facial tech, data safety. Laws & Regs - Canada: C-11. US: Disclosure, Twitter, Content moderation, Zuckerberg, Trolls. World: Clearview AI, Privacy Shield, Borderless data, Platform liability. Defense - Tools & Techniques, Vulnerabilities, Advisories: CISA. Zerodays, Patching: Vmware, Zoom. Other: AWS key theft or research? Containers, Forging Australian digital IDs, Phishing infosec. Vulnerability research: Controlling touchscreens remotely, Pre-hijacking accounts, manipulating ML. Crypto-research: RSA, AES. Cybercrime: Trends: Crime & Enforcement: Nation States and mercenaries. Other. Other Risks: General: Health, Safety, Environment, Disinformation, Russia v. Ukraine. Innovation and more.

CG Blogger
Read More
MFA, Ransomware, NIST, payments, [in]security, Cybercrime, Crypto, Ukraine, Russia, Laws and regulations

This Week's [in]Security - Issue 266

Welcome to This Week’s [in]Security. PCI and payments: Skimmers. Payments: New breaches: Anonymous, DeFi, Ikea. New Ransomware, Major outages, Follow-ups & Fall-out. Privacy: Health Canada, Facial recognition. Laws & Regs - Canada: Copyright. US: ISPs, Insurance. World: India. Standards: NIST, definitions. Defense - Training & events: space-cybersecurity. Password day. Kill-switch. Tools: MFA. Vulnerabilities, Advisories: Patching: F5, Cisco. Other: mental health apps, AV bugs, uClibc IoT, DNS poisoning, No MFA? Vulnerability research: Zero-Knowledge. Crypto-research: Quantum crypto. Cybercrime: Trends: Event log malware, Doh! Crime & Enforcement: BEC impact. Nation States and mercenaries. false-flags, sanctions, Spain & Pegasus, China. espionage, Other. Other Risks: General: Airtags, deepfakes, web3. Health, Safety, Environment, Disinformation, Economy. Russia v. Ukraine. NATO. Quantum computing, Innovation and more.

CG Blogger
Read More
COVID-19, Ransomware, NIST, [in]security, Magento, Skimmers, IRS

This Week's [in]Security - Issue 255 | insecurity | Control Gap

CG Blogger
Read More
COVID-19, IoT, Ransomware, NIST, [in]security, Bill C11, spyware

This Week's [in]Security - Issue 253 | insecurity | Control Gap

CG Blogger
Read More
GDPR, COVID-19, MFA, Ransomware, Revil, [in]security, Crypto

This Week's [in]Security - Issue 238 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI and payments: PCI & Ransomware, 3DS RFCs, PCI Halloween, AI shoulder surfing, Rapid Dispute, V-cards, UP Express. New breaches: Argentina!, CoinMarketCap, Durham police. New Ransomware: New Ransomware, Challenges, Revil (Strikeback), BlackMatter. Follow-ups & Fall-out. Privacy: ISPs, Alexa, Lunch Money. Laws & Regs - Canada, Online Harms. US: Export restrictions, Sanctions & Crypto, Notifications, Supplychains, Missouri, Facebook, World: GDPR bypass. Standards: NIST KDF, HTTPA. Defense: Detection, Blackhat, L0PHTcrack, Win11. Vulnerabilities, Zerodays: Apple. Other Vulnerabilities: Chrome, CVEs, MFA, Chinese hacking contest, Kerberos, DCOM, Gummy Browser attack, Tesla, Health Apps. Cybercrime: Trends: Fake pentest contracts, more fakes, Discord, Microsoft, Buggy malware, Obfuscation, NPM JavaScript, Youtube. Nation States. Crime: $35M deepfake heist, no honor among thieves, jail. Other Risks: IoT, third-parties, economic supply-chains, bias, Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Covid Ugly; Covid Compliance. And more.

CG Blogger
Read More
COVID-19, Ransomware, [in]security, Cybercrime, Crypto

This Week's [in]Security - Issue 216 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI WFH FAQs, Standard updates, Mercari breach, Hashes Unsafe. New breaches: 23 Android Apps, Air India, Daily Quiz. New Ransomware: Banning payouts, Double Encryption. Follow-ups & Fall-out: SolarWinds, Codecov, Water Plant. Privacy: Apple, Cams, Health tools. Laws & Regs - Canada: C-10, Vaccine Patents. US: Pipeline Bills, IRS Crypto, Lawsuit backfires, Snapchat suit, Tesla review. UK, EU, HK: Facebook probe, WhatsApp, Sanctions, Crypto wars, USK MSP regs. Standards: Data Classification. Defense: ZeroDays, Phone numbers, Passwords, Simuland, Russian Keyboards, Explorer RIP. Vulnerabilities: Android, Windows RCE, Tool Abuse, Planes, (no trains), Automobiles. Cybercrime - Trends: Apple, Stuffing, Bizarro, Lazy Ransomware? Nation States. Crime. The2011 RSA Hack. Other Risks: Stress, Critical Infrastructure, Gig risgs, Busted for weak Wi-Fi? Just daft. Health, Safety & Environment: Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Learned. Covid Ugly. Covid Compliance. And more.

CG Blogger
Read More
COVID-19, Ransomware, NIST, [in]security, Skimmers, zeroday

This Week's [in]Security - Issue 210 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI 3DS, New e-skimmers, Card breaches. EU's SCA. Big-Hacks: Facebook, Linkedin. New breaches: Clubhouse, Q Link Wireless. New Ransomware. Follow-ups & Fall-out. Privacy: Big Brother? Xcinex Venue. Laws & Regs: Bans, Breach law, Facial recognition, NIST & Hippa. Defense: Tools, Simplification, Resilience. Vulnerabilities: Cisco zeroday, Pwn2Own, SAP, Zoom, Carbon Black, Domain Time II, Moodle, medical devices, 802.11bf sensing. Cybercrime: Trends. Gigaset, Nation States. Cyber-war? Other Risks. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants. The Good, Bad, and Ugly (Behaviour). And more.

CG Blogger
Read More