Emotet Trojan Targets Education, Gov and Healthcare

Infosecurity Magazine | January 23, 2019

Emotet Trojan Targets Education, Gov and Healthcare
As 2018 rounded to a close, Malwarebytes predicted that Emotet and Trickbot were the future of malware, and the third annual State of Malware Report released today confirms that the Trojan families spread wildly, most often targeting the education, government, manufacturing and healthcare sectors. The old adage, "When one goes up, the other comes down," rang true with malware attacks in 2018. By the second quarter of the year, there was a notable decline in crypto-mining attacks, which saw only a 7% year-over-year increase; however, there was significant rise in information-stealing malware. The former banking Trojans Emotet and TrickBot plagued the education industry, while manufacturing suffered attacks from WannaCrypt and Emotet.

Spotlight

In the following video, Vera F. Birkenbihl and Katharina Schaffer, describe the 4 steps of brain-friendly language learning according to Birkenbihl, namely: De-Coding, Active Listening, Passive Listening and Activities.

Related News

Garmin Facing U.S. Investigation Over Payments to Terrorists By Third Party Following Cyber Attack

channelnews | August 05, 2020

Garmin is believed to be under investigation by US authorities, for paying cyber terrorists millions of dollars via a third party after their data operations were taken down in a major hack attack by an organisation called Evil Corp.The US Company who like to present themselves as a squeaky-clean Company appears to have had no hesitation in paying Evil Corp who has been sanctioned by the US Treasury as a terrorist organisation.

Read More

Stop Measuring Your Cybersecurity in Terms of Budget

DCMS | May 11, 2020

Almost every month there is a new report detailing how firms are increasing their cybersecurity budgets, or buying the latest tech to help defeat hackers. The typical way that companies have looked to improve their cyber capabilities is by investing in the latest tech to help protect their networks. Clearly measuring how strong your cybersecurity is can no longer be done by how much money is spent on it each year. The last decade has seen an explosion in cybersecurity spending, with the global market now valued at $112bn in 2019. Almost every month there is a new report detailing how firms are increasing their cybersecurity budgets, or buying the latest tech to help defeat hackers, but is this correlating with a reduction in cybercrime? A recent report found that while 85 percent of companies rated their security stack incredibly highly, 86 percent of them had still suffered a data breach in the last 12 months. Clearly there is a disconnect between how companies are measuring their cybersecurity readiness and achieving effective security in reality. The typical way that companies have looked to improve their cyber capabilities is by investing in the latest tech to help protect their networks. While these systems are effective, they still require employees with the sufficient skills to work them properly. Given that the DCMS recently found that 48 percent of UK businesses struggled to find employees with basic cyber skills, for example being able to configure a firewall correctly, it seems unlikely that the majority of companies are getting the most out of these tools. Learn more: THE TIME HAS COME TO BRING IN AI, MACHINE LEARNING AND AUTOMATION IN CYBERSECURITY . “Measuring human cybersecurity readiness is difficult to do. Currently, companies have had to rely on certifications for measuring ability, which quickly become outdated as hackers develop new techniques almost daily”. Experts often say that one of the best ways of defending your network is educating employees to be on the lookout for risks. However, often many businesses are not taking their human cyber readiness into account. This is because they are unable to effectively measure the skills of their cyber team. Measuring human cybersecurity readiness is difficult to do. Currently, companies have had to rely on certifications for measuring ability, which quickly become outdated as hackers develop new techniques almost daily. “ If an organization is unable to tell how strong its team is at cybersecurity, it will always be behind the hackers who are looking to steal its information”. However, failing to measure your human readiness companies can open themselves up to increased risk. For example, many organizations carry out breach simulations to provide crucial experience for the day when there is a real attack. However, businesses rarely measure how well their teams coped with each scenario and what training and actions should come from it. If an organization is unable to tell how strong its team is at cybersecurity, it will always be behind the hackers who are looking to steal its information. In the past, the only measure companies had to judge their employees was through what certificates they held. This led to hiring professionals on huge salaries who have been working in the industry for many years and have secured the correct qualifications. Just because they have a certificate does not mean they are necessarily better at handling a threat as the most junior person on the team. This is because it is impossible to know who is best to handle a response simply by looking at certificates. The junior member could have had more recent experience in handling that type of threat, or recently read about the latest techniques. By being able to continually measure who in the team is stronger at certain tasks can go a long way in improving efficiency in defending against attacks. Often, rather than hiring in the talent from outside their teams, organizations could spend a fraction of the budget and focus on upskilling their own existing staff. Of course, to do this you first need to know what skills your team already has, and where there are gaps that need to be filled. Learn more: CYBER SECURITY GUIDANCE FOR REMOTE WORKING .

Read More

DATA SECURITY

Cowbell Cyber Unites Cybersecurity Giants and Cyber Insurance Industry with Launch of Cowbell Rx

Cowbell Cyber | September 21, 2021

Cowbell Cyber, the industry's first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced the launch of its cyber risk exchange marketplace, Cowbell Rx. Cowbell Rx closes insurability gaps by providing cyber insurance applicants with resources to meet eligibility requirements while also enabling active policyholders to continuously improve their organization's risk profile. This comprehensive list of partners is the first of its kind in the cyber insurance industry. Cyberattacks continue to proliferate and damage business operations, with predictions that new attacks will happen every 2 seconds by 2031. However, cybersecurity and cyber insurance have traditionally operated in silos with insufficient coordination, resulting in a misalignment between cyber threats faced by an organization and the security measures to prevent them. Because of this, cyber insurers are tightening up insurability requirements for policyholders to obtain coverage or to renew existing cyber policies. Cowbell Rx is the first marketplace provided by a cyber insurer to help businesses gain access to recommended partners that offer solutions to organizations in order to meet the minimal criteria to get cyber insurance coverage. "Cybersecurity and cyber insurance must work in harmony to build an organization's cyber resilience. We are working with more than 20 of cybersecurity's biggest leaders to make this happen," said Isabelle Dumont, vice president of market engagement at Cowbell Cyber. "Cowbell Rx is a key component of Cowbell's closed-loop risk management initiative to continuously improve an organization's risk profile. Together with our partners, we are bringing streamlined access to today's top cybersecurity services and solutions straight to current and future policyholders." "Cowbell is an innovator in the field of cyber insurance and we share their passion for data-driven risk assessment," said Eric Skinner, vice president of Market Strategy at Trend Micro. "We're pleased to be part of Cowbell's new marketplace. By bringing together Cowbell policyholders with cybersecurity experts like Trend Micro, we can all work together to ensure our mutual customers stay resilient in a world of constantly changing cyber threats." "True cyber risk management is the combination of cyber insurance and effective cybersecurity operations," said Odin Olson, vice president of Alliances at Arctic Wolf. "Cowbell Rx is an excellent way to expose Cowbell's policyholders to some of the best cybersecurity service providers in the industry." About Cowbell Cyber Cowbell Cyber is dedicated to providing standalone, admitted individualized, and easy-to-understand cyber insurance for small and mid-size enterprises. In its unique AI-based approach to risk selection and pricing, Cowbell's continuous underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Cowbell Insurance Agency is currently licensed in 50 U.S. states and the District of Columbia.

Read More

Spotlight

In the following video, Vera F. Birkenbihl and Katharina Schaffer, describe the 4 steps of brain-friendly language learning according to Birkenbihl, namely: De-Coding, Active Listening, Passive Listening and Activities.