Many organizations are finally improving basic cyber hygiene, but the major problem facing defenders and governments is how to achieve scale across all sizes of businesses including nonprofits around the world, said Phil Reitinger, CEO and president of Global Cyber Alliance.
2023 is the year of exposure, said Cyentia Institute's Wade Baker. Exposure dominated Cyentia research this year, and many breaches were linked to mistakes in vulnerability management and poorly managed identities. Organizations are struggling with prioritizing hardware and software vulnerabilities.
Offensive security is transitioning from traditional penetration testing to a more continuous, technology-led approach, says Aaron Shilts, president and CEO at NetSPI. The security posture of organizations is constantly changing, making a point-in-time pen test less effective.
Hackers are attempting to infect a consumer-grade Wi-Fi router model with Mirai botnet malware following the discovery of zero-days in the device in a December hacking competition. TP-Link released a patch in mid-March. Telemetry shows infections in Eastern Europe and elsewhere.
The United States sent its top cyber offensive team to NATO ally Albania to help secure the nation's critical infrastructure networks. The Cyber National Mission Force helped find cyberthreats and vulnerabilities on networks likely targeted last year by Iranian threat actors.
Hitachi Energy joined the ranks of victims hit by the Clop ransomware group, which has exploited a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT. Clop claimed responsibility for the hack, which compromised networks used by 130 different organizations.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
CyberMaxx has landed the former CEO of cloud security vendor Threat Stack to bring offensive and defensive cybersecurity services together on one platform. The Nashville-based firm has tasked Brian Ahern with creating managed detection and response bundles with offensive and defensive capabilities.
Intel 471 has promoted second-in-command Jason Passwaters to CEO and tasked him with onboarding less-mature security organizations for narrower use cases. The company plans to land more threat intelligence customers by focusing on areas such as vulnerability management and patch prioritization.
Skybox Security has landed former Digital Guardian CEO Mo Rosen to pursue profitability and drive adoption of the security policy and vulnerability management vendor's SaaS platform. The San Jose, California-based company tasked Rosen with making Skybox's SaaS tool easier to deploy and use.
A massive automated ransomware campaign is targeting VMware ESXi hypervisors worldwide, warns CERT-FR, the French government's computer emergency readiness team that's part of the National Cybersecurity Agency of France. VMware is advising customers to patch affected servers and scan for malware.
While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
Tenable has debuted a $25 million corporate investment program to support prevention-focused startups focused on technologies such as cloud, OT and identity. The Baltimore-area exposure management vendor says Tenable Ventures plans to scour Israel and the United States for startups.
Security ratings provide a strong indication of potential risk, but boards increasingly want to drill into the underlying risk factors, says CEO Steve Harvey. BitSight has invested in both workflows around third-party risk and research and identification of CVEs on behalf of government agencies.
The IntSights deal has allowed Rapid7 to offer more visibility into the threat landscape and target the phishing infrastructure used by hackers. The deal has helped Rapid7 determine the spoofed domains and the employees and social media accounts that adversaries have targeted, CEO Corey Thomas says.