ITMG Insider Threat News August 19, 2022

Department of Defense Selects Torch.AI for New Cyber and Insider Threat System

Torch.AI has revealed that the Department of Defense (DOD) has selected the company’s software for a new cyber and insider threat analysis capability, the System for Insider Threat Hindrance (SITH).

Cyber attacks across all industries are on the rise. Costs related to cybercrime are expected to reach $10.5 trillion per year by 2025. Insider threats are one of the primary reasons for data record breaches, which are growing at nearly 200% per year. Employees, former employees, vendors, business partners and business associates are all insiders that could pose a threat to the average business.

Due to its Threat Against Taiwan and Ongoing Espionage Operations, the CIA is Turning its Attention to China.

China’s expanding political and economic ambitions have long alarmed the US.

China has waged campaigns of corporate and cyber espionage, attempted to sway foreign elections, and imprisoned millions of ethnic Uyghurs in camps.

According to some experts, Beijing will attempt a violent takeover of the democratically self-governing island of Taiwan in the years to come.

NetSecurity Corporation Reveals Why Endpoint Detection and Response (EDR) Platforms are Inadequate for Computer Forensics Investigation

When there is a data breach, insider threat, or a cyber attack, organizations often struggle to identify the right skills, tools or product to use for the investigation and often resort to open source scripts, freeware, collector scripts, or traditional EDR. These technologies do not scale and are not capable of conducting forensics at scale and timely. NetSecurity recognized this problem and developed ThreatResponder to help organizations conduct remote forensics investigation, eliminating travel costs and delays.

How Security Teams can Combat Social Engineering and Insider Threats

According to the Verizon 2021 Data Breach Investigations Report, 85% of data breaches involve a human element, with social engineering being among the most prevalent attack techniques. Social engineering refers to attackers who pursue victims to illegally disclose confidential information by exploiting their trust. And there is no better way to connect with a person than over social media, right? But considering the consequences that an employee might face if they try to illegally disclose confidential data, the question arises: why would an employee fall victim to social engineering attacks, and to what extent does exposure on social media increase the risk of victimization?

Cyber-criminals Shift from Macros to Shortcut Files to Hack Business PCs, HP Reports

According to the new research, shortcuts are gradually replacing Office macros (which are starting to be blocked by default by Microsoft) as a way for attackers to get a foothold within networks by tricking users into infecting their PCs with malware.

Specifically, the report shows an 11% rise in archive files containing malware, including LNK files. Further, the data suggests that 69% of malware detected was delivered via email, while web downloads were responsible for 17%.

HP said its security team noted attackers often placed shortcut files in ZIP email attachments, to help them evade email scanners. The company also spotted LNK malware builders available for purchase on hacker forums.

Chinese Hackers May Be Behind Attacks Targeting Eastern Europe and Afghanistan

A new analysis by Kaspersky unveiled a wave of targeted attacks on military-industrial complex enterprises and public institutions in Belarus, Russia, Ukraine and Afghanistan.

The cybersecurity company made the announcement in an advisory published on Monday, which claims the attackers were able to penetrate several enterprises and hijack the IT infrastructure of some of them.

Kaspersky did not name these entities but said they included industrial plants, design bureaus and research institutes, government agencies, ministries and departments.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading