Cyber Threat Report: Cyber Security News for 05/12/23

Three-Quarters of Firms Predict Breach in Coming Year
Most said it was “somewhat to very likely” that they’d suffer a breach of customer data (70%) or IP (69%), or a successful cyber-attack (78%). Read More

CISOs Worried About Personal Liability For Breaches
Over 62% of global CISOs are concerned about being held personally liable for successful cyber-attacks that occur on their watch, and a similar share would not join an organization that fails to offer insurance to protect them. Read More

FBI Disrupts Russian Hacking Tool Used to Steal Information from Foreign Governments
The action appears to be a major blow to Russia’s domestic intelligence service, the FSB, which has allegedly used the sophisticated hacking tool to infiltrate US and Western diplomatic and military agencies for nearly two decades. Read More

Ex-Uber Security Chief Sentenced to Three Years of Probation for Data-Breach Cover-Up
Sullivan was found guilty of obstructing justice and concealing knowledge that a federal felony had been committed. Prosecutors had sought a sentence of 15 months in federal prison. Read More

Critical Siemens RTU Vulnerability Could Allow Hackers to Destabilize Power Grid
The vulnerability could allow complete control of a device and they could potentially destabilize a power grid and possibly even cause blackouts by changing critical automation parameters. Threat actors could also leverage the vulnerability to implement backdoors. Read More

1 Million Impacted by Data Breach at NextGen Healthcare
Attackers accessed personal information such as names, addresses, birth dates, and Social Security numbers. Read More

Dallas Police Department Compromised in Ransomware Attack
The City of Dallas in Texas, US, has confirmed a ransomware attack took down essential services, including some 911 dispatch systems. Read More

Fortinet Patches High-Severity Vulnerabilities in FortiADC, FortiOS
An attacker could exploit the bug via crafted arguments to existing commands, allowing them to execute unauthorized commands. The 2nd bug allows an authenticated attacker to send specifically crafted requests to achieve arbitrary code execution, Fortinet explains. Read More

56,000+ Cloud-Based Apps at Risk of Malware Exfiltration
Researchers also identified over 171,500 Fortune 1000 employees who used an infostealer malware-infected device to log into corporate resources. Read More

Make Them Pay: Hackers Devise New Tactics to Ensure Ransomware Payment
Hackers have adopted more professional and corporate tactics to ensure higher returns. Read More

Merck Cyber Coverage Upheld in NotPetya Decision, seen as Victory for Policyholders
A court victory in the closely watched insurance case is expected to stabilize a turbulent market and provide some assurance for organizations amid a rise in nation-state activity. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

Despite overall cyber-risk levels decreasing, a recent study shows that a majority of global organizations anticipate facing a data breach or cyber-attack within the next year. The Cyber Risk Index shows a positive score for the first time, indicating improved cyber preparedness. However, based on interviews with over 3.7k organizations, companies remain pessimistic, with 86% feeling ill-equipped to handle a data breach and 47% not having an incident response plan in place. Concerns focus on negligent insiders, mobile users, lack of trained staff, and risks associated with cloud infrastructure and virtual computing environments. The study suggests that companies need to take proactive measures to prevent and prepare for data breaches.

According to a recent survey, 62% of global CISOs are worried about personal liability for cyber-attacks and would avoid organizations without insurance protection. Sectors like retail, financial services, and manufacturing are more likely to seek insurance coverage. The survey highlights CISOs' burnout concerns due to stress, limited budgets, and personal liability. It also raises issues of sensitive data loss, inadequate response to targeted attacks, and top cybersecurity threats like email fraud, insider threats, compromised cloud accounts, and DDoS attacks.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.