Mastouille

0 message0 participant0 message aujourd’hui

Wade BakerIs your organization now more or less likely to experience a significant <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> event than it was 10y ago?Well, that depends. Let's look at some data from Cyentia Institute's recent 2025 Information Risk Insights Study (IRIS).The chart below depicts the annualized incident probability for firms in each revenue tier. I won't go into the details here of how we modeled this, but the methodology appendix in the report does get into that (link below). And if you want even more detail, Joran Elias has an excellent blog post for Cyentia Institute members (free account). For now, just assume we've used many incidents over many years to model the probabilities you see here.From the chart, you can see why I say "that depends" to the lead question. The probability of a <$100M firm suffering a <a href="https://infosec.exchange/tags/securityincident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityincident</a> has more than doubled, while the chance of a $100B+ megacorporation having an event has dropped by a third over the same time frame. Meanwhile, incident probability for organizations in $1B to $100B range have remained relatively static.Unfortunately, our dataset is silent on the underlying factors behind these <a href="https://infosec.exchange/tags/cyberevent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberevent</a> trends, but we can engage in some informed speculation. And LinkedIn is the perfect platform for it. I'll start. To me, this chart hammers home Wendy Nather's concept of the security poverty line. Giant corporations with their giant budgets to hire the best people, buy the best technology, and implement the best processes, are finding success. But the pace of digitalization has outpaced SMBs’ ability to defend their growing attack surfaces and mitigate <a href="https://infosec.exchange/tags/cyberrisk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberrisk</a> .I have many other thoughts regarding the factors underlying what we see here, but I'd rather hear from you. What do you see as key contributors?**** Get the IRIS 2025 here: <a href="https://www.cyentia.com/iris2025/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.cyentia.com/iris2025/</a>You'll have the option to just download it or get it or join Cyentia's free membership program for the report plus a bunch of bonus analytical content.

Bytes EuropeSlow Fog Cosine: Cryptocurrency security incidents are frequent, with the highest single loss in a week exceeding 6.5 million dollars <a href="https://www.byteseu.com/1106577/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.byteseu.com/1106577/</a> <a href="https://pubeurope.com/tags/CoinTheftIncident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CoinTheftIncident</a> <a href="https://pubeurope.com/tags/Crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Crypto</a> <a href="https://pubeurope.com/tags/CryptoCurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoCurrency</a> <a href="https://pubeurope.com/tags/SecurityIncident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityIncident</a> <a href="https://pubeurope.com/tags/SlowFogCosine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SlowFogCosine</a>

Ben VirgilioAnyone know if the <a href="https://infosec.exchange/tags/FlightAware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FlightAware</a> "security incident" involved plaintext passwords? Certainly smells like it... First I'm seeing anything about this. <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataBreach</a> <a href="https://infosec.exchange/tags/securityincident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityincident</a> <a href="https://infosec.exchange/tags/plaintextpasswords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#plaintextpasswords</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/avgeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#avgeek</a>

Jonathan Kamens 86 47It's possible that the delay is due to the <a href="https://federate.social/tags/ChangeHealthcare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChangeHealthcare</a> <a href="https://federate.social/tags/SecurityIncident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityIncident</a>, but it's equally possible that the surgeon's office is overworked and understaffed and just hasn't gotten around to filing the secondary insurance claim. After all, why would they feel like they have to prioritize it, when they already have my money?

Ge0rGMinor <a href="https://chaos.social/tags/SecurityIncident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityIncident</a> with <a href="https://chaos.social/tags/GooglePlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GooglePlay</a> developer console? Check your android app QA accounts!Test account created exclusively for Google to test my <a href="https://chaos.social/tags/xmpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#xmpp</a> app comes online from <a href="https://chaos.social/tags/DigitalOcean" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DigitalOcean</a> VPS (instead of the usual <a href="https://chaos.social/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> IP), asks me if I like drugs. VPS smells like a honeypot or hacked, running Squid 3.5.20 (from 2016) on a bunch of ports.Escalated to Google Play developer support.

seadevRackspace has experienced a <a href="https://infosec.exchange/tags/securityincident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityincident</a> involving hosted MS Exchange servers:““On Friday, Dec 2, 2022, we became aware of an issue impacting our Hosted Exchange environment. We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact. After further analysis, we have determined that this is a security incident.”<a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTI</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a>Sources: <a href="https://www.theregister.com/2022/12/03/rackspace_security_incident_hosted_exchange/" rel="nofollow noopener noreferrer" target="_blank">https://www.theregister.com/2022/12/03/rackspace_security_incident_hosted_exchange/</a><a href="https://www.bleepingcomputer.com/news/technology/cloud-provider-rackspace-hit-by-ongoing-12-hour-exchange-outage/" rel="nofollow noopener noreferrer" target="_blank">https://www.bleepingcomputer.com/news/technology/cloud-provider-rackspace-hit-by-ongoing-12-hour-exchange-outage/</a>Status Page: <a href="https://status.apps.rackspace.com/" rel="nofollow noopener noreferrer" target="_blank">https://status.apps.rackspace.com/</a>

ITSec News deutschDie Data Pie Cybersecurity AG berät Organisationen aus dem EU/EWR Raum, damit diese den schweizerischen Anforderungen im Informationssicherheitsgesetz, Datenschutzgesetz und dem IKT-Minimalstandard gerecht werden. <a href="https://www.allianz-fuer-cybersicherheit.de/Webs/ACS/DE/Home/_/infos/20220628_DataPie_Einzelberatung.html?nn=133710" rel="nofollow noopener noreferrer" target="_blank">Partnerangebot: Dienstleistung – Data Pie Cybersecurity AG – „Informationssicherheit und Datenschutz in der Schweiz“</a>

ITSec News deutschDer First Check der suresecure GmbH gibt einen groben Überblick darüber, wie gut Unternehmen auf einen Cyberangriff vorbereitet sind. <a href="https://www.allianz-fuer-cybersicherheit.de/Webs/ACS/DE/Home/_/infos/20220621_suresecure_FirstCheck.html?nn=133710" rel="nofollow noopener noreferrer" target="_blank">Partnerangebot: suresecure GmbH – „First Check – Wie gut sind Sie auf einen Cyberangriff vorbereitet?“</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#SecurityIncident