Data breaches and high-risk vulnerabilities continue to dominate
Posted on 12 August 2014.
Cyber threats, data breaches and high-risk vulnerabilities have continued to dominate the first half of 2014. The severity of these attacks intensified against financial and banking institutions as well as retail outlets, according to Trend Micro.


Total attacks have exposed more than 10 million personal records as of July 2014 and strongly indicate the need for organizations to adopt a more strategic approach to safeguarding digital information.

These incident attacks in the second quarter affecting consumer's personal information included theft of data such as customer names, passwords, email addresses, home addresses, phone numbers, and dates of birth. These types of personal privacy breaches have affected organization's sales and earnings while leaving customers unable to access accounts and dealing with service disruption. As a result many countries have begun developing stricter privacy and data collection policies to begin dealing with this problem.

As of July 15, 2014, more than 400 data breach incidents have been reported, creating the need for organizations to identify and understand their core data in order to protect and build an effective defense strategy to keep them secure. A change in mindset, organizations initially need to determine which information they regard as "core data" before devising a plan on how to protect it.

"Organizations must treat information security as a primary component of a long-term business strategy rather than handling security issues as tertiary, minor setbacks," said Raimund Genes, CTO, Trend Micro."Similar to having a business strategy to improve efficiency, a well-thought-out security strategy should also improve current protection practices that achieve long-term benefits. The incidents observed during this quarter further establish the need for a more comprehensive approach to security."

Highlights of the report include:

Critical vulnerabilities created havoc among information security professionals and the public: High-risk vulnerabilities affected various components of Internet browsing and Web services, including server-side libraries, OSs, mobile apps and browsers.

Escalation in the severity & volume of attacks: The severity of attacks against organizations highlighted the importance of incident response planning and organization-wide security awareness.

Cybercriminals counter online banking and mobile platform developments: Deployment of mobile ransomware and two-factor authentication-breaking malware has emerged in response to technological developments in the online banking and mobile platforms.

Digital Life and Internet of Everything (IOE) improved way of life with emerging vulnerabilities: The 2014 FIFA World Cup held in Brazil was one of the most popular sporting events in recent history. As such, users faced various threats related to the event—one of the most widely used social engineering hooks this quarter.

Global law enforcement partnerships lead to arrests: By sharing research findings with law enforcement agencies, financial loss prevention from cybercrime has proven effective.

"The reported attacks in the second quarter reveal that the wide spectrum of cyber threats can have a disastrous impact globally," said JD Sherry, vice president of technology and solutions, Trend Micro. "Implementing a strategic incident response plan by forging collaborations, both internally and externally, will provide agencies and industries the resources to respond and protect against current threats to information security."





Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //