#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Cyber Hygiene | Breaking Cybersecurity News | The Hacker News

Category — Cyber Hygiene
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Sep 19, 2024 Cyber Hygiene / Network Security
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it's not just data at risk — it's the care of patients who depend on life-saving treatments. Imagine an attack that forces emergency care to halt, surgeries to be postponed, or a cancer patient's private health information used for extortion. This is the reality healthcare faces as cybercriminals exploit people who need care. Healthcare accounted for 17.8% of all breach events and 18.2% of destructive ransomware events since 2012 1 , surpassing other sectors like finance, government, and education. This alarming rise in attacks makes one thing clear: poor cybersecurity hygiene is the root cause, and the consequences for failing to address these vulnerabilities are devastating. Organizations that neglect basic cybersecurity practices, like sof
Lessons from the Snowflake Breaches

Lessons from the Snowflake Breaches

Jun 12, 2024 Data Breach / Identity Management
Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of a live event company's clientele, igniting a firestorm of concern and outrage.  Let's review the facts: two large organizations announced that they suffered a data breach, identifying unauthorized activity within a third-party cloud database environment. The accessed business records contained critical information on some employees, a large number of customers and other key business data.  The cloud connection  What might link these two breaches is the cloud data company Snowflake, which counts among its users both organizations. Snowflake did publish a warning with CISA , indicating a "recent increase in cyber threat activity targeting customer accounts on its cloud data platform." Snowflake issued a recommendation
Cyber Story Time: The Boy Who Cried "Secure!"

Cyber Story Time: The Boy Who Cried "Secure!"

Nov 21, 2024Threat Detection / Pentesting
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation (ASV) tools?" We've covered that pretty extensively in the past, so today, instead of covering the " What is ASV?" I wanted to address the " Why ASV?" question. In this article, we'll cover some common use cases and misconceptions of how people misuse and misunderstand ASV tools daily (because that's a lot more fun). To kick things off, there's no place to start like the beginning. Automated security validation tools are designed to provide continuous, real-time assessment of an organization's cybersecurity defenses. These tools are continuous and use exploitation to validate defenses like EDR, NDR, and WAFs. They're more in-depth than vulnerability scanners because they use tactics and techniques that you'll see in manual penetration tests. Vulnerability scanners won't relay hashes or combine vulnerabilities to further attacks, whic
Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts

Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts

Jun 07, 2024 Cyber Hygiene / Webinar
2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these attacks? Astronomical. The damage to reputations? Irreparable. But here's the shocking truth: many of these attacks could have been prevented with basic cyber hygiene . Are you ready to transform your cybersecurity strategy? Join us for an exclusive webinar, " Better Basics Win the Cybersecurity Threat War: Defend, Deter, and Save ," where we'll reveal how to optimize your cyber hygiene and compliance costs. What you'll learn: The latest trends shaping the cybersecurity landscape: Get ahead of the curve and understand the evolving tactics of cybercriminals. How the CIS Controls and CIS Benchmarks can simplify your security efforts: Discover the power of these proven security best practices and how they can fortify your defenses. How a CIS SecureSuite Membership
cyber security

6 Best Practices for Privileged Account and Session Management (PASM)

websiteSytecaCybersecurity / Privileged Accounts
Learn how to secure privileged accounts and sessions to protect your data and meet compliance standards.
Third-Party Cyber Attacks: The Threat No One Sees Coming – Here's How to Stop Them

Third-Party Cyber Attacks: The Threat No One Sees Coming – Here's How to Stop Them

Jun 06, 2024 Cyber Hygiene / Threat Detection,
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising not just individual organizations but the broader digital ecosystem. The web of interdependencies among businesses, especially for software and IT vendors, provides fertile ground for cybercriminals to exploit vulnerabilities. By targeting one weak link in the supply chain, threat actors can gain unauthorized access to sensitive information and can conduct malicious activities with severe consequences on multiple organizations, from data breaches and financial losses to widespread disruption and reputational damage. Understanding the nature, impact, and mitigation strategies of supply chain att
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

May 17, 2024 Cyber Hygiene / Attack Surface
A new report from XM Cyber has found – among other insights - a  dramatic  gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on hundreds of thousands of attack path assessments conducted by the  XM Cyber platform  during 2023. These assessments uncovered over 40 million exposures that affected millions of business-critical assets. Anonymized data regarding these exposures was then provided to the Cyentia Institute for independent analysis. To read the full report,  check it out here . Download the report to discover: Key findings on the types of exposures putting organizations at greatest risk of breach. The state of attack paths between on-prem and cloud networks. Top attack techniques seen in 2023. How to focus on what matters most, and remediate high-impact exposure risks to your critical assets. The
Why the Right Metrics Matter When it Comes to Vulnerability Management

Why the Right Metrics Matter When it Comes to Vulnerability Management

Feb 01, 2024 Vulnerability Management / Cyber Hygiene
How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics, how can you tell how well you're doing, progressing, or if you're getting ROI? If you're not measuring, how do you know it's working? And even if you are measuring, faulty reporting or focusing on the wrong metrics can create blind spots and make it harder to communicate any risks to the rest of the business. So how do you know what to focus on? Cyber hygiene, scan coverage, average time to fix, vulnerability severity, remediation rates, vulnerability exposure… the list is endless. Every tool on the market offers different metrics, so it can be hard to know what is important. This article will help you identify and define the key metrics that you need to track the state of your vulnerability management program, the progress you've made, so you can create audit-ready reports that: Prove your security posture Meet vulnerability remediation SLAs an
Expert Insights / Articles Videos
Cybersecurity Resources