• CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • API
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • API
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • API
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • API
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
  • TPRM by ThirdPartyTrust
  • Beacon by ThirdPartyTrust
  • Solutions
  • Risk Assessment Automation
  • Security Questionnaire Automation
  • Shadow IT Management
  • Zero Day Remediation
  • Integrations
  • Industries
    • Financial
    • Energy
    • Healthcare and Hospitals
    • Legal
    • Life Sciences
    • Manufacturing Industry
    • Retail
    • Technology
    • Other Industries
  • Pricing
  • Resources
  • Blog
  • Strategy Guides
  • Case Studies
  • Data Sheets
  • Webinars
  • Dictionary
  • API
  • Company
  • About us
  • Careers
  • Partners
  • Partners Login
  • Product Security
  • Privacy Policy

Top 5 Cybersecurity Stories of the Summer

Published by Sabrina Pagnotta on August 31, 2022
Categories
  • Blog
  • Cybersecurity
Tags
  • Cybersecurity
top 5 cybersecurity stories

This summer was a busy one for cybersecurity teams. From ransomware to data breaches and vulnerability exploitation, these incidents continue to alert security leaders on the risks of extended networks and remote workplaces.

As cybercrime evolves, it is our job to learn from the latest attacks in order to make our organizations stronger. This blog covers the five most impactful cybersecurity stories of the summer.

#1 Zero days hit an all time high

Earlier this year, we learned that zero day exploits are behind half of the biggest vulnerabilities. 67% of them, to be precise.

What is a zero day exploit? It’s the code that attackers use to leverage or exploit a software vulnerability to compromise a system or network.

The surge in zero day attacks is an ongoing concern for security teams, as businesses increasingly run on software, and software is often vulnerable to malicious exploitation of unknown vulnerabilities.

This summer gave us plenty of evidence:

Twitter

A zero day vulnerability was exploited to compile a list of 5.4 million user account profiles. The vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor could then use this ID to scrape the public information for the account, including follower count, screen name, login name, location, and profile picture URL.
Read more >>

Google Chrome

The web browser urged Windows and Android users to install an update that fixed three high-level security threats: Heap buffer overflow in WebRTC, Type Confusion in V8, and use after free in Chrome OS Shell. These zero day vulnerabilities had already been exploited in the wild by threat actors before the patch was released.
Read more >>

Apple

The company released emergency security updates to fix two zero day vulnerabilities affecting iPhones, iPads, or Macs. One was an out-of-bounds write vulnerability in the operating system’s Kernel, and the other was an out-of-bounds write vulnerability in WebKit, the web browser engine used by Safari and other apps that can access the web.
As of August, Apple has patched seven zero days this year.
Read more >>

While these headline-grabbing attacks have been put under the microscope, many open-source, enterprise applications, and APIs are targets of zero day attacks every day. 

To help you stay ahead, we’ve compiled some resources and a quick guide: Everything to know about zero day attacks and remediation. We also have an on-demand webinar where you can get tips and tactics to reduce the risk of zero days.

#2 The cost of a data breach keeps increasing

IBM released the Cost of a Data Breach Report 2022, revealing that the average total cost of a data breach is $4.35 million. Reaching an all-time high, this figure represents a 2.6% increase from last year, when the average cost of a breach was $4.24 million. The number has climbed 12.7% since the 2020 report.

In critical infrastructures, it rises to $4.82 million —this means organizations in the financial services, industrial, technology, energy, transportation, communication, healthcare, education and public sector industries.

Learn more >>

As a recent example from this summer, tech giant T-Mobile has agreed to pay customers US$350 million to settle multiple class-action suits stemming from a data breach disclosed last year, affecting tens of millions of customers.

The company also agreed to spend an extra $150 million on cybersecurity through the end of 2023. It was reported that more than 76 million US residents affected by the breach will be part of the proposed class.

What are the causes of a data breach?

The use of stolen or compromised credentials remains the most common cause of a data breach, as per IBM’s research. Stolen or compromised credentials were the primary attack vector in 19% of breaches in the 2022 study, and also the top attack vector in the 2021 study, having caused 20% of breaches.

Recorded Webinar Stolen Credentials Feature Image

Watch on Demand

Stolen credentials, a conduit into your network

The second most common cause of a data breach is phishing, accounting for 16%. It is also the costliest, averaging US$ 4.91 million in breach costs.

#3 Ransomware attacks are up with increased complexity and impact

66% of organizations surveyed in 2021 were hit by ransomware, up from 37% in 2020, according to the State of Ransomware 2022 report released by Sophos this summer. 

Ransom payments are also higher: In 2021, 11% of organizations said they paid ransoms of $1 million or more, up from 4% in 2020. The average ransom paid by organizations that had data encrypted reached $812,360.

The experiences of IT security professionals working at the frontline has revealed an ever more challenging attack environment, coupled by the growing financial and operational burden ransomware places on its victims.

Learn more >>

The threat of ransomware is industry-agnostic. In the “Cybersecurity and Financial System Resilience” report published earlier this month, the Federal Reserve Board deemed ransomware attacks, nation-state incursions, and third-party access the top three cybersecurity threats to the U.S. financial industry.

In healthcare, ransomware attacks aren’t just disruptive and expensive, they can put patient safety at serious risk. In a joint alert issued August 11, the Federal Bureau of Investigation and Homeland Security’s Cybersecurity and Infrastructure Security Agency advised about the Zeppelin strain of ransomware, which has been aimed at healthcare organizations.

The alert outlines the tactics, techniques and procedures (TTPs) and incidents of consequence (IOC) of the Zeppelin variant, and outlines recommendations to help hospitals and health systems mitigate its risks.

#4 Cisco was attacked via a compromised employee Google account

Attackers gained access to a Cisco employee’s VPN client via their compromised Google account, which was synchronizing credentials saved in the victim’s browser.

“Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. The user had enabled password syncing via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account,” wrote Cisco Talos.

The attacker conducted a series of sophisticated voice phishing attacks (vishing) disguised as trusted organizations, in order to convince the victim to accept multi-factor authentication (MFA) push notifications. Once the MFA push was accepted, the attacker gained access to the Cisco VPN and conducted a variety of activities to maintain access, minimize forensic artifacts, and increase their level of access to systems within the environment.

However, the Cisco Talos research team stated they have not identified any evidence suggesting that the bad actor gained access to critical internal systems, such as those related to product development, code signing, etc.

Learn more >>

Despite the frequency of social engineering attacks, organizations continue to face challenges mitigating those threats. User training is paramount, including password hygiene, cybersecurity basics, and making sure employees know the legitimate ways that support staff will contact them, in order to avoid giving away sensitive information.

passwords-ebook-xsmall

Get the Ebook

How to protect your network from exposed credentials

#5 Massive phishing campaign targets 130 companies and tricks their employees

In early August, it was reported that digital communication platform Twilio suffered a data breach after its employees were targeted by a phishing campaign. 

The attackers sent SMS messages to Twilio employees asking them to reset their password or alerting them to a change in their schedule. Each message included a link with keywords, like “Twilio,” “SSO” (single sign-on), and “Okta,” the name of the user authentication service used by many companies. The link directed employees to a page that mimicked a real Twilio sign-in page, allowing attackers to collect the information employees inputted there.

It was later revealed that this same campaign has targeted over 130 companies apart from Twilio, including Microsoft, Signal, DoorDash, Best Buy, Twitter, Verizon Wireless, T-Mobile, AT&T, Best Buy, Riot Games, and Epic Games. The campaign, nicknamed “0ktapus” by security researchers, harnessed login credentials belonging to nearly 10,000 individuals by imitating the popular single sign-on service Okta.

This incident reminds us that protecting our networks is a collective responsibility, and by adopting proper cyber-hygiene practices, we are making sure that cybercriminals have fewer entry points into systems, data, and devices.

Read more: 7 Tips to Stay Safe Online

Sabrina Pagnotta
Sabrina Pagnotta
Sr. Content Strategist
    • Phone
      |+1-617-245-0469
    • Address
      |
      111 Huntington Ave, Suite 2010, Boston, MA 02199
    • Sales
      |sales@bitsighttech.com
    • Contact Us
    Laika_SOC2_TypeI_PurpleIris        CSA_Trusted_Cloud_Provider

    ©2022 ThirdPartyTrust, LLC and its Affiliates. All Rights Reserved. | 111 Huntington Ave. Suite 2010 Boston, MA 02199
    • BLOG
    • PARTNERS LOGIN
    • CONTACT US
    • PRIVACY POLICY
    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
    Do not sell my personal information.
    Reject AllAccept
    Cookie Settings
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    SAVE & ACCEPT