Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

One-Third of Organizations Experience Ransomware Attacks at Least Weekly

New data shows attempted ransomware attacks are occurring far more frequently while a lack of confidence is found in security measures and solutions to stop ransomware attacks.

We’d like to think that as cybercriminals improve their game that security solutions and organizational cybersecurity programs, policies and procedures would equally evolve to continually stand toe-to-toe with the current state of ransomware attacks. But new data found in Menlo Security’s 2022 Impacts: Ransomware Attacks and Preparedness report demonstrates that this just isn’t the case.

According to the report, just about every organization is experiencing ransomware attacks to some degree:

  • 53% have been the victim of an attack in the last 18 months
  • 33% experience ransomware attacks weekly
  • 9% experience them daily

This is far more frequent than just a year or two ago. So, we’d expect that security stances are equal to the task of protecting the organization, right?

Not so fast.

According to the report, email was found to be the #1 ransomware attack vector posing the greatest risk. And yet, only 62% of organizations are confident that their security solutions focused on phishing attacks will actually protect them against ransomware attacks.

Add to this 43% of organizations say employees are their weakest cybersecurity link. This only compounds the problem; organizations know email and phishing are a big issue, and yet they aren’t taking steps to change the employee from a cyber-liability to becoming a part of the organization’s security strategy.

Through security awareness training, employees learn to spot phishing and social engineering attacks that make it past security solutions, thereby avoiding any interaction with malicious content that may lead to a ransomware – or any other – attack.

Blog post with links:

Alert from LastPass

Dear valued customer,

We are writing to inform you that we recently detected some unusual activity within portions of the LastPass development environment. We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. We have no evidence that this incident involved any access to customer data or encrypted password vaults. Our products and services are operating normally.

In response, we immediately initiated an investigation, deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm. While our investigation is ongoing, we have achieved a state of containment, implemented additional enhanced security measures, and see no further evidence of unauthorized activity.

Based on what we have learned and implemented, we are evaluating further mitigation techniques to strengthen our environment. We will continue to update our customers with the transparency they deserve.

We have set up a blog post dedicated to providing more information on this incident: https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

We thank you for your patience as we work expeditiously to complete our investigation and regret any concerns this may have caused you.

The Team at LastPass



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.