Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cybersecurity Reporting. Show all posts
Isreal
Cyber Attacks Cybersecurity Reporting cybersecurity risk Cyerhackers Hacker attack Iran Isreal

Cyberattacks Reported Across Iran Following Joint US-Israeli Strike on Strategic Targets

 

A fresh bout of online actions emerged overnight Friday into Saturday, running parallel to air assaults carried out jointly by U.S. and Israeli forces against sites inside Iran, security researchers noted. The timing suggests the virtual maneuvers were linked to real-world strikes - possibly aiming to scramble communication lines, shape information flow, or hinder organized reactions on the ground. 

Appearing online, altered pages of Iranian media sites showed protest slogans instead of regular articles. Though small in number, these digital intrusions managed to reach large audiences through popular platforms. A shift occurred when hackers targeted BadeSaba - an app relied on by millions for daily religious guidance. Messages within the app suggested military personnel step back and align with civilian demonstrators. Not limited to websites, the interference extended into mobile tools trusted by ordinary users. 

Despite its routine function, the calendar software became a channel for dissenting statements. More than just data theft, the breach turned everyday technology into a medium for political appeal. Someone poking around online security thinks the app got picked on purpose - lots of people who back the government use it to look up faith stuff. According to Hamid Kashifi, who started a tech outfit called DarkCell, that crowd turned the platform into a useful path for hackers aiming to push content within national borders. 

Meanwhile, connections online in Iran began falling fast. According to Doug Madory - who leads internet research at Kentik - access weakened notably when the strikes occurred, with just faint digital signals remaining in certain areas. Some reports noted cyber actions focused on various Iranian state functions, administrative bodies, along with possible facilities tied to defense. 

As referenced by the Jerusalem Post, these incidents might have sought to weaken Iran’s capacity for unified decision-making amid heightened tensions. Possibly just the start, this online behavior could signal deeper conflicts ahead. With hostilities growing, factions linked to Iran might strike back through digital means, according to Rafe Pilling. He leads threat analysis work at Sophos. Targets may include U.S. or Israeli defense systems, businesses, even everyday infrastructure. 

Such moves would come amid rising geopolitical strain. What researchers have seen lately involves reviving past data leaks, while also trying simpler ways to target online industrial controls. Early moves like these could serve as probes - checking weak spots or collecting details ahead of bigger actions, according to experts. Now working at the cybersecurity firm Halcyon, Cynthia Kaiser - once a top cyber official at the Federal Bureau of Investigation - observed a clear rise in digital operations throughout the Middle East. Calls urging more aggressive moves have already emerged from online actors aligned with Iran, she pointed out. 

Meanwhile, Adam Meyers, senior vice president of counter-adversary operations at CrowdStrike, said the firm is already observing reconnaissance efforts and distributed denial-of-service attacks linked to Iranian-aligned groups. Though tensions rise, some experts point to how warfare now blends physical strikes with online attacks - raising fears of broader digital clashes. 

Iran, noted by American authorities before, appears in the same category as China and Russia when discussing state-backed hacking aimed at international systems. With hostilities evolving, unseen pathways into infrastructure take on greater risk, especially given past patterns of intrusion tied to geopolitical friction.
Read more »
SEC Protocol
Cybersecurity Cybersecurity Reporting Organization security SEC SEC Protocol

SEC Sets New Disclosure Rules: Read How It Will Revolutionize Organization Cybersecurity


SEC mandates cybersecurity reporting for companies 

The Securities and Exchange Commission's (SEC) latest set of rules on cybersecurity reporting for publicly traded organisation can be understood in two ways. One, as another generic regulatory formality piling on the companies, or second, as an important move towards strengthening cybersecurity in the board. 

In the smaller picture, it is likely to be both. But in the bigger picture, the benefits will outweigh the limitations. The SEC's primary attention on cybersecurity metrics can mix with other financial reporting needs to compel companies toward a more comprehensive security framework that includes asset intelligence and prioritises material risk. 

SEC protocol: Implication for organizations

The new protocol is likely to push organizations to start focusing on asset intelligence on evidence-based security data, and not just merely storing inventory of devices and apps, helping them toward a consistent monitoring and improvement program. 

The rules will also support companies to involve entire organizations in cybersecurity, security, promoting IT confluence, compliance and legal in all the ways that will support every party involved. 

Deep Asset Intelligence: A much needed approach

The scope for an integrated approach to cybersecurity built on evidence-based data highlights various organisations' need for stronger intelligence. The recent cyber attack on Clorox tells us why. Clorox was among the first large organizations to be compromised when the SEC's new rules came into play, asking the company to report the cyber attack through the SEC's Form 8-k within 4 days.

Clorox did comply, however, it had limited information on the impact of the attacks, so it had to file another form 8-k filing. But even so, Clorox didn't disclose the complete financial damage of the attack. 

What do experts think?

Certain cybersecurity experts anticipate that Clorox's response will be common for other businesses due to the challenge of rapidly assessing the impact of an attack. However, incomplete reports may mislead investors.

A thorough understanding of an asset's life cycle, security measures, management style, data usage patterns, and potential end-of-life situations can all contribute to a more accurate assessment of the attack's impact. 
By promoting the use of measurements and statistics based on empirical evidence to evaluate material risk, the new regulations may also encourage businesses to improve their asset intelligence.

The Way Forward For Constant Enhancement

Businesses gather a great deal of security metrics, some of which may not be very valuable. While it may seem commendable to have stopped 9,000 malware attacks in a month, what would happen if there had been 9,008 attempts? 

By concentrating on operational controls and material concerns, comprehensive asset intelligence can assist organisations in focusing on more serious issues. 

An endpoint without a security agent or an outdated, unpatched system, for instance, can be just as hazardous as a network-based vulnerability found on the common vulnerabilities and exposures (CVEs) list. Inventorying all of your users, apps, and devices is not sufficient; you also need to know if the security rules are active and in place.

The guidelines also encourage organisations to involve the legal and compliance departments, as well as the leadership team, in understanding the role that governance plays in better managing security through their reporting obligations.

Furthermore, and this is crucial, they encourage public firms to follow the industry trend of proactive and continuous assessment, which entails not just identifying security weaknesses but also continuously addressing them.

Proceeding Forward

Following its adoption in July and formal implementation on September 5, the SEC's new regulations are still being adapted to by publicly traded corporations. Businesses are required to file yearly reports starting in December and to report "material" cybersecurity incidents within four days, detailing the occurrence and its consequences.

Companies who lack full visibility into their assets, including the condition of security controls on devices and apps across the organisation, may find it difficult to comply with these regulations. They can, however, start to integrate security and compliance with asset intelligence—that is, evidence-based data centred on material risks—and work towards a continuous monitoring and improvement programme that more effectively secures the organisation.


Read more »
Subscribe to: Comments (Atom)