Cognitio Digital

With the use of infostealer malware on the rise, it's no surprise that #cyberattackers are increasingly focusing on the most lucrative of all targets: password managers. https://lnkd.in/ehHd8E8e

The sheer volume of #cyberattacks (and the corresponding volume of reconnaissance efforts that precede them) mean that most #cyber statistics look big. Hence, more meaningful metrics can sometimes be those that report on comparative trends... like the fact that, although the total number of reported exploitations of vulnerabilities increased by nearly 20 percent, "2024 actually saw a decrease in zero-day attacks".... in other words, “Despite the buzz around ‘zero-day’ exploitation... exploitation can happen at any time in a vulnerability's lifecycle". https://lnkd.in/ereFJh2U

There is sometimes a perception that insider threat in the #cybersecurity context is mostly about stopping disgruntled folk from causing damage on their way out of an organisation. As this example shows, #insiderthreat can also be about profit, and it can be triggered at any time by external stimulii (like this ransom note!), rather than just being about employee satisfaction during an exit process. https://lnkd.in/gxhnNhCr

The level of professionalisation in #ransomware syndicates continues to grow, suggesting that, whilst ransomware may not dominate the headlines anymore, it remains a significant threat to small and big business alike. https://lnkd.in/gewUZZfT

Exceptional advice - good #cybersecurity transformation requires great people change management! "Most CISOs are running significant initiatives including cloud migration; zero trust architecture; technology upgrades; proactive threat hunting; and insider threat, digital identity, and human risk management programs. Far from being purely technology programs, these initiatives require a fair dose of people, process, oversight, and technology knowledge". https://lnkd.in/ecgibykc

Many #cyber professionals are familiar with Wireshark.... It's been a go to for network forensics folk for some time. Will Stratoshark occupy the same position in our toolkits for the #cloud? Time will tell! https://lnkd.in/dkHCJmqy

Is your PIN as unique as you think it is...? Based on this analysis, chances are, it's not! Out of 10,000 possible combinations for 4 digit PINs, it turns out that, out of almost 29 million people's numbers, almost one in ten (2.9 million people!) used 1234 for their PIN... which was closely followed by 0000, which was in turn closely followed by 1111... All of which adds up to a particularly concerning statistic: "If someone wants to unlock a stolen phone – or retrieve money from an ATM – and only have five guesses, this data suggests they still have a one-in-eight chance of guessing correctly." https://lnkd.in/g545fhQk

There have been quite a few reported incidences of supply chain #cyberattack involving PyPI. Whilst these changes are unlikely to completely mitigate the risk of more such attacks, they represent a solid step in the right direction. https://lnkd.in/gY9_B_CH

Realistic and unbiased testing of #cyber defence technologies against accurate and contemporary threat profiles is such a critical element of our industry's ability to innovate. Nice work MITRE for continuing to stay ahead of the curve! https://lnkd.in/eMbn7vbr

Most folk find stories of car hacking interesting (and perhaps a touch concerning!)... and oftentimes, like in this case, the car isn't even the attack vector, it's vulnerabilities in the services to which the car is connected. Notwithstanding, automotive #cybersecurity is most definitely an increasingly important field of security research! https://lnkd.in/dZMV6Bfk