#CyberSecurityResearch

@ransomfeed.rfeed.it

1 month ago

Ransomfeed is proud to be cited in a peer-reviewed study on ransomware attack patterns, published on Journal of Information Security and Applications.

Grateful to the authors for acknowledging our dataset. @melillopietro.bsky.social

#CyberSecurityResearch #Ransomware #MITREATTACK

0 0 1 0

@podparley.bsky.social

4 months ago

🎧 Forschungsquartett
Side-Channel-Angriffe: Was Computer über uns verraten (20min)
Listen
Details
#SideChannelAttacks #CybersecurityResearch #Forschungsquartett

0 0 0 0

CySecurity News

@cysecuritynews.bsky.social

5 months ago

Global Supply Chains at Risk as Indian Third-Party Suppliers Face Rising Cybersecurity Breaches Global supply chains face growing cybersecurity risks as research highlights vulnerabilities in Indian third-party suppliers. According to a recent report by risk management firm SecurityScorecard, more than half of surveyed suppliers in India experienced breaches last year, raising concerns about cascading effects on international businesses. The study examined security postures across multiple sectors, including manufacturing for aerospace and pharmaceuticals, as well as IT service providers. The findings suggest that security weaknesses among Indian suppliers are both more widespread and severe than analysts initially anticipated. These vulnerabilities could create a domino effect, exposing global companies that rely on Indian vendors to significant cyber threats. Despite the generally strong security posture of Indian IT service providers, they recorded the highest number of breaches in the study, underscoring their position as prime targets for attackers. SecurityScorecard noted that IT service providers worldwide face heightened cyber risks due to their central role in enabling third-party access, their expansive attack surfaces, and their value as high-profile targets. In India, IT companies were found to be particularly vulnerable to typosquatting domains, compromised credentials, and infected devices. The research further revealed that suppliers of outsourced IT operations and managed services were linked to 62.5% of all documented third-party breaches in the country—the highest proportion the company has ever recorded. Given India’s dominant role in the global IT services market, the implications are profound. Multinational corporations across industries rely heavily on Indian IT vendors, making them critical nodes in the international digital economy. “India is a cornerstone of the global digital economy,” said Ryan Sherstobitoff, Field Chief Threat Intelligence Officer at SecurityScorecard. “Our findings highlight both strong performance and areas where resilience must improve. Supply chain security is now an operational requirement.” The report also emphasized the risks of “fourth-party” vulnerabilities, where the suppliers of Indian companies themselves create additional points of weakness. A single ransomware attack or disruptive incident against an Indian vendor, the researchers warned, could halt manufacturing, delay service delivery, or disrupt logistics across multiple countries. The risks are not limited to India. A separate SecurityScorecard study revealed that 96% of Europe’s largest financial institutions have been affected by a breach at a third-party supplier, while 97% reported breaches stemming from fourth-party partners, a sharp increase from 84% two years earlier. As global supply chains become increasingly interconnected, these findings highlight the urgent need for businesses to strengthen third-party risk management and enforce stricter cybersecurity practices across their vendor ecosystems. Without stronger safeguards, both direct and indirect supplier vulnerabilities could leave multinational enterprises exposed to significant financial and operational disruptions.

Global Supply Chains at Risk as Indian Third-Party Suppliers Face Rising Cybersecurity Breaches #CyberSecurity #CybersecurityPrecautions #cybersecurityresearch

0 0 0 0

Exabeam

@exabeam.bsky.social

6 months ago

Our #cybersecurity research group TEN18 by Exabeam conducted controlled tests on AI agents. The agents went rogue, signaling that organizations shouldn't let employees use them unchecked. Learn what our #CISO had to say: ow.ly/aoFX50WPQKz #AgenticAI #CybersecurityResearch #SecurityTrends

1 0 0 0

CySecurity News

@cysecuritynews.bsky.social

7 months ago

Researchers Link Surge in Malicious Scanning to New Vulnerability Disclosures Weeks Ahead A new study suggests that in nearly 80% of cases, unusual spikes in malicious online activity — such as network reconnaissance, targeted scanning, and brute-force attacks on edge networking devices — occur within six weeks before the public disclosure of new security vulnerabilities (CVEs). The finding comes from threat intelligence company GreyNoise, which says these incidents are not random, but instead follow consistent and statistically significant patterns. GreyNoise analyzed data from its Global Observation Grid (GOG) dating back to September 2024, applying objective statistical measures to filter out noise, ambiguity, and low-quality entries. This process identified 216 significant spike events linked to eight enterprise edge vendors. "Across all 216 spike events we studied, 50 percent were followed by a new CVE within three weeks, and 80 percent within six weeks," explain the researchers. The correlation was especially strong for products from Ivanti, SonicWall, Palo Alto Networks, and Fortinet, and weaker for MikroTik, Citrix, and Cisco. According to GreyNoise, state-sponsored actors have consistently targeted such systems for initial access and persistence, often probing for older, already-documented flaws. Researchers believe this scanning activity either aids in uncovering new vulnerabilities or in identifying exposed endpoints that could later be exploited with novel attacks. Traditionally, defenders act after a CVE is published. However, GreyNoise’s findings indicate that unusual attacker behavior can serve as an early warning system — giving security teams a valuable window to strengthen defenses before a vulnerability becomes public knowledge. These pre-disclosure spikes allow defenders to bolster monitoring, tighten security controls, and prepare for possible exploits, even if no patch is yet available or the targeted component remains unknown. GreyNoise recommends closely monitoring scanning activity and swiftly blocking source IPs to prevent reconnaissance from progressing to active attacks. The company also stresses that scans targeting older vulnerabilities shouldn’t be dismissed as harmless, since attackers often use them to catalog internet-facing systems that might be vulnerable to other exploits in the future. In a related move, Google’s Project Zero announced it will now notify the public within one week of discovering a new vulnerability. The disclosure will include the affected vendor or product, the discovery date, and the standard 90-day patch deadline. No technical details, proof-of-concept code, or exploit information will be released in this early notice, ensuring attackers cannot leverage the information while helping administrators reduce the “patch gap.”

Researchers Link Surge in Malicious Scanning to New Vulnerability Disclosures Weeks Ahead #CVEdisclosure #CyberSecurity #cybersecurityresearch

0 0 0 0

McGill Research + Innovation

@mcgill-research.bsky.social

8 months ago

School of Information Studies Professors Awarded $5.6M Grant to Propel Canada to the Forefront of Cybersecurity Data Analytics Research Professor Benjamin Fung, Canada Research Chair in Data Mining for Cybersecurity, and Professor Steven Ding, both of the School of Information Studies in the Faculty of Arts, are part of a team that ha...

Big news in #CybersecurityResearch! 🛡️ #McGill Professors Benjamin Fung & Steven Ding are part of a team recently awarded with a $5.6M #NSERC Alliance-CSE grant, to propel Canada to the forefront of Cybersecurity Data Analytics research 🇨🇦 www.mcgill.ca/research/cha...

1 0 0 0