Cyber News

Research reveals a third of public companies aren’t prepared for new bulk email security rules and more in this week's cyber news

In today’s rapidly evolving technological landscape, cybersecurity has emerged as a crucial subject for organisations, governments, and individuals to take seriously. The escalating frequency of cyber threats, coupled with the growing sophistication of cybercriminals and the continuous expansion of networks and endpoints, underscores the importance of staying up to date with the latest developments in the field.

This blog post explores the most noteworthy cybersecurity news stories of the week, providing insights into significant events, the latest research findings, and notable security incidents. By shining a spotlight on these topics, the objective is to heighten awareness and foster a deeper understanding of the ever-changing realm of cybersecurity. Keeping a finger on the pulse of these developments is essential for navigating the challenges posed by the evolving landscape of cyber threats.

Research reveals a third of public companies aren’t prepared for new bulk email security rules

New research has revealed that 33% of publicly listed companies are unprepared for upcoming bulk email sending regulations scheduled for implementation in February. These regulations, introduced by Google LLC and Yahoo Inc. in October, mandate that any company sending over 5,000 email messages through Google and Yahoo must adopt Domain-based Message Authentication Reporting and Conformance (DMARC) technology. DMARC serves as an email validation system, safeguarding email domains from potential exploitation in email spoofing, phishing scams, and other cybercrimes by verifying the authenticity of the sender.

SEC account hack renews spotlight on X's security concerns

The breach of the U.S. Securities and Exchange Commission's (SEC) official account on X on Tuesday has reignited apprehensions regarding the security of the social media platform.

Hackers exploited the compromised account to disseminate misleading information about an eagerly awaited announcement from the SEC concerning bitcoin. This erroneous post, originating from @SECGov, falsely claimed that the securities regulator had granted approval for exchange-traded funds to include bitcoin in their portfolios. The incident prompted a rapid surge in the cryptocurrency's price, causing alarm among onlookers. The SEC promptly removed the false post approximately 30 minutes after its appearance.

Ukraine Blackjack hackers take down Moscow ISP in revenge for Kyivstar attack

Following the recent disruption of the Ukrainian telecom provider Kyivstar, the Blackjack group has retaliated by targeting the Moscow-based M9 Telecom. According to their claims, the attack inflicted comprehensive damage on M9's infrastructure, including the complete destruction of servers, website, branch websites, and the mail server. The alleged outcome of the cyberattack indicates the deletion of approximately 20 terabytes of data.

Cyber Insurance Market to be Worth Over $90bn by 2033

New analysis has suggested that the global cyber insurance market is anticipated to reach a value of $90.6 billion by 2033, with a compound annual growth rate (CAGR) of 22.3% from 2023. The industry is expected to experience substantial growth, reaching $14.8 billion by the end of 2024, a notable increase from the projected valuation of $12.1 billion in 2023.

The report emphasizes several contributing factors that are expected to drive the surge in businesses seeking cyber insurance coverage over the next decade. These factors include the dynamic evolution of regulatory environments, the escalating threats in the cyber landscape, and the heightened financial impact associated with cyber incidents.

Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months

A campaign distributing the AsyncRAT malware to specific targets has been operational for a minimum of 11 months. This campaign employs hundreds of distinctive loader samples and utilises over 100 domains in its tactics.

AsyncRAT, an open-source remote access tool (RAT) designed for Windows, has been publicly available since 2019. This malware is equipped with functionalities such as remote command execution, keylogging, data exfiltration, and the capability to deploy additional payloads. The sustained activity of this campaign suggests a concerted effort by threat actors to leverage AsyncRAT for various malicious purposes over an extended period.

In today's ever-changing landscape, staying well-informed about the latest advancements in the industry remains incredibly important. By staying up to date with relevant news, leaders can make informed decisions, proactively implement security measures, and effectively shield their organisations from cyberattacks. Maintaining a vigilant mindset, embracing best practices, and leveraging cutting-edge technologies are all crucial components in building a secure digital future. Let's embrace these principles to safeguard our digital assets and pave the way for a safer tomorrow.