Verizon’s 2016 Data Breach Investigations Report finds cybercriminals are exploiting human nature

Cybercriminals are continuing to exploit human nature as they rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, finds the Verizon 2016 Data Breach Investigations Report.

This year’s report highlights repeating themes from prior year’s findings and storylines that continue to play off of human nature, including:

  • Eighty-nine (89) percent of all attacks involve financial or espionage motivations.
  • Most attacks exploit known vulnerabilities that have never been patched despite patches being available for months, or even years. In fact, the top 10 known vulnerabilities accounted for 85 percent of successful exploits.
  • Sixty-three (63) percent of confirmed data breaches involve using weak, default or stolen passwords.
  • 95 percent of breaches and 86 percent of security incidents fall into nine patterns
  • Ransomware attacks increased by 16 percent over 2015 findings.
  • Basic defenses continue to be sorely lacking in many organizations.

Read more…

Top Cybersecurity Risks for Healthcare Industry

Despite the cyber threats facing healthcare organizations, 95 percent of IT specialists working at medical organizations around the world report that their organizations do not use any software for information security governance or risk management, according to the results of a 2017 IT Risks Survey.

Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, released the results of its Netwrix 2017 IT Risks report, which provides a look into IT security practices, pains, successful experiences and plans in the healthcare industry. The IT risks are divided into three areas: security, compliance and operations.

Read the netwrix.com blog here

Reliance Jio data breached by website, company says it is ‘unauthentic’

A website has claimed to have posted subscriber data of Reliance Jio customers, including email IDs, names and Aadhaar numbers, on the website magicapk.com. While it couldn’t be confirmed whether the data related to all of Jio’s 120 million subscribers was uploaded, queries made through the website for some older numbers returned with information of all the fields.

A website has claimed to have posted subscriber data of Reliance Jio customers, including email IDs, names and Aadhaar numbers, on the website magicapk.com. Hours after the initial reports of the data being posted on the website on Sunday, it was suspended.

Read more on this news.