Blog – Page 154 – CIO.works

Lynx Ransomware Group Adds Affiliates to ‘Industrialize’

By CIO / Blog / ransomware, cybersecurity

Lynx Ransomware Group expands with affiliates, offering a structured platform for cybercrime operations, including an efficient recruitment system. They provide tools and profits (80% share) for affiliates, emphasizing quality control in recruitment. Their approach combines robust ransomware builds and management, leading to a significant industrial-scale cybercrime model. Researchers recommend enhanced security measures for organizations in critical sectors to combat these threats.

https://www.darkreading.com/threat-intelligence/lynx-raas-group-industrializes-cybercrime-with-affiliate-operations

Bitwarden Makes It Harder to Hack Password Vaults Without MFA

By CIO / Blog

Bitwarden enhances security for accounts lacking two-factor authentication by requiring email verification for suspicious login attempts. Users must enter a verification code sent via email when logging in from unrecognized devices. This measure acts as a form of two-factor authentication, but enabling any 2FA method exempts users from this requirement. Users are advised to secure their master passwords and ensure they have independent access to email credentials to avoid potential lockouts.

https://www.bleepingcomputer.com/news/security/bitwarden-makes-it-harder-to-hack-password-vaults-without-mfa/

20 Cybersecurity Response Scenarios Tech Teams Must Be Ready For

By CIO / Blog / cybersecurity

20 Cybersecurity Scenarios for Tech Teams
Tech teams must prepare for various cybersecurity threats like ransomware, cloud breaches, and AI-powered attacks. Key focus areas include data recovery, identity-based attacks, social engineering, and automating responses. Strategies include regular backups, employee training, robust monitoring, and strict access controls to safeguard sensitive data and maintain trust.

https://www.forbes.com/councils/forbestechcouncil/2025/01/27/20-cybersecurity-response-scenarios-tech-teams-must-be-ready-for/

Microsoft Teams Phishing Attack Alerts Coming to Everyone Next Month

By CIO / Blog / phishing, Microsoft

Microsoft Teams phishing alerts will be available for all Microsoft 365 customers by mid-February 2025. This feature, designed to protect against brand impersonation attacks from external senders, will automatically detect phishing attempts and prompt users with warnings. Admins do not need to configure this, and they can also monitor detected attacks via audit logs. Until then, users are advised to disable external access if unnecessary, or allow specific domains to reduce risk.

https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-alerts-coming-to-everyone-next-month/

World Economic Forum 2025: Navigating Cybersecurity in an Era of Complexity

By CIO / Blog / cybersecurity

World Economic Forum 2025 in Davos focused on cybersecurity amidst global complexities. President Trump's address highlighted trade and interest rates while cybersecurity was a key agenda. New white papers discussed managing AI-related cyber risks, emphasizing the need for multistakeholder collaboration. Geopolitical tensions, rapid tech advancements, and regulatory demands complicate cybersecurity. Key strategies include prioritizing operational technology (OT) security, managing supply chain risks, assessing AI tools, ensuring regulatory compliance, and addressing the cyber skills gap. Overall, the report stresses that the stakes in cybersecurity are higher than ever.

https://www.govtech.com/blogs/lohrmann-on-cybersecurity/world-economic-forum-2025-navigating-cybersecurity-in-an-era-of-complexity

From Qualitative to Quantifiable: Transforming Cyber Risk Management for Critical Infrastructure

By CIO / Blog / risk management

Cyberattacks on critical infrastructure are rising, necessitating a shift from traditional qualitative cyber risk management (CRM) to cyber risk quantification (CRQ). Traditional methods assign subjective risk scores but lack financial clarity, making it difficult for organizations to prioritize investments effectively. CRQ quantifies risks in monetary terms, aiding decision-making and aligning cybersecurity investments with enterprise risk tolerances. With new TSA regulations mandating comprehensive CRM programs, CRQ can enhance incident management processes by establishing clear loss evaluations, ultimately improving proactive cybersecurity strategies and compliance.

https://cyberscoop.com/from-qualitative-to-quantifiable-transforming-cyber-risk-management-for-critical-infrastructure/

Will 2025 See a Rise of NHI Attacks?

By CIO / Blog / IAM, cybersecurity

2024 saw a surge in non-human identity (NHI) attacks, raising concerns for 2025. Significant breaches included Cloudflare's access token failure, compromised GitHub credentials resulting in data leaks at the New York Times, and attacks on Adobe Commerce affecting online stores. Other incidents involved exposed AWS and Microsoft Azure keys compromising user data, Schneider Electric's data theft through Jira credentials, and exploits via a critical vulnerability in Palo Alto Networks tools. NHI threats are expected to escalate, necessitating proactive measures from security teams.

https://www.darkreading.com/vulnerabilities-threats/will-2025-see-rise-nhi-attacks

ENISA: Embedding Resilience in Critical Infrastructure

By CIO / Blog / supply chains, NIS2, cybersecurity

ENISA, led by Marnix Dekker, focuses on enhancing cybersecurity for critical infrastructure in the EU, emphasizing support for smaller suppliers against supply chain attacks. Compliance with the new NIS2 regulations is key to maintaining operational resilience. ENISA aims for harmonized security practices across member states to avoid fragmented approaches that could hurt collective cybersecurity. Dekker's team works on implementing NIS directives and fostering collaboration to aid less-secure sectors.

https://www.databreachtoday.com/enisa-embedding-resilience-in-critical-infrastructure-a-27351

TR-92 – Unused Domain Names and the Risks of Missing DNS SPF Records

By CIO / Blog / domain names, DNS, cybersecurity

Unused domains pose security risks due to missing DNS SPF records, enabling phishing and malware attacks. Organizations should inventory domains, implement SPF, DKIM, and DMARC records, regularly audit DNS configurations, and educate staff on cybersecurity. Addressing these vulnerabilities is essential for protecting the organization’s reputation.

https://www.circl.lu/pub/tr-92/

Sema4.ai

By CIO / Blog / AI, AI agent

Sema4.ai offers an Enterprise AI Agent Platform to enhance productivity, automate complex tasks, and improve efficiency for businesses. The platform allows users to build and manage intelligent AI agents capable of handling high-value work, from invoice reconciliation to regulatory compliance. Sema4.ai agents operate continuously, integrating easily with existing systems, and utilize enterprise-approved LLMs and data for optimal performance.

https://sema4.ai