Cybersecurity in Fortune 500 companies gets a failing grade.
A full 84% of nearly 500 companies on the Fortune 500 list scored either a "D" or an "F" on a cybersecurity posture index that considered the organizations' software patching, email and web app security, SSL configurations, system hosting and reputation, and data breach history, reports Cybernews.
Only 6% of organizations earned an "A" rating for their cybersecurity practices, most of which were in the transportation and logistics category, according to the Cybernews Business Digital Index.
Transportation and logistics firms also had the highest average score at 73, while those in manufacturing and real estate and development scored the lowest at 65 each. While finance and insurance entities were most susceptible to cybersecurity threats, with only 1% of organizations in the sector receiving an "A", healthcare was also at significant risk, with 86% receiving either a "D" or "F" rating, according to the report.
Additional findings revealed that SSL configuration-related vulnerabilities were the leading security issue among the Fortune 500 firms.
Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. Forcepoint names new GTM leader: Rick Hanson has joined Forcepoint as president of go-to-market, the company announced this week. In this newly created role reporting directly to CEO Ryan Windham, Hanson will unify the company’s sales and customer success teams. Hanson brings more than 30 years of leadership experience and two decades as a Certified Information Systems Security Professional (CISSP). Most recently, he served as president at Delinea, where he led global go-to-market strategies across sales, marketing, customer success, and professional services. His previous roles include CRO at Brightcove and executive positions at CA Technologies, Hewlett-Packard, Symantec, and RSA. Hanson began his career in the U.S. Air Force and later served as IT Director for U.S. Customs and Border Protection. Congratulations!
2. Indictments, bounties for job fraudsters: The U.S. has stepped up efforts to combat a long-term North Korean remote IT worker fraud scheme, charging 14 individuals who impersonated IT workers to compromise U.S. firms for North Korean interests, according to SecurityWeek. North Korean state-sponsored firms Yanbian Silverstar and Volasys Silverstar earned at least $88 million for leading operations of the six-year fraud scheme, which involved fake IT workers leveraging sophisticated obfuscation techniques and extortion tactics against U.S. companies, according to the unsealed indictment. Meanwhile, the U.S. State Department's Rewards for Justice Program is offering bounties of up to $5 million for any information that would help arrest North Korean nationals and firms involved in the scheme.
3. SentinelOne's new APJ SVP: SentinelOne has appointed Kris Day as the senior vice president for Asia Pacific and Japan (APJ), succeeding Evan Davidson. Day held previous leadership roles at New Relic, Dell/EMC, NetApp, SolidFire, HPE, and 3Par, and he has experience leading go-to-market strategies, building high-performance teams, and driving revenue growth across APJ and Europe. In his new role, Day will prioritize expanding SentinelOne’s partner ecosystem, enhancing customer relationships, and fostering a high-performance organizational culture to support the company’s global expansion.
4. New Linux malware: Threat actors have been leveraging the new Pumakit rootkit malware to facilitate covert privilege escalation intrusions against Linux systems, according to BleepingComputer. Attacks with Pumakit commence with the deployment of the cron dropper, which executes the '/memfd:tgt' and '/memfd:wpn' payloads. The former launches the 'puma.ko' LKM rootkit module that loads only after ensuring secure boot status and performing kernel symbol scanning, a report from Elastic Security showed. Puma then uses more than a dozen syscalls and kernel functions to escalate privilege, execute commands, and obscure malicious activity.
5. Rydox cybercrime network bust: Online cybercrime marketplace Rydox — which has been associated with more than 7,600 sales of stolen personally identifiable information and other sensitive data since 2016 — had its operations disrupted following the sequestration of its Malaysia-based domain and servers as part of a global crackdown that involved U.S., Malaysian, Albanian, and Kosovan law enforcement agencies, reports CyberScoop. Aside from the arrests of Kosovo nationals Ardit Kutleshi, Jetmir Kutleshi -- who were indicted by the Western District of Pennsylvania for their involvement in identity theft and money laundering -- and Shpend Sokoli, the global law enforcement effort led the U.S. to seize nearly $225,000 worth of cryptocurrency, according to the U.S. Justice Department.
