EclecticIQ Monthly Vulnerability Trend Report - October 2020
EclecticIQ Monthly Vulnerability Trend Report - September 2020
If you are a CIO, CISO, a compliance administrator or IT manager, you may be wondering about the next stages in the cybersecurity evolution and whether they will make companies much safer from cyberthreats. Coming from the security technology creator side, I surely understand the average enterprise customer who is cynical about every security product and vendor out there. Although great strides have been made in security technology, the claims are always overdone, as is the marketing. Walking through the RSA security conference, a thought struck me: is there a vendor in the conference who does not claim to stop every attack or keep every customer 100% safe? Is there a threat that any vendor does not address or an architecture that is not open or a technology that does not have high scalability and performance?
The confusion in the market is because making tall claims has become table stakes to sell in this market. That has also made it hard for customers to sort out genuine new innovations from “we also do that”. The result is not just bad for customers, but also for startups trying to build better “mousetraps”.
The outbreak of Coronavirus (COVID-19) has become a global issue attracting many opportunistic threat actors. Monitoring these attacks allows threat intelligence analysts to track adversarial capabilities; observe changes in tactics, techniques, and procedures (TTPs); and hypothesise how they may feed into future threats. Analysts mapped the landscape of Coronavirus phishing threats in order to evaluate what threat actors were participating in the operations and to determine if further activity is likely to cascade from the initial, delivery-phase activity.