Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/30/2015
10:40 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Most Major Financial Hacks Completely Covered Up

Lieberman Software survey reveals most companies are persistently targeted by cyber attacks and the public only finds out about a small portion of security breaches

Los Angeles, CA – June 30, 2015 - Despite devastating cyber attacks being reported daily in today’s media, a new survey from Lieberman Software Corporation reveals that what we see in the press is just a glimpse of reality. 87 percent of IT professionals stated that they believe large financial hacks are happening more often than reported, and right under the nose of security auditors.

The survey also discovered that more than half (51 percent) of IT professionals believe their corporate network is being targeted continuously by hackers. Meanwhile, 71 percent of respondents think that an Advanced Persistent Threat attack will attempt to breach their organization in the next six months. The study was conducted at Microsoft Ignite in May 2015 and measured the attitudes of nearly 150 IT professionals.

Commenting on the survey findings, Philip Lieberman, CEO of Lieberman Software Corporation, said: “The fact that IT professionals believe that data breaches are occurring more frequently than reported is revealing. Due to today’s advanced cyber attacks, intruders are already within most IT environments, are undetectable, and have access to credentials on every compromised machine.”

“Of course, it’s unlikely any company will ever willingly go public about a data breach because of the negative impact it can have on the organization’s reputation and share price. However, this certainly does not mean keeping security incidents a secret is the right thing to do, particularly if customer data is involved.”

Attitudes on Federal Cyber Security Sanctions

Another finding from the study is that 89 percent of respondents believe that recently announced US federal government cyber security sanctions provide a deterrent to cyber criminals. The referenced sanctions allow the United States government to enforce financial and travel restrictions on suspected cyber criminals.

“The new sanctions are an excellent move to provide clarity and direction on how to take action against nation states and criminals who use cyber-space to achieve unlawful economic advantage against US commercial entities,” continued Lieberman. “I agree with the survey respondents that the changes will provide much needed relief for US companies victimized by state-sponsored cyber attacks, as well as clarity for US government agencies tasked with enforcing laws and treaties.”

For more information on the survey, visit http://www.liebsoft.com/IT-Professional-Survey/.

About Lieberman Software Corporation

Lieberman Software proactively stops cyber attacks that bypass conventional enterprise defenses and penetrate the network perimeter. The company provides award-winning privilege management and security management products to more than 1,400 customers worldwide, including nearly half of the US Fortune 50. By automatically securing privileged access - both on-premises and in the cloud - Lieberman Software controls access to systems with sensitive data, and defends against malicious insiders, zero day attacks and other advanced cyber threats. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit www.liebsoft.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
The Problem with Proprietary Testing: NSS Labs vs. CrowdStrike
Brian Monkman, Executive Director at NetSecOPEN,  7/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12551
PUBLISHED: 2019-07-22
In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
CVE-2019-12552
PUBLISHED: 2019-07-22
In SweetScape 010 Editor 9.0.1, an integer overflow during the initialization of variables could allow an attacker to cause a denial of service.
CVE-2019-3414
PUBLISHED: 2019-07-22
All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security management to obtain the resources of the specified operation code owned by a user, the malicious script code could be transmitted in the parameter. If the front en...
CVE-2019-10102
PUBLISHED: 2019-07-22
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". Th...
CVE-2019-10102
PUBLISHED: 2019-07-22
aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash. The component is: filterbank. The attack vector is: pass invalid arguments to new_aubio_filterbank. The fixed version is: after commit eda95c9c22b4f0b466ae94c4708765eaae6e709e.