Threat-based security fails to deter breaches, education among most vulnerable

Data breaches have been reported by two-thirds of organizations with threat-based security measures over the past two years, while education continued to be one of the sectors most likely to be impacted by cyberattacks this year amid increasingly diverse threats, reports SiliconAngle. U.S. critical infrastructure entities are expected to be increasingly targeted by suspected Chinese state-backed threat operation Volt Typhoon as part of China's cyberespionage efforts, according to a Critical Start report. On the other hand, more phishing attacks exploiting QR codes are being deployed by threat actors, while ransomware gangs have increasingly engaged in tactic, technique, and procedure sharing with one another. "The volume and sophistication of cyberattacks are continuously growing and evolving, making it impossible for organizations to feel on top of internal vulnerabilities and remain cognizant of every external threat. In an effort to democratize cyber threat intelligence, this report highlights the most prominent security-related issues plaguing business and how they can proactively reduce cyber risk," said Critical Start Senior Manager of Cyber Threat Research Callie Guenther.