MONTHLY TOP
New vulnerabilities
3233
Medium criticality of attacks
6,83
FEATURED NEWS
Free, an Internet Provider in France, Suffers a Cyberattack
Free, the second-largest internet provider in France, suffered a cyberattack that exposed personal data of 19.2 million customers, including IBAN numbers. The company has taken steps to strengthen its security and alerted users, while the stolen data is already being sold on the dark web, raising concerns about cybersecurity in the sector.
Black Basta Launches Ransomware Attacks on Teams Pretending to Be Microsoft
Black Basta, a group of cybercriminals, has launched a ransomware campaign through Microsoft Teams, pretending to be platform technical support to deceive employees and gain remote access to their devices. This strategy uses social engineering tactics and represents an increasing threat, according to cybersecurity experts.
Critical Vulnerability in Fortinet
CCN-CERT has issued an alert regarding a critical vulnerability in FortiManager and FortiManager Cloud by Fortinet, which allows attackers to execute remote code. To mitigate risks, Fortinet recommends updating the affected versions and offers additional measures for those who are unable to do so. This vulnerability may be actively exploited, so urgent updates are strongly encouraged.
MONTHLY VULNERABILITIES
DEBUNKING MYTHS/CURIOSITIES
"Cybersecurity is too expensive"
Although investment in cybersecurity may seem high, the costs of not having adequate protection are much greater. According to the latest IBM report, the average cost of a security incident reached $4.88 million in 2024, a 10% increase from the previous year. Companies that do not adopt preventive measures can face costs due to loss of customers, fines, loss of intellectual property, and even operational disruptions, which can double or triple the investment in cybersecurity.
Today, cybersecurity strategies are designed to be scalable and adjustable to the size and budget of each organization. From cloud security solutions to managed services and periodic audits, there are various options available that allow companies to tailor protection measures to their specific needs, maximizing return on investment and reducing risks.
Technologies such as automation and artificial intelligence have reduced the costs of cyber incidents by $2.2 million, proving that investing in security is not an expense, but long-term protection.
TIP OF THE MONTH
Ready for DORA – Let's Prepare Operational Resilience Together
If your company belongs to the financial, banking, or insurance sectors, the January 2025 deadline to comply with the DORA regulation is approaching, and it's crucial to prepare operational resilience against incidents and cyberattacks. At Sofistic, we share some practical and technical steps to ensure your organization meets these requirements effectively:
Although DORA currently applies to European organizations, this type of cybersecurity regulation tends to expand and could be implemented in Latin America in the near future. Preparing to comply with these regulations is not only a requirement but also an opportunity to strengthen your organization and be ready for any challenges.
HIGHLIGHTED EVENTS
14/11/2024
9:00h
Hotel Only You - Madrid
Alfredo Cebrián / Fernando Denis Ramírez
CEO Cuatroochenta / Reg. Manager Sofistic ESP & Caribe
I Cybersecurity investment congress
The first event dedicated exclusively to investments in cybersegurity
This congress is designed to bring together professional investors, corporations, academics, and government representatives in a collaborative and educational space.
