Legitimate penetration testing tools like Cobalt Strike, Impacket and RMM, are being used by threat actors because it's more efficient to use existing tools that are proven to be successful than to create new software.

The latest Threat Detection Report from managed detection and response firm Red Canary shows Cobalt Strike in particular has never been more popular, impacting eight percent of its customers in 2021.

Continue reading →

As we reported last week, cyberattacks are being used on both sides of the Russia-Ukraine conflict. Two new reports out today take a deeper look at how the cyber aspect of the conflict is developing.

Accenture's Cyber Threat Intelligence team has been looking at how threat actors have been dividing along ideological lines. Meanwhile Aqua Security's Team Nautilus has been analyzing the cloud technologies used in the conflict.

Continue reading →

We're used to a high volume of cyberattacks originating from Russia, but in an interesting turnaround following the invasion of Ukraine, 70 percent of cyberattacks in March have been targeted at Russia.

Research from Atlas VPN shows a further 19 percent of attacks targeting Ukraine. The USA is the third biggest target but attacks targeting the country accounted for only five percent of the total.

Continue reading →

Analysis of security events across more than 120,000 user accounts last year shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are coming from Russia and China.

The latest SaaS Application Security Insights (SASI) Report from SaaS Alerts also suggests these countries may be coordinating attack efforts. Attack trend lines that compare Russia and China show almost exactly the same pattern.

Continue reading →

A cyberattack on UK-based food manufacturer KP Snacks could lead to shortages of some of the company's popular products including KP Nuts, Tyrrells Crisps and Hula Hoops.

There are as yet unconfirmed reports that the company's factory at Billingham on Teesside has stopped production and most of its 900 staff have been temporarily stood down.

Continue reading →

While most endpoint security products are capable of handling public email and web-based threats, many are unable to provide complete protection against targeted attacks, according to a new report.

Security testing firm SE Labs tested a variety of endpoint security products from different vendors in order to gauge their effectiveness.

Continue reading →

A new survey of 2,500 adults looks at how workforce burnout has opened businesses to attacks, with trends such as remote and hybrid work, the Great Resignation and worse behavior by cybersecurity professionals being the driving forces behind the threat.

The research, from password manager 1Password, finds that 84 percent of security professionals and 80 percent of other workers are feeling burned out, leading to serious backsliding around security protocols.

Continue reading →

A new poll of 250 information technology, IT security, legal and risk/fraud/compliance professionals reveals that 83 percent say they have experienced a successful cyber attack in the past two years, with half saying the attackers managed to reach their critical IT assets.

No surprise then that 86 percent admit to having been kept awake at night by concerns about the protection of critical systems.

Continue reading →

A lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations according to a new report.

The study from Cybereason shows 24 percent of companies have no security plan for holidays and weekends and 43 percent say that attacks at these times take longer to stop.

Continue reading →

New research from security automation specialist Ivanti shows that ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since the beginning of 2021.

The report, produced with Cyber Security Works and Cyware, reveals that the last quarter has seen a 4.5 percent increase in CVEs associated with ransomware.

Continue reading →

APIs are designed to be fast and easy pipelines between different platforms. They offer convenience and user experience which makes APIs essential to many businesses, but it also makes them attractive targets for cybercriminals.

A new report from Akamai, produced in collaboration with Veracode, highlights the frustrating pattern of API vulnerabilities, despite improvements that have been made in software development life cycles (SDLCs) and testing tools.

Continue reading →

Research from commercial insurance provider Corvus reveals that the cost of ransomware to businesses remains high.

Ransomware claims that resulted in payments to fraudsters are down though, mostly due to improved backup processes and greater preparedness. In the third quarter of 2020, 44 percent of ransomware claims involved a successful payment, but that decreased to just 12 percent by Q3 of this year.

Continue reading →

A new report out today looks at the measures businesses are taking against bots and how successful they are -- and it doesn't offer good news.

The study from Kasada finds that 64 percent of organizations lost more than six percent or more of their revenue due to bot attacks, and 32 percent have lost 10 percent or more in the last year.

Continue reading →

A new survey of over 700 small and medium businesses shows that 80 percent say they feel more secure now than they did last year in spite of increasing levels of cyberattacks.

The study from network security specialist Untangle shows security budgets increasing over 2020 levels too.

Continue reading →

UK businesses faced a new cyberattack every 47 seconds over the summer as the volume of attempts to breach their systems online increased following an earlier slowdown.

Analysis of commercial internet traffic from business ISP Beaming shows that the attack rate increased by four percent between July and September, having fallen in the second quarter.

Continue reading →