Articles about cyberattack

Smaller businesses are often more at risk of cyberattack simply because they lack the resources of their larger counterparts.

WatchGuard Technologies is looking to change that with the launch of an open XDR solution that delivers levels of visibility into east/west and north/south network traffic previously only available to large enterprises with the resources to manage their own security operations center.

Continue reading →

The cybersecurity landscape is a constantly changing one, with new threats emerging and old ones evolving. This makes it difficult for organizations to ensure their defenses are up to the task of properly protecting them.

We spoke to Balazs Greksza, threat response lead at Ontinue which recently published its first threat intelligence report, to find out about the latest threats and how organizations can address them.

Continue reading →

A new report from security testing platform Synack shows a rise in critical-severity vulnerabilities in 2023 compared to 2022.

On a positive note though, despite mounting pressures on security teams, organizations have reduced their mean time to remediation for critical-severity vulnerabilities by 24 days and high-severity vulnerabilities by 18 days, down to 56 and 74 days, respectively.

Continue reading →

The latest GRIT Ransomware Report from GuidePoint Security shows that May this year resulted in a 33 percent increase overall in ransomware activity compared to April 2024, indicating a degree of seasonality given a similar increase month-on-month in May 2023 relative to April 2023.

May 2024 closed with an increase in overall victim volume. However, a deep review reveals that the rise was driven disproportionately by LockBit's 175 posted victims, accounting for 37 percent of the month’s total publicly posted ransomware victims.

Continue reading →

Security information and event management (SIEM) systems used by enterprises only have detections for 38 (19 percent) of the 201 techniques covered in the MITRE ATT&CK v14 framework according to a new report.

CardinalOps analyzed more than 3,000 detection rules, 1.2 million log sources and hundreds of unique log source types from real-world SIEM instances across Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic.

Continue reading →

New research from WithSecure looks at the trend of mass exploitation of edge services and infrastructure by attackers.

The number of edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) added to the Known Exploited Vulnerability Catalogue (KEV) per month in 2024 is 22 percent higher than in 2023, while the number of other CVEs added to the KEV per month has dropped 56 percent compared to 2023.

Continue reading →

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41 percent of data is compromised during a cyberattack, according to the latest Veeam 2024 Ransomware Trends Report.

The report, based on 1,200 responses from organizations that have faced a security incident, reveals that only 57 percent of the compromised data is usually recovered, leaving organizations vulnerable to substantial data loss and negative business impacts as a result.

Continue reading →

Attack surfaces keep expanding, making it increasingly challenging for organizations to obtain and make sense of the most relevant insights from their attack surface data.

Attack surface management platform Detectify says its users see an average of 300 breaches per set policy, with over 70 percent of active policies focusing on spotting risky open ports.

Continue reading →

The financial sector in the UK is under constant attack and that it is grappling to keep pace with ever-evolving cyber threats, according to a new report from security awareness training company KnowBe4.

The frequency of ransomware attacks on the financial sector in the UK doubled in 2023, showcasing an alarming escalation. Phishing and Business Email Compromise (BEC) remain the top threats to organizations including financial institutions.

Continue reading →

A new study reveals that 56 percent of UK adults are more worried over potential cyberattacks since Russia's invasion of Ukraine.

The study from Illumio surveyed 2,000 people to understand their attitudes towards cybersecurity and finds only 47 percent are confident in central government's capabilities to ward off digital threats effectively and just 35 percent have confidence in local government.

Continue reading →

This year has already seen several warnings of attacks targeting elections that are happening around the world.

A new report from NETSCOUT has identified a rise in politically motivated DDoS attacks. Peru experienced a 30 percent increase in attacks tied to protests about former Peruvian President Fujimori’s release from prison in December.

Continue reading →

A new study from Barracuda Networks finds just 43 percent of organizations surveyed have confidence in their ability to address cyber risk, vulnerabilities, and attacks.

The findings also show that many organizations find it hard to implement company-wide security policies such as authentication measures and access controls. 49 percent of the smaller to mid-sized companies surveyed listed this as one of their top two governance challenges.

Continue reading →

With their ability to provide access to websites, enable mobile payments, and retrieve data, QR (quick-response) codes have become a ubiquitous part of our daily lives. In fact, In 2022, approximately 89 million smartphone users in the United States scanned a QR code on their mobile devices, a 26 percent increase compared to 2020.

However, cybercriminals are also using this trend to distribute malware, steal personal information, and conduct phishing attacks, which can then be leveraged to access your confidential corporate data. As consumers and even large enterprises continue to use QR codes as a means to streamline operations, it's important to be aware of the fast-growing attack surface that bad actors are jumping on.

Continue reading →

Last year saw a 34.5 percent year-on-year increase in reported data breach incidents, with over 17 billion records compromised according to a new report from Flashpoint.

This trend looks set to continue as the first two months of 2024 alone saw a massive 429 percent spike in stolen or leaked personal data compared to the same period in the previous year.

Continue reading →

A new report reveals that 67 percent of businesses routinely synchronize most of their users’ passwords from their on-premises directories to their cloud counterparts. This poses substantial security risks by creating a gateway for attackers to hack these environments from on-prem settings.

The report from Silverfort shows that in the rush to the cloud security gaps stemming from legacy infrastructure, misconfigurations, and insecure built-in features create pathways for attackers to access the cloud, significantly weakening a company's resilience to identity threats.

Continue reading →