Articles about cyberattack

A new report from Abnormal Security highlights real-world examples of how AI is being used to carry out cyberattacks.

Generative AI allows scammers to craft unique email content, making detection that relies on matching known malicious text strings infinitely more difficult.

Continue reading →

The use of automated security technology is growing rapidly according to the latest edition of the annual Building Security In Maturity Model (BSIMM) report from Synopsys.

The research also shows that there's a move towards a 'shift everywhere' culture -- which means performing security tests throughout the entire software development life cycle -- across more organizations.

Continue reading →

A major new threat has made its presence felt in the last few months. Cybercriminals have expanded the use of screen spoofing or overlay attacks from web applications to trusted mobile apps.

What’s more, the availability of as-a-service technology has lowered the threshold for attacks. We spoke to Dr. Klaus Schenk, SVP security and threat research at Verimatrix, to learn more about how these attacks work and what can be done to guard against them.

Continue reading →

A new report from HP Wolf Security reveals cybercriminal marketplaces offering low-level attackers the tools needed to bypass detection and infect users in the form of so-called 'meal kits'.

These are pre-packaged malware kits which give low-level attackers all the ingredients to evade detection tools, making it easier for them to breach organizations and steal sensitive data.

Continue reading →

Over the last two years, the average organization's cybersecurity program was prepared to preventively defend against, or block, just 57 percent of the cyberattacks it encountered. This means 43 percent of attacks launched are successful and need to be remediated after the fact.

This is among the findings of a new report from Tenable, based on a survey of over 800 IT and cybersecurity leaders carried out by Forrester Consulting.

Continue reading →

OpenText Cybersecurity has released its sixth annual look at the threat landscape to reveal the most notorious malware trends.

This year four new ransomware gangs, believed to be a new generation of previous big players, top the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign.

Continue reading →

As QR codes have become popular, they're used for all kinds of things from mobile payments to access control and even document sharing. The problem is that they can also hide risks so it's no surprise that they're becoming a popular vehicle for phishing.

New analysis from Hoxhunt finds the use of QR codes in 22 percent of attacks on its 'global human risk network' in the first weeks of October 2023.

Continue reading →

A new report from Netskope looks at the activities of cybercriminals based on the techniques and motivators that were most commonly detected among its customers in the first three quarters of 2023.

In news that will come as a surprise to precisely nobody it shows that the highest percentage of cybercriminal activity comes from Russia, while China accounts for most politically-motivated attacks.

Continue reading →

A new survey of over 500 security and IT operations leaders worldwide shows that 61 percent believe that data loss within the next 12 months due to increasingly sophisticated attacks is ‘likely’ or ‘very likely’.

The study from Commvault, with research carried out by IDC, reveals that in many cases, senior executives/line-of-business leaders are minimally engaged in their company's cyber preparedness initiatives -- just 33 percent of CEOs or managing directors and 21 percent of other senior leaders are heavily involved.

Continue reading →

According to a new survey of 302 security professionals, almost 80 percent say they have 'good' or 'excellent' career prospects, and more than 84 percent say the industry is 'growing' or 'booming'.

However, the report from The Chartered Institute of Information Security (CIISec) finds the industry is still plagued by issues including stress and overwork. 22 percent of respondents work more than the 48 hours per week mandated by the UK government, and eight percent work more than 55 hours which, according to the World Health Organization, marks the boundary between safe and unsafe working hours.

Continue reading →

Despite considerable efforts by business leaders to protect their digital assets, in today’s cybersecurity landscape, a security breach is all but inevitable. According to reports, threat actors have already compromised hundreds of millions of records in 2023, and IBM says 83 percent of businesses had more than one breach in 2022. Companies must prepare themselves to respond and seamlessly recover post-attack in this climate and starting at the endpoint could help bolster their cyber resilience.

Endpoint management plays a pivotal role in supporting a robust cyber resilience strategy. By maintaining an up-to-date inventory of all devices connected to your network, endpoint management allows for the rapid identification and isolation of potentially compromised systems, preventing the spread of security incidents and minimizing their impact.

An endpoint management approach to cyber resilience is also supported by principles found in the MITRE Corporation’s Cyber Resiliency Engineering Framework (CREF) Navigator. Their cyber resilience framework focuses on sharing an understanding of what it takes to maintain and inform preparedness and is guided by four pillars. These include:

Continue reading →

We reported earlier today that businesses are struggling with IoT device connectivity, another report out today shows that securing these devices is a major problem too.

The study for Keyfactor, conducted by Vanson Bourne, finds 97 percent are struggling to secure their IoT and connected products to some degree.

Continue reading →

New research from Bitdefender reveals a rise in 'stream-jacking' attacks against high-profile accounts in order to spread fraudulent messages.

The attacks may involve a full account takeover or simply luring followers to a mimicked channel with the promise of rewards using various techniques including livestream pop-ups, QR codes, and malicious links.

Continue reading →

UK businesses have experienced on average 30 cyber incidents over the last twelve months, marking a 25 percent increase compared to last year.

But a new report from iomart and Oxford Economics finds that 27 percent of organizations think their cyber security budget is inadequate to fully protect them from growing threats. This is despite spending more than £40,000 ($48,000) a year on cyber protection such as vulnerability assessments, penetration testing, and red team engagements.

Continue reading →

Senior executives are 60 percent more likely to click on malicious links than their employees, making them a vulnerable target for hackers, according to a new report.

However, data from SoSafe also reveals that senior managers are more likely to report a suspicious email (20 percent) than employees (eight percent) are, which shows that security awareness among top management is rising.

Continue reading →