Articles about cyberattack

Unmanaged device usage continues to increase, with only 43 percent of respondents to a new survey claiming to be actively monitoring 75 percent or more of their endpoints. For organizations with 1,000-4,999 devices, 34 percent are unmanaged, and more than half report experiencing several cyberattacks as a result of poorly managed endpoint devices.

The study, from Syxsense, of more than 380 IT and cybersecurity professionals shows that despite these blind spots most survey respondents believe endpoint security (56 percent) and management (58 percent) are getting easier compared to two years ago.

Continue reading →

New research released today by Barracuda shows 75 percent of organizations surveyed have experienced a successful email-borne attack in the last 12 months.

What's more the study, carried out by Vanson Bourne, finds recovering from an email-borne security attack costs victims more than $1 million on average and 69 percent of those hit by ransomware say the attack started with an email.

Continue reading →

Researchers at WithSecure have uncovered a cyberattack campaign linked back to North Korea's notorious Lazarus Group.

It is extremely rare to be able to link a campaign so strongly to a perpetrator as WithSecure has been able to do here. The Hackers have been targeting medical research and energy organizations with the intent to commit espionage.

Continue reading →

A quarter of US organizations were victims of ransomware attacks over the past 12 months, a steep 61 percent decline over the previous year when 64 percent fell victim.

In addition a new report from Delinea finds that the number of targeted companies who paid the ransom declined from 82 percent to 68 percent, which could be a sign that warnings and recommendations from the FBI to not pay ransoms are being heeded.

Continue reading →

In the world of cybersecurity, year after year we encounter new threats and challenges, and 2023 is going to be no different. Currently, organizations are dealing with a growing number of unknown cyber threats targeting on-premises systems, cloud infrastructure, and SaaS applications. Added to this, the skills shortage is worsening too, causing analysts to becoming overloaded and burnt-out. Combined, this is creating a perfect storm, leaving organizations more vulnerable to a breach in 2023.

So, what specifically do organizations need to be aware of? Here are four trends that will shake up the cyber landscape next year.

Continue reading →

Cyber extortion is impacting businesses of all sizes across the world, and 82 percent of observed are small businesses, an increase from 78 percent last year.

The latest Security Navigator report from Orange Cyberdefense shows a marked slow-down in cybercrime at the onset of the Ukraine war, but intensity soon increasing again.

Continue reading →

New research from Vectra AI finds 70 percent of organizations have fallen victim to an attack that used encrypted traffic to avoid detection, and 45 percent admit they've been victims more than once.

It's concerning that 66 percent say they don't have visibility into all their encrypted traffic, leaving them highly vulnerable to further encrypted attacks.

Continue reading →

Ransomware attackers are exploiting the fact that organizations have fewer security staff available at weekends and holiday times in order to launch more devastating attacks.

A new report from Cybereason shows 44 percent of companies reduce security staffing over holidays and weekends by as much as 70 percent compared to weekday levels. 21 percent reduce staff by as much as 90 percent.

Continue reading →

Hot on the heels of a report showing that 40 percent of business emails have unwelcome content, comes another report revealing that email is now the top way of delivering cyberattacks.

The report from Tessian shows that 94 percent of organizations experienced a spear phishing or impersonation attack, and 92 percent suffered ransomware attacks over email this year.

Continue reading →

Financial fraud email attacks are increasing year-on-year at 73 percent, with 44 percent of these representing sophisticated, targeted attacks such as wire, invoice, or vendor fraud, according to a new report from Armorblox.

The research has uncovered two vendor fraud attacks targeting approximately 4,000 inboxes each. In these the attackers used 'Look-alike Domain' attack techniques to bypass Microsoft Office 365 email security and impersonate trusted vendors with emails that looked like legitimate requests for payments.

Continue reading →

Critical infrastructure is a prime target for cybercriminals and nation state actors. It often operates on legacy operational technologies (OT) which have vulnerabilities that can't be fixed easily or directly. 

We spoke to John Moran, technical director, business development at Tufin, to discuss how organizations can protect themselves. John is a former incident response consultant and is a cybercrime forensics expert.

Continue reading →

A new report analyzing billions of link-based URLs, attachments and natural language messages in email, mobile and browser channels over six months in 2022, finds more than 255 million phishing attacks -- a 61 percent increase compared to 2021.

The study from messaging security company SlashNext shows earlier security strategies, including secure email gateways, firewalls, and proxy servers are no longer stopping threats, as bad actors increasingly launch these attacks from trusted services and business and personal messaging apps.

Continue reading →

Cyberattacks can cause significant harm to businesses, not least financial losses. According to recent findings from the Atlas VPN team, 37 percent of companies lose over $100,000 per cyberattack on average.

Some lose even more, with 22 percent of companies suffering significant losses ranging from $100,000 up to $499,999. Cybercriminals stole even more money, between $500,000 and $999,999, from 11 percent of businesses. Lastly, four percent of companies claim to have lost over $1 million after a successful cyberattack. A worrying two percent of businesses say they don't know their actual losses.

Continue reading →

A new study of 3,000 individuals across the US, UK and Canada finds that although 58 percent of tech users that had access to cybersecurity training or education say they are better at recognizing phishing messages and related attacks, 34 percent still fell victim to at least one type of cybercrime.

The research from The National Cybersecurity Alliance and CybSafe shows that of more than 1,700 incidents of cybercrime that were disclosed by participants, 36 percent were phishing attacks that led to a loss of money or data, while 24 percent report falling victim to identity theft.

Continue reading →

According to a new report from Sysdig, the unified container and cloud security company, it costs $430,000 in cloud bills for an attacker to generate $8,100 in cryptocurrency revenue. This works out at a $53 cost to the victim for every $1 the cryptojacker makes.

The report takes an extensive look at TeamTNT, a notorious cloud-targeting threat actor that generates the majority of its criminal profits through cryptojacking. TeamTNT is best known for its crypto‐jacking worm activity, which began in 2019, exploiting vulnerable instances of popular key‐value store Redis.

Continue reading →