Articles about cyberattack

Last May, 21 percent of all HTML attachments scanned were malicious. Ten months on, that figure has more than doubled with 45.7 percent of scanned HTML files found to be malicious in March 2023.

This finding comes from the latest Threat Spotlight report from Barracuda Networks, which shows that not only is the overall volume of malicious HTML attachments increasing, they remain the file type most likely to be used for malicious purposes.

Continue reading →

Businesses are engaged in a constant cat-and-mouse game with hackers, attackers, and bad actors in order to stay secure.

Dominic Lombardi, VP of security and trust at Kandji believes that in order to stay ahead it's necessary to master basic IT and security hygiene, update and communicate your risk register, and work steadily toward a zero-trust security model. We spoke to him to discover more.

Continue reading →

The financial impact of a ransomware attack can cost businesses up to 30 percent of their operating income, with smaller enterprises hit proportionally harder.

A new report from ThreatConnect looks at the financial impact of ransomware attacks on small ($500M), medium ($1.5B) and large ($15B) organizations within healthcare, manufacturing, and utilities.

Continue reading →

Popular online platforms such as Netflix, Facebook, and Steam are being used to spread cyber attacks as criminals focus on consumers' favorite online activities.

The latest consumer threat guide from F-Secure finds the most imitated social media platform used to spread phishing threats in 2022 was Facebook at 62 percent. Steam, the largest distribution platform for PC games, was the most popular gaming platform to spoof at 37 percent.

Continue reading →

A new report from cyber asset visibility and management company JupiterOne shows numbers of enterprise cyber assets have increased by 133 percent year-on-year, from an average of 165,000 in 2022 to 393,419 in 2023.

Organizations have also seen the number of security vulnerabilities, or unresolved findings, increase by 589 percent according to the report which analyzed more than 291 million assets, findings, and policies to establish the current state of enterprise cloud assets, including cloud and physical environments of devices, networks, apps, data, and users.

Continue reading →

The threat of business email compromise (BEC) is growing year on year and is projected to be twice as high as the threat of phishing in general.

According to a new report from cloud email security platform IRONSCALES, over 93 percent of organizations have experienced one or more of the BEC attack variants in the previous 12 months, with 62 percent facing three or more attack variants.

Continue reading →

Business email compromise (BEC) attacks are a major issue and are reckoned to have accounted for over a third of all financial losses from cyberattacks in 2021.

While not as common as phishing, BEC is a serious threat and it's not just in English-speaking countries. Abnormal Security has identified two groups using executive impersonation to execute BEC attacks on companies worldwide.

Continue reading →

Unmanaged device usage continues to increase, with only 43 percent of respondents to a new survey claiming to be actively monitoring 75 percent or more of their endpoints. For organizations with 1,000-4,999 devices, 34 percent are unmanaged, and more than half report experiencing several cyberattacks as a result of poorly managed endpoint devices.

The study, from Syxsense, of more than 380 IT and cybersecurity professionals shows that despite these blind spots most survey respondents believe endpoint security (56 percent) and management (58 percent) are getting easier compared to two years ago.

Continue reading →

New research released today by Barracuda shows 75 percent of organizations surveyed have experienced a successful email-borne attack in the last 12 months.

What's more the study, carried out by Vanson Bourne, finds recovering from an email-borne security attack costs victims more than $1 million on average and 69 percent of those hit by ransomware say the attack started with an email.

Continue reading →

Researchers at WithSecure have uncovered a cyberattack campaign linked back to North Korea's notorious Lazarus Group.

It is extremely rare to be able to link a campaign so strongly to a perpetrator as WithSecure has been able to do here. The Hackers have been targeting medical research and energy organizations with the intent to commit espionage.

Continue reading →

A quarter of US organizations were victims of ransomware attacks over the past 12 months, a steep 61 percent decline over the previous year when 64 percent fell victim.

In addition a new report from Delinea finds that the number of targeted companies who paid the ransom declined from 82 percent to 68 percent, which could be a sign that warnings and recommendations from the FBI to not pay ransoms are being heeded.

Continue reading →

In the world of cybersecurity, year after year we encounter new threats and challenges, and 2023 is going to be no different. Currently, organizations are dealing with a growing number of unknown cyber threats targeting on-premises systems, cloud infrastructure, and SaaS applications. Added to this, the skills shortage is worsening too, causing analysts to becoming overloaded and burnt-out. Combined, this is creating a perfect storm, leaving organizations more vulnerable to a breach in 2023.

So, what specifically do organizations need to be aware of? Here are four trends that will shake up the cyber landscape next year.

Continue reading →

Cyber extortion is impacting businesses of all sizes across the world, and 82 percent of observed are small businesses, an increase from 78 percent last year.

The latest Security Navigator report from Orange Cyberdefense shows a marked slow-down in cybercrime at the onset of the Ukraine war, but intensity soon increasing again.

Continue reading →

New research from Vectra AI finds 70 percent of organizations have fallen victim to an attack that used encrypted traffic to avoid detection, and 45 percent admit they've been victims more than once.

It's concerning that 66 percent say they don't have visibility into all their encrypted traffic, leaving them highly vulnerable to further encrypted attacks.

Continue reading →

Ransomware attackers are exploiting the fact that organizations have fewer security staff available at weekends and holiday times in order to launch more devastating attacks.

A new report from Cybereason shows 44 percent of companies reduce security staffing over holidays and weekends by as much as 70 percent compared to weekday levels. 21 percent reduce staff by as much as 90 percent.

Continue reading →