Articles about cyberattacks

A new report from Illumio, based on a survey of over 1,100 IT and cybersecurity decision makers, finds that almost 90 percent of leaders have detected a security incident involving lateral movement within the past 12 months.

Each incident involving lateral movement resulted in a global average of over seven hours of downtime. Alert fatigue, along with limited and fragmented visibility, especially across hybrid environments, are two of the top challenges to detecting lateral movement.

Continue reading →

A new report from AI-powered managed extended detection and response company Ontinue shows a sharp rise in MFA-bypassing identity attacks in the first half of the year.

These attacks are using token replay abuse with roughly 20 percent of live incidents involving adversaries reusing stolen refresh tokens to bypass MFA, even after password resets.

Continue reading →

Phishing has overtaken all other vectors as the leading entry point for ransomware, cited by 35 percent of affected organizations, up sharply from 25 percent in 2024.

This is one of the findings of a new report from SpyCloud which also shows that 85 percent of organizations were affected by ransomware at least once in the past year, with nearly a third (31 percent) reporting six to 10 ransomware events in the last year.

Continue reading →

With cyber threats becoming more numerous and ever more sophisticated, it’s becoming more critical than ever for organizations to prioritize targeted threats, optimize their existing defensive capabilities and proactively reduce their exposure.

One-time security assessments are looking increasingly inadequate. We spoke to CyberProof CEO Tony Velleca to discuss how organizations can effectively implement a Continuous Threat Exposure Management (CTEM) strategy to improve their protection.

Continue reading →

Last month Bitdefender revealed that 70 percent of UK CISO have faced pressure to conceal security incidents, cyberattacks and breaches.

But compliance training specialist Skillcast is warning that this could risk regulatory penalties and erode trust. The concern is heightened by escalating threats, with 612,000 UK businesses and 61,000 UK charities reporting a cyber breach or attack in the past year, with the average cost of the most disruptive breach reaching £3,550 ($4,790) for businesses and £8,690 ($11,730) for charities.

Continue reading →

New research from NETSCOUT looking at the DDoS attack landscape shows that this method has evolved into a precision-guided weapon of geopolitical influence capable of destabilizing critical infrastructure.

Based on monitoring of more than eight million DDoS attacks globally in the first half of 2025, the study shows hacktivist groups like NoName057(16) have orchestrated hundreds of coordinated strikes each month, targeting the communications, transportation, energy, and defence sectors.

Continue reading →

Cybercriminals increasingly favor malicious URLs over attachments, as they are easier to disguise and more likely to evade detection, according to the latest report from Proofpoint.

These links are embedded in messages, buttons, and even inside attachments like PDFs or Word documents to entice clicks that initiate credential phishing or malware downloads.

Continue reading →

Threat actors are favoring smaller, persistent attacks under 100,000 requests per second according to a new report. This shift signals a growing dependence on automated, generative AI-enhanced attack tools, reflecting the democratization of DDoS capabilities among loosely coordinated threat actors and new actors entering the scene.

The report from Radware also shows web DDoS attacks rose 39 percent over the second half of 2024. The second quarter set a record with a 54 percent quarter-on-quarter spike.

Continue reading →

Adversaries are weaponizing GenAI to scale operations and accelerate cyberattacks -- as well as increasingly targeting the autonomous AI agents reshaping enterprise operations. This is among the findings of CrowdStrike’s 2025 Threat Hunting Report.

The report reveals how threat actors are targeting tools used to build AI agents -- gaining access, stealing credentials, and deploying malware -- a clear sign that autonomous systems and machine identities have become a key part of the enterprise attack surface.

Continue reading →

According to new research from Radware 83 percent of credential stuffing campaigns include explicit API-targeting techniques.

The report shows a shift in credential stuffing attacks, underscoring a fundamental transformation from volume-based attacks leveraging a series of repeated password attempts to more sophisticated, multi-stage infiltration techniques.

Continue reading →

Cybercriminals are increasingly using sophisticated identity-based attacks (phishing, social engineering, leveraging compromised credentials) to gain access as trusted users and move laterally across systems undetected.

We spoke to Cristian Rodriguez, field CTO, Americas at CrowdStrike, about the company’s recent research into these attacks and now organizations can defend against them.

Continue reading →

The manufacturing industry is the most targeted industry for cyberattacks and this has has now been the case for four consecutive years.

A new study from KnowBe4 shows that this combined with the manufacturing sector’s expanding digital footprint is putting operations, intellectual property, and economic resilience at risk from critical vulnerabilities.

Continue reading →

New research from Bitdefender shows that 84 percent of high severity attacks are using Living off the Land (LOTL) techniques, exploiting legitimate tools used by administrators.

One of the findings is that the netsh.exe tool -- used for network configuration -- management is the most frequently abused tool, appearing in a third of major attacks. While checking firewall configurations is a logical initial step for attackers, this clearly demonstrates how data analysis can spotlight trends that human operators might instinctively disregard.

Continue reading →

AI-powered phishing campaigns are bypassing traditional defenses as threat actors flood inboxes with polymorphic phishing, spoofed brands, and new malware families.

New research from the Cofense Phishing Defense Center (PDC) has tracked one malicious email every 42 seconds. Many of these were part of polymorphic phishing attacks that mutate in real-time in order to bypass traditional filters.

Continue reading →

Only four percent of organizations worldwide have achieved the 'mature' level of readiness required to effectively withstand today's cybersecurity threats, even as hyperconnectivity and AI introduce new complexities for security practitioners.

The latest Cybersecurity Readiness Index from Cisco shows 86 percent of organizations faced AI-related security incidents last year. However, only 49 percent of respondents are confident their employees fully understand AI related threats, and 48 percent believe their teams fully grasp how malicious actors are using AI to execute sophisticated attacks.

Continue reading →