Security

Twitter has confirmed that a hacker was able to exploit a security vulnerability on the social platform earlier this year, gaining access to the private data of millions of users.

In total, 5.4 million accounts were affected, with the attacker able to link account names to email addresses and phone numbers. While the incident took place back in January this year, Twitter has also revealed that the exposed user data was made available to buy just last month. In what will be regarded by many as something of an understatement, the company says that "it is unfortunate that this happened".

It might still be a bit early to begin thinking about next year, but new research from Intel 471 analyzes recent and commonly used tactics, techniques and procedures (TTPs) that have been adopted by prominent threat actors.

It also looks at how these threats have affected enterprises, along with predictive intelligence assessments on threats that organizations should be prepared to thwart over the next year.

A large majority of companies are only at an entry level in terms of their cloud security capabilities according to a new study.

The research, carried out for cloud infrastructure security company Ermetic by Osterman Research, surveyed 326 organizations in North America with 500 or more employees and who spend a minimum of $1 million or more each year on cloud infrastructure.

According to a new report 94 percent of companies have experienced security problems in production APIs in the past year, with 20 percent saying the organization suffered a data breach as a result.

The latest State of API Security Report from Salt Security also finds that found that API attack traffic has more than doubled in the past 12 months with a 117 percent increase. In the same period overall API traffic grew 168 percent, highlighting the continued explosion of enterprise API usage.

The latest OT/IoT security report from Nozomi Networks shows that wiper malware and IoT botnets dominate threats to industrial control systems.

Researchers have observed the robust usage of wiper malware, and seen the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.

Microsoft has launched two new security products, bolstering the capabilities of Microsoft Defender. The company says that the aim of the two tools is to help organizations lock down their infrastructure and reduce their overall attack surface.

The tools, Microsoft says, also provide "deeper context into threat actor activity" making it easier to predict malicious activity and secure resources. Microsoft Defender Threat Intelligence works by mapping the internet every day, so that security teams have the data needed to understand current attack techniques, while with Microsoft Defender External Attack Surface Management lets security teams see their system as attackers do.

A new study reveals that 87 percent of the ransomware found on the dark web can be delivered via malicious macros in order to infect targeted systems.

The research from Venafi, in partnership with criminal intelligence provider, Forensic Pathways, looked at 35 million dark web URLs and forums to uncover a thriving ransomware community with highly damaging macro-enabled strains readily available.

Phishing is one of the most common forms of cyberattack, fooling people into thinking they're dealing with a trusted organization in order to get them to part with credentials.

But what are the hallmarks of a phishing attack? Atlas VPN has collected some phishy statistics to find out.

Governments, utilities and other key industries are prime targets for attack including from nation state actors and cybercriminals seeking to extract a ransom.

But David Anteliz, technical director at Skybox, believes that given the increase in tensions across the world threat actors will evolve their tactics with the use of a 'three-headed dragon approach' that goes beyond the probing we have seen so far.

Securing endpoints used to be a simple matter of installing a firewall and antivirus solution and then keeping them updated.

But as threats have become more sophisticated, networks more complex and working patterns have shifted away from the office, securing and managing endpoints has become a much greater problem for enterprises.

Despite the fact lateral movement has been a frequent factor in security breaches for years, attackers still use it in the vast majority of cyber-attacks. Moving across cloud and on-premises applications and services -- threat actors escalate their way to often unprotected core technical assets -- dropping ransomware, stealing data, poisoning the supply chain and more.

Organizations must start thinking more broadly and implementing solutions to proactively detect and prevent lateral movement attacks in real-time.

The latest vulnerability intelligence report from Flashpoint finds that 52 percent of all vulnerabilities reported in the first half of 2022 that were scored 10.0 -- the most severe level -- on CVSS are likely scored incorrectly.

When scoring, CVSSv2 guidelines take a 'score for the worst' approach if details of some of the metrics used are unclear. But the report points out this has resulted in many vulnerabilities being scored a 10.0, even though they are actually less severe, simply due to vendors providing fewer details.

In the past cybercriminals have tended to shun Linux in favor of more widely used operating systems, but new data indicates that this trend is starting to shift.

Statistics from the Atlas VPN team show new Linux malware reached record numbers in the first half of 2022, with nearly 1.7 million samples being discovered. This puts it in second spot for the number of new samples even though it has only one percent of the OS market (not counting Android).

The latest quarterly report from NortonLifeLock's global research team, Norton Labs, looks at how cybercriminals are using social media phishing attacks to steal private information.

Based on analysis of a full year of phishing attacks on the top social media platforms, it finds plenty of fake login pages designed to trick victims into inputting their login credentials, but also a diversity and complexity of lures going far beyond that one technique.

A new survey reveals that 60 percent of respondents believe their overall security strategy does not keep pace with the threat landscape, and that they are either lagging behind (20 percent), treading water (13 percent), or merely running to keep up (27 percent).

The study from privileged access management specialist Delinea also shows that 84 percent of organizations experienced an identity-related security breach in the last 18 months, despite 40 percent of respondents believing they have the right strategy in place.