Attackers intensify DDoS attacks with new tactics
As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attac.....»»
Cybercriminals hijack DNS to build stealth attack networks
Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and t.....»»
USX Cyber strengthens phishing defense in GUARDIENT XDR
USX Cyber released advanced phishing protection tools within its GUARDIENT XDR platform. This latest enhancement enables organizations to strengthen defenses against sophisticated phishing attacks by providing employees with realistic training and h.....»»
Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage
Google Cloud unveiled its Cybersecurity Forecast for 2025, offering a detailed analysis of the emerging threat landscape and key security trends that organizations worldwide should prepare for. The report delivers insights into the tactics of cyber a.....»»
Infostealers increasingly impact global security
Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cybercriminals across the gl.....»»
GoIssue phishing tool targets GitHub developer credentials
Researchers discovered GoIssue, a new phishing tool targeting GitHub users, designed to extract email addresses from public profiles and launch mass email attacks. Marketed on a cybercrime forum, GoIssue allows attackers to send bulk emails while kee.....»»
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities.....»»
Microsoft is, once again, trying to force users into using Edge
Microsoft has deployed numerous tactics to bring users over to Edge over the years, but it still hasn't stopped......»»
Zscaler Zero Trust Segmentation prevents lateral movement from ransomware attacks
Zscaler announced a Zero Trust Segmentation solution to provide a more secure, agile and cost-effective means to connect users, devices, and workloads across and within globally distributed branches, factories, campuses, data centers, and public clou.....»»
The changing face of identity security
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find an attack that doesn’t feature them to some degree. Getting hold o.....»»
LED light strategy deters Great White shark attacks
Surfers could be protected from future shark attacks following new discoveries about how to trick sharks' visual systems made by Professor Nathan Hart, head of Macquarie University's Neurobiology Lab, Dr. Laura Ryan and colleagues......»»
Report: Countries must dramatically increase climate adaptation efforts and bridge the finance gap
As climate impacts intensify and hit the world's most vulnerable hardest, the "Adaptation Gap Report 2024: Come hell and high water," from the United Nations Environment Program (UNEP), finds that nations must dramatically increase climate adaptation.....»»
Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)
A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday. About CVE-2024-.....»»
3 new Xbox Game Pass games to play this weekend (November 8-10)
StarCraft: Remastered, StarCraft II: Campaign Collection, and Metal Slug Tactics offer up strategic options to Xbox Game Pass subscribers this weekend......»»
Why AI-enhanced threats and legal uncertainty are top of mind for risk executives
AI-enhanced malicious attacks are the top emerging risk for enterprises in the third quarter of 2024, according to Gartner. Key emerging risks for enterprises It’s the third consecutive quarter with these attacks being the top of emerging risk. IT.....»»
Industrial companies in Europe targeted with GuLoader
A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a remote access trojan that would permit attackers to steal information from.....»»
North Korean hackers employ new tactics to compromise crypto-related businesses
North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, phishing emails seemingly containing helpful information on risks related to the.....»»
How AI will shape the next generation of cyber threats
In this Help Net Security interview, Buzz Hillestad, CISO at Prismatic, discusses how AI’s advancement reshapes cybercriminal skillsets and lowers entry barriers for potential attackers. Hillestad highlights that, as AI tools become more access.....»»
GoZone ransomware accuses and threatens victims
A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want their files decrypted. The GoZone HTML ransom note (Source: SonicWall) The.....»»
Key cybersecurity predictions for 2025
In this Help Net Security video, Chris Gibson, CEO at FIRST, discusses the evolving threat landscape and provides a unique take on where data breaches and cyber attacks will be in 2025. The post Key cybersecurity predictions for 2025 appeared first o.....»»
Suspect arrested in Snowflake data-theft attacks affecting millions
Threat actor exploited account credentials swept up by infostealers years earlier. Canadian authorities have arrested a man on suspicion he breached hundreds of accounts belonging.....»»