Refined methodologies of ransomware attacks
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up add.....»»
AI set to play key role in future phishing attacks
A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress. Attacks were both prolific and highly successful, demonstrating how cybercriminals effe.....»»
GenAI can enhance security awareness training
One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s digital footprint to crafting highly convincing spear phishing emails, to voice.....»»
Entrust protects users against fraud, phishing and other account takeover attacks
Entrust announced a single-vendor enhanced authentication solution that integrates identity verification (IDV) and identity and access management (IAM) to fight deepfakes, phishing, account takeover (ATO) attacks and other threats. By enhancing Entru.....»»
Veeam acquires Coveware to boost its ransomware protection capabilities
Veeam Software announced the acquisition of Coveware, a provider in cyber-extortion incident response. It brings ransomware recovery and first responder capabilities to further strengthen Veeam’s radical resilience solutions for customers. Coveware.....»»
Align introduces ransomware prevention feature, powered by Adlumin
Align announces the inclusion of a new ransomware prevention feature to enhance its Align Guardian Managed Detection and Response offering powered by Adlumin. This innovative solution is designed to detect and halt ransomware in its tracks, safeguard.....»»
Behavioral patterns of ransomware groups are changing
Q1 saw substantial shifts in activity from some of the most prolific Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security. RaaS groups attempt to recruit disaffected or displaced affiliates In addition to revealing a nearly 20% yea.....»»
Here’s how to protect against iPhone password reset attacks [U]
One of the latest attacks on iPhone sees malicious parties abuse the Apple ID password reset system to inundate users with iOS prompts to take over their accounts. Here’s how you can protect against iPhone password reset attacks (often called “MF.....»»
Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network firewalls f.....»»
Lemur"s lament: When one vulnerable species stalks another
What can be done when one threatened animal kills another? Scientists studying critically endangered lemurs in Madagascar confronted this difficult reality when they witnessed attacks on lemurs by another vulnerable species, a carnivore called a fosa.....»»
Reintroduced wolves kill four yearling cattle in latest of string of livestock attacks in Colorado
Wolves killed several yearling cattle in north-central Colorado this week, bringing the total number of wolf kills of livestock this month to six......»»
Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
More organizations hit by ransomware gangs are starting to realize that it doesn’t pay to pay up: “In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%,” ransomware incident response firm Coveware.....»»
Whistleblower reveals 2023 CareGard cyberattack, says F&I company concealed it from partners
AFG Cos. was unprepared for a ransomware attack last summer, for months had been unsure of the extent of the breach, and as of early this month hadn't alerted automaker partners or the agents selling its coverage to dealerships, a whistleblower alleg.....»»
Former AFG exec reveals 2023 CareGard data breach, criticizes company"s response
AFG Cos. was unprepared for a ransomware attack last summer, for months had been unsure of the extent of the breach, and as of early this month hadn't alerted automaker partners or the agents selling its coverage to dealerships, a whistleblower alleg.....»»
LastPass users targeted in phishing attacks good enough to trick even the savvy
Campaign used email, SMS, and voice calls to trick targets into divulging master passwords. Enlarge (credit: Getty Images) Password-manager LastPass users were recently targeted by a convincing phishing campaign that use.....»»
Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate
Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants — cheap, independently produced, and crudely constructed — on the dark web. The developers of these junk gun variants are attempting to disrupt the traditional affiliate.....»»
Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device tele.....»»
Attackers are pummeling networks around the world with millions of login attempts
Attacks coming from nearly 4,000 IP addresses take aim at VPNs, SSH and web apps. Enlarge (credit: Matejmo | Getty Images) Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s.....»»
Cisco Duo says a third-party data breach stole MFA SMS logs
Hackers stole Cisco Duo customers' phone numbers, and the company is warning of possible incoming smishing attacks......»»
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious.....»»
Australian court is the latest to attack Apple on behalf of rich corporations
Apple Fellow Phil Schiller has been testifying in an Australian Federal Court about the origins of the App Store in 2008, and it's just the latest example of pointless attacks on the company.Phil Schiller (left) and Steve Jobs with the first online A.....»»