Refined methodologies of ransomware attacks
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up add.....»»
NHS Scotland confirms ransomware attackers leaked patients’ data
NHS Dumfries and Galloway (part of NHS Scotland) has confirmed that a “recognised ransomware group” was able to “access a significant amount of data including patient and staff-identifiable information,” and has published R.....»»
Cybercriminals use cheap and simple infostealers to exfiltrate data
The rise in identity-based attacks can be attributed to a rapid increase in malware, according to SpyCloud. Researchers found that 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related. Of these.....»»
AI weaponization becomes a hot topic on underground forums
The majority of cyberattacks against organizations are perpetrated via social engineering of employees, and criminals are using new methods including AI to supercharge their techniques, according to ReliaQuest. Some 71% of all attacks trick employees.....»»
Apple users targeted by sophisticated phishing attack to reset their ID password
There are many known phishing attacks that target users of Apple devices to gain access to their Apple ID. However, a new “elaborate” attack uses a bug in the Apple ID password reset feature with “push bombing” or “MFA fatigue” techniques.....»»
If you"re getting dozens of password reset notifications, you"re being attacked
Apple users are becoming the target of a new wave of phishing attacks called "MFA Bombing" that relies on user impatience, and a bug in Apple's password reset mechanism.An example of the Apple ID password reset notificationPhishing attacks often rely.....»»
Essential elements of a strong data protection strategy
In this Help Net Security interview, Matt Waxman, SVP and GM for data protection at Veritas Technologies, discusses the components of a robust data protection strategy, emphasizing the escalating threat of ransomware. He highlights the importance of.....»»
This ‘unpatchable’ Mac flaw is keeping me up at night
A newly discovered vulnerability could leave Apple Silicon Macs wide open to malicious hacker attacks -- and it looks like the flaw can’t even be patched......»»
DOJ antitrust lawsuit complains that iPhones are cool, says lawyer
One element of the DOJ antitrust lawsuit against Apple addresses iMessage, and Apple’s decision to keep the app exclusive to iPhone. But it goes further than arguing that this is anti-competitive, and attacks the use of green chat bubbles for Andro.....»»
CISA: Here’s how you can foil DDoS attacks
In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental ent.....»»
US DOJ attacks nearly every aspect of Apple"s business in massive antitrust suit
After years of complaints by competitors, and an equally-long investigation, the long-rumored antitrust suit against Apple has finally been filed by the US Department of Justice — and it is going after nearly every part of the company.Apple has bee.....»»
Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware
Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-20.....»»
Malware stands out as the fastest-growing threat of 2024
93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year, according to Thales. The number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Despite.....»»
A perfect storm: Assessing the deadly impact of climate-driven flooding and cyber attacks
Society is now in an era in which climate change and cyber insecurity are regular threats to life and property. In tandem, the two have the potential to be especially deadly......»»
Growing AceCryptor attacks in Europe
ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the a.....»»
API environments becoming hotspots for exploitation
A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart o.....»»
Red teaming in the AI era
As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure i.....»»
Researchers uncover culprits behind pitting corrosion in 3D-printed stainless steel
Like a hidden enemy, pitting corrosion attacks metal surfaces, making it difficult to detect and control. This type of corrosion, primarily caused by prolonged contact with seawater in nature, is especially problematic for naval vessels......»»
Appdome launches Social Engineering Prevention service to safeguard mobile users
Appdome has unveiled its new Social Engineering Prevention service on the Appdome platform. The new service enables mobile brands to continuously detect, block and intervene the moment social engineering attacks attempt to exploit user trust or manip.....»»
Public anxiety mounts over critical infrastructure resilience to cyber attacks
With temporary failures of critical infrastructure on the rise in the recent years, 81% of US residents are worried about how secure critical infrastructure may be, according to MITRE and The Harris Poll. Public views cyberattacks as greatest risk to.....»»
Member of LockBit ransomware group sentenced to 4 years in prison
33-year-old Canadian-Russian national pleaded guilty last month. Enlarge (credit: Getty Images | Charles O'Rear) A dual Canadian-Russian national has been sentenced to four years in prison for his role in infecting more.....»»