The emergence of trinity attacks on APIs
When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a risk analysis.....»»
Cybercriminals capitalize on travel industry’s peak season
Cybercriminals are capitalizing on the travel and hospitality industry’s peak season, using increased traffic as cover for their attacks, according to Cequence Security. Researchers investigated the top 10 travel and hospitality sites to identi.....»»
PSA: Watch out for phishing attacks with fake banking app updates
A security researcher has discovered a phishing attack intended to fool iPhone users into installing what is claimed to be an update to their banking app. The attack works despite iOS protections because what is actually being ‘installed’ is a.....»»
Lateral movement: Clearest sign of unfolding ransomware attack
44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or editing files, and 14% were unmasked by behavior that didn’t fit with kn.....»»
Widespread culling of crocodiles is not an effective way to stop attacks on humans, study shows
Education and community awareness, removal of problem animals and exclusion areas are significantly more effective in reducing saltwater crocodile attacks in the Northern Territory than a widespread culling program to reduce crocodile numbers, accord.....»»
Adversaries love bots, short-lived IP addresses, out-of-band domains
Fastly found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing an alarming trend in attacks spreading across a broader target base. In.....»»
Most ransomware attacks occur between 1 a.m. and 5 a.m.
There’s been an alarming increase in ransomware attacks over the past year, alongside significant shifts in the tactics and strategies employed by cybercriminals that underscore the necessity for organizations to implement around-the-clock moni.....»»
GenAI models are easily compromised
95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manip.....»»
Kids who survived shooting at Kansas City Super Bowl parade are scared, suffering panic attacks and sleep problems
Six months after Gabriella Magers-Darger's legs were burned by sparks from a ricocheted bullet at the Kansas City Chiefs Super Bowl parade in February, the 14-year-old is ready to leave the past behind......»»
Average DDoS attack costs $6,000 per minute
2023 saw a surge in the frequency and duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal, according to Zayo. DDoS attack duration increases DDoS attacks surged 106% from H2 2023 to H1 2024. The.....»»
Cybercriminals exploit file sharing services to advance phishing attacks
Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of ph.....»»
Organizations turn to biometrics to counter deepfakes
The risk of deepfakes is rising with 47% of organizations having encountered a deepfake and 70% of them believing deepfake attacks which are created using generative AI tools, will have a high impact on their organizations, according to iProov. Perce.....»»
Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, wh.....»»
Protecting academic assets: How higher education can enhance cybersecurity
Cyber attacks against higher education institutions increased by 70% in 2023. This is largely due to legacy endpoint security management and practices, limited IT support staff, and overwhelming amounts of data, much of which is PII (personally ident.....»»
Explosion of cicada-eating mites has the state of Illinois scratching
The good news: There's little risk beyond the rash. The bad: The rash is awful. Enlarge / A cicada from a 17-year cicada brood clings to a tree on May 29, 2024, in Park Ridge, Illinois. The state experienced an emergence of cicad.....»»
Unlearning the RaaS Model: How ransomware attacks are evolving
Unlearning the RaaS Model: How ransomware attacks are evolving.....»»
DDoS attack volume rises, peak power reaches 1.7 Tbps
The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore. Peak attack power rose from 1.6 terabits per second (Tbps) in H2 2023 to 1.7 Tbps. DDoS attacks hit Gaming, tech, fi.....»»
Current attacks, targets, and other threat landscape trends
In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. Whil.....»»
Lawsuit Attacks Florida’s Lab-Grown Meat Ban as Unconstitutional
Upside Foods, a leading cultivated-meat company, argues that the ban violates the US Constitution in several ways......»»
VW said to delay Trinity EV flagship, may bring forward electric Golf launch
VW Group CEO Oliver Blume is reallocating product launch investments amid a slowdown in the EV market and the need for the group to cut costs to boost profitability......»»
The role of employee awareness in preventing supply chain attacks
The role of employee awareness in preventing supply chain attacks.....»»