Following on from part 1 of our Royal Mail blog, our consultants take a more technical approach to the Royal Mail Ransomware attack and dive deeper into what happened.

Small and medium-sized businesses (SMBs) are more frequent targets of cybercrime than larger companies, industry research shows, and the trend is putting enormous financial pressure on small businesses. Some SMBs feel this pressure more strongly than others: CrowdStrike’s data shows sectors including not-for-profit and transportation are more frequently targeted with high- and critical-severity attacks than other industries.

PostgreSQL is a powerful, open-source relational database management system (RDBMS). Because of its robustness and scalability, PostgreSQL is used extensively in the cloud. Most public cloud providers including AWS, Azure and GCP provide database services to their customers based on PostgreSQL.

The LCBO, a major Canadian retailer, recently experienced a cybersecurity breach that compromised the personal information of thousands of customers. The incident, which was discovered on January 10th, affected the client-side of the company’s website through which LCBO conducts online sales. It resulted in the unauthorized access of sensitive information such as names, addresses, email addresses, LCBO.com account passwords, Aeroplan numbers, and credit card information.

Reporting revealed declining ransomware profits in 2022, a new backdoor based on the CIA’s Hive malware is discovered, and a new wave of BackdoorDiplomacy attacks are targeting Iranian government entities.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

If you want to learn how to prevent a DDoS attack in your cloud environment by detecting the early signs of compromise associated with this threat, then this article should explain most of the best practices required to secure your cloud infrastructure. From January through July 2022, Sysdig Threat Research team implemented a global honeynet system that captured numerous breaches through multiple attack vectors.

Security teams know, bug bounty hunters, and ethical hackers know it: Large attack surfaces are hard to manage. In this day and age, if you’re a medium-large organization without a comprehensive External Attack Surface Management (EASM) program in place, there’s a pretty good chance that you have some hosts on the Internet that you’re not aware of. Despite this, the concept of EASM is still new to many.

This week, UK’s Postal Service, Royal Mail has been hit with a Ransomware attack, which put the countries sensitive data at risk. In this blog post, we’ll take a look at what ransomware is, how it can affect businesses and individuals, and what we’ve learnt from this huge scale attack. Stay tuned for more updates on this developing story.

This blog post will provide an analysis of the malicious Redline Infostealer payloads which have been taken from a real life malware incident, responded to and triaged by the ThreatSpike SOC team. This analysis will be broken down to demonstrate, describe and explain the various stages of the attack chain.

Read also: NortonLifeLock hit with a credential-stealing attack, Mailchimp hacked twice in less than a year, and more.

In a watering hole attack, threat actors usually have to follow a series of steps. First, they need to research the target and make sure they know the type of website the potential victim frequents. Then, they attempt to infect it with malicious code so that when the victim visits it, the website exploits a vulnerability in the browser or convinces them to download a file that compromises the user device.

Cross-Site Scripting (XSS) attacks are bad news. And they can affect lots of people, often unknowingly. Chief among the top cybersecurity threats affecting users worldwide, any website with unsafe elements can become vulnerable to XSS attacks — making visitors to that website unwitting cyberattack victims. To secure your website from XSS attacks, you must first know what they are.

What are the most common cybersecurity threats facing your business? The 2023 Cyber Threat Landscape Study provides valuable threat intelligence to help you implement the appropriate security measures against real threats. The Outpost24 research team is sharing the results of the attack data from a network of honeypots deployed to gather actionable threat intelligence. Here are the key findings from the 42 million attacks that were registered (between January 1 – September 30, 2022).

Zero-day vulnerabilities present a very real threat to cybersecurity. Exploiting a zero-day vulnerability as an attack vector is a complex process, but it allows attackers to slip into your system undetected and leave without a trace.

DDoS attacks are increasingly becoming common, especially for people who have their websites. This happens because DDoS attacks are harder to trace, and the perpetrators are hard to identify. As we advance into the IoT era, it's hard to deny that these attacks are becoming more frequent and powerful. This blog will cover DDoS attacks and how to prevent them.

It's time for you and your colleagues to become more skeptical about what you read. That's a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread fake news. Experts at WithSecure have described their investigations into just how easy it is to automate the creation of credible yet malicious content at incredible speed.

Cyberattacks have never been more common than they are now. This is particularly true as the world starts to recover from the pandemic and moves toward a more cloud-based approach. Did you know that 54% of businesses were victims of cyberattacks in the past year? And 75% reported increased security incidents, most frequently caused by identity thefts, ransomware,

Your business is at high risk if you have no security measures. A cyber-attack can cause devastating financial damage to your business, including legal liabilities. Cyber-attacks can result in lasting adverse repercussions on the reputation, as clients and customers can lose faith in your business if their personal data gets leaked. It can affect productivity, but you can mitigate the impact of attacks by deploying protective gear and training systems for your business and employees.

The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware that attacks are frequently impacting smaller companies. These numbers point to unusual trends occurring in the healthcare industry.

Much of an organization’s most critical business and employee data passes through the hands of finance and accounting professionals. It’s one of the main reasons cyberthreats present a significant risk to finance and accounting teams — especially for small accounting firms that are directly responsible for their security.

In December, CrowdStrike reported that beginning in June 2022, the CrowdStrike Services, CrowdStrike® Falcon OverWatch™ and CrowdStrike Intelligence teams observed an increase in the targeting of telco and BPO industries. CrowdStrike Intelligence attributed this campaign with low confidence to the SCATTERED SPIDER eCrime adversary.

IT leaders count on Human Resource (HR) departments to be partners in promoting an organizational culture that values security. From setting device usage policies on an employee’s first day to facilitating security training and awareness, HR has an important role to play in the adoption of IT policies. In their day-to-day roles, HR is critical to security in its own right.

The Internet of Things (IoT) has revolutionised the way we live and work, connecting devices and systems to the internet and each other to create a more efficient and interconnected world. However, as with any new technology, the IoT comes with its own set of security risks and vulnerabilities. In this blog, we will look at the 10 most common IoT hacks and how to defend against them.

The JFrog Security Research team is constantly looking for new and previously unknown vulnerabilities and security issues in popular open-source projects to help improve their security posture and defend the wider software supply chain.

The cyber landscape is ever-evolving. Organizations have started moving their resources to the cloud excessively to scale up their deliverables. The hybrid work culture and BYOD policies have made an organization’s network increasingly perimeter-less. With organizations adopting different policies to increase operational efficiency, SOCs scramble to ensure security in the network. As for attackers who are opportunists by nature, the hybrid work model introduces a lot of opportunities.

In promoting a company and its products, marketing oversees critical points of contact between the business and its customers. Marketing teams make sure a company and its products are known in the broader market, gain the interest of potential customers and guide customers through the buying process. Just as importantly, marketing teams promote and steward a company’s brand — one of its most valuable assets.

Gunnar Andrews discusses how ethical hackers can look to EASM techniques to help increase their ethical hacking skills. For organizations, this article gives insight into the methods and types of information that ethical hackers or even malicious attackers will collect to increase knowledge about an organization’s assets.

Another year, another reshaping of the never-boring and constantly evolving world of online crime. Old favorites like phishing, MITM attacks, and, of course, ransomware carried on strong while new variations and tricky workarounds continued to develop. For our final monthly cyber attack roundup of the calendar year, let’s take a look at four cases that stood out for the versatility of their executions, the escalation of their tactics, and/or the aggressiveness of their perpetrators.