Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2024

Rubrik

Rubrik powers Okta with critical user context to safeguard against identity attacks

Sep 30, 2024 By Seema Kathuria In Rubrik
Identity-based cyber attacks continue to prevail and impact organizations. Stealing credentials was the top initial action in breaches, according to Verizon. Plus, 84% of identity stakeholders surveyed said identity-related incidents directly impacted their business, resulting in reputational damages, distraction from core business, and increased recovery costs.
Read Post
manageengine

Five worthy reads: Cyberattacks in the banking industry

Sep 27, 2024 By General In ManageEngine
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore cyberattacks in the banking industry. Gone are the days when paychecks were rolled out in envelopes on payday. We’ve evolved from juggling between counters to deposit a check to managing everything through a single mobile banking application. Indeed, modern banking saves us time and encourages self-service.
Read Post
securitysenses

Cybersecurity in Web Development: Best Practices for Secure Sites

Sep 27, 2024 By SecuritySenses In SecuritySenses
Creating a website takes more than designing it to be visually appealing and user-friendly. Due to increased cyber threats, web developers have a challenge on their hands as they are required to observe security measures for both the users and the website. There is a high possibility of incurring costs due to reputation loss and business losses due to security breaches, thus emphasizing the need for the incorporation of security into every stage of web development. Everything must be perfectly safe, so we decided to ask professionals from paspartoo.com what things really matter.
Read Post
safeaeon

CDK Ransomware Attack: What It Is and How to Protect Your Business

Sep 26, 2024 By SafeAeon Inc. In SafeAeon
Software platforms are being used more and more by companies to run their operations, store private data, and talk to customers. Ransomware attacks are becoming more common because people depend on them so much. One of the scariest types of hacks is the CDK ransomware attack, which is aimed at companies that use software from CDK Global.
Read Post
WatchGuard

Living-off-the-land Attacks: The Challenge and WatchGuard Advanced EPDR

Sep 25, 2024 By Iratxe Vazquez In WatchGuard
In cybersecurity, "Living-off-the-land" (LotL) attacks have become increasingly difficult to detect. These attacks exploit legitimate system tools like PowerShell, WMI, or Office macros instead of relying on external malware, allowing attackers to move stealthily within a network. Traditional security measures struggle to identify these attacks, as they use trusted, digitally signed tools. LotL attacks appeal to cybercriminals because they evade detection and reduce the risk of being traced.
Read Post
salt security

Why Choose a Cloud-Native Approach to Fend Off API Attacks

Sep 25, 2024 By Eric Schwake In Salt Security
As organizations adopt a “digital-first” mentality, APIs have essentially become the backbone of modern applications, providing seamless integration between services, platforms, and third-party systems. For businesses, APIs help streamline processes and for consumers, APIs enable smooth and easily accessible digital services. However, an increased reliance on and growing number of APIs has also made them prime targets for cyberattacks.
Read Post
tripwire

Understanding Network Attacks: Types, Trends, and Mitigation Strategies

Sep 25, 2024 By Kirsten Doyle In Tripwire
At a time when digital connectivity is the lifeblood of all business operations, the specter of network attacks is greater than ever. As entities depend on complex network infrastructures, malefactors exploit vulnerabilities with growing sophistication and frequency. Understanding the diverse nature of these threats—from DoS and DDoS attacks to reconnaissance exploits—is crucial for devising effective defense strategies.
Read Post
Trustwave

FINRA Warns of Rising Risks as Third-Party Cyberattacks Threaten Financial Services

Sep 25, 2024 By Trustwave In Trustwave
Earlier this month, the Financial Industry Regulatory Authority (FINRA) posted a cybersecurity advisory highlighting the recent cybersecurity risks of third parties impacting its members and financial services organizations. The recently released Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Financial Services Sector underscores FINRA's concern about the escalating threat landscape facing the financial industry.
Read Post

Falcon Exposure Management - Predictors of Attack

Sep 24, 2024 By CrowdStrike In CrowdStrike
Falcon Exposure Management empowers enterprises with real-time insights to confidently manage risk by creating a near digital twin of your IT and security landscape. Predictors of Attack leverages OverWatch and Intelligence Patterns to analyze potential intrusion vectors, transforming complex data into clear investigation and remediation priorities. Guided Remediation then pre-calculates the most effective solutions, turning priorities into actionable plans—all to stop breaches before they start.
View Video
tripwire

Warnings After New Valencia Ransomware Group Strikes Businesses and Leaks Data

Sep 24, 2024 By Graham Cluley In Tripwire
A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world. In recent days Valencia Ransomware has posted on its dark web leak site's so-called "Wall of shame" links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper manufacturer.
Read Post
a10 networks

The Machine War Has Begun: Cybercriminals Leveraging AI in DDoS Attacks

Sep 24, 2024 By Jamison Utter In A10 Networks
In the digital landscape, the integration of Artificial Intelligence (AI) into cybercriminal activities has marked the beginning of a new era of threats. The “machine war” has indeed commenced, with AI enhancing the scale and sophistication of cyberattacks. Distributed denial of service (DDoS) attacks, in particular, have become more formidable with AI’s capabilities, presenting significant challenges for cybersecurity defenses.
Read Post
knowbe4

Educate Your Users About Malicious SEO Poisoning Attacks

Sep 23, 2024 By Roger Grimes In KnowBe4
Since the beginning of computers, social engineering has been the number one way that computers and networks have been compromised. Social engineering is involved in 70% to 90% of all successful data breaches. Nothing else is even close (unpatched software and firmware are involved in 33% of successful attacks, everything else is 1% or less).
Read Post
securitysenses

4 Ways Ethical Hacking Services Helped Businesses Prevent Cyber Attacks

Sep 22, 2024 By SecuritySenses In SecuritySenses
As technology continues to advance at a rapid pace, so do the tactics of cybercriminals. For businesses of all sizes, the threat of a cyber attack is growing more and more concerning. Through the use of ethical hacking techniques, companies can identify vulnerabilities in their systems. They can also address them before malicious hackers exploit them. In this post, we will explore the ways ethical hacking services have become a valuable asset in the fight against cyber attacks.
Read Post
knowbe4

Online Scams Are Shortening Their Cycles and Making More Money

Sep 20, 2024 By Stu Sjouwerman In KnowBe4
New analysis of blockchain activity shows scammers are needing less time to obtain crypto payments and are seeing higher payoffs per scam. I continue to repeatedly cover breakdowns of cybercrime activity from the folks at Chainalysis because it represents an unbiased view that some security vendors may inherently have (because their data is based on what their solutions do and don’t discover).
Read Post
manageengine

Top tips: Four ways organizations can reduce their attack surface

Sep 19, 2024 By General In ManageEngine
Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’re looking at four ways you can minimize your attack surface. Organizational IT infrastructure is now more spread out, multi-layered, and complex than ever.
Read Post
Arctic Wolf

Top Government Cyber Attacks

Sep 19, 2024 By Arctic Wolf In Arctic Wolf
Government entities were in the top five industries targeted by both ransomware and business email compromise (BEC) attacks in 2023, according to Arctic Wolf. Additionally, the FBI reported that government entities were the third most-targeted sector by ransomware in 2023, and Arctic Wolf’s own research saw the average ransom for government organizations top $1 million USD that same year. It’s clear that cyber threats are plentiful for these entities.
Read Post
knowbe4

SANS Releases Guide to Address Rise in Attacks on Manufacturing and Industrial Control Systems

Sep 18, 2024 By Stu Sjouwerman In KnowBe4
Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically addressing this risk. Manufacturing has been a target of ransomware for quite some time — I’ve even covered a recent attack focused on credential harvesting.
Read Post
appsentinels

Why Web Application Firewalls (WAFs) are inadequate against API Attacks

Sep 18, 2024 By AppSentinels
During our various customer interactions, we often discuss how Appsentinels solution is different compared to a Web Applicaton Firewall (WAF) in protecting against API's attack. The core difference is that Appsentinels API Security Platform knows the context of what is it protecting while unfortunately WAF's don't. Let me explain why I am saying this and why this is important.
Get White Paper
cyberint

The 4 Most Common Attack Vectors in LATAM

Sep 17, 2024 By Ariel Friedstadt In Cyberint
The digital footprint of organizations has evolved and grown significantly over the past 10 years, now its important to not only protect just IP addresses and domains but also social media, payment platforms, and third-party services. Identifying risks like vulnerabilities, supply chain attacks, and credential leaks are crucial for organizational security. The Cyberint team have analyzed 1000s of risks and threats and narrowed down the top 4 risks facing Latin America in 2024 and going into 2025.
Read Post
Arctic Wolf

Five Hidden Costs of Cyber Attacks

Sep 17, 2024 By Arctic Wolf In Arctic Wolf
In the modern, interconnected world, no organization is immune from a cyber attack. Indeed, most experts agree that it is a matter of “when,” not “if” an organization will be targeted by threat actors. If an attack is successful, the immediate costs — including potential ransom payments, lost revenue, and costs associated with remediation and restoration — can be substantial.
Read Post
ionix

Review of the Polyfill Supply Chain Attack - Lessons & Mitigation

Sep 16, 2024 By Fara Hain In IONIX
In June 2024, the digital world was rocked by a significant supply chain attack involving Polyfill.io, a JavaScript library that had been a staple in web development for over a decade. Originally designed to ensure compatibility between older browsers and modern web APIs, Polyfill.io became a silent vulnerability when a Chinese company named “Fun Null” acquired the domain in February 2024.
Read Post
securitysenses

How Cyber Threats Impact Route Optimization

Sep 14, 2024 By SecuritySenses In SecuritySenses
In 2024, cyber threats cast a shadow over how we navigate roads. Imagine hackers hijacking smart vehicles or manipulating traffic grids to cause chaos. You might wonder how route optimization software keeps you safe and efficient amidst these risks. Here's where enterprise solutions shine. They fortify GPS technology against potential intrusions. But there's more than just defense; they enhance your fleet's performance too.
Read Post
knowbe4

Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Sep 13, 2024 By Stu Sjouwerman In KnowBe4
Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user interaction. “Unit 42 researchers observed many large-scale phishing campaigns in 2024 that used a refresh entry in the HTTP response header,” the researchers write. “From May-July we detected around 2,000 malicious URLs daily that were associated with campaigns of this type.
Read Post
wallarm

Fundamentals of GraphQL-specific attacks

Sep 13, 2024 By Wallarm In Wallarm
Developers are constantly exploring new technologies that can improve the performance, flexibility, and usability of applications. GraphQL is one such technology that has gained significant attention for its ability to fetch data efficiently. Unlike the traditional REST API, which requires multiple round trips to the server to gather various pieces of data, GraphQL allows developers to retrieve all the needed data in a single request.
Read Post
keeper

The Most Recent Credential Stuffing Attacks on Companies in 2024

Sep 13, 2024 By Ashley D'Andrea In Keeper
So far in 2024, many major companies have fallen victim to credential stuffing attacks. Some of these notable credential stuffing victims include Roku, Okta, General Motors and Levi’s. Credential stuffing attacks occur when a cybercriminal uses stolen login credentials to attempt to log in to multiple accounts simultaneously. Since many people reuse their passwords, cybercriminals can use stolen credentials to sign in to many accounts, compromising employee, customer and organizational data.
Read Post
Rubrik

Defending Against Attacks on Data with Rubrik and the CrowdStrike Falcon Platform

Sep 12, 2024 By Zoltan Deak In Rubrik
In today's digital landscape, cyber attacks are an ever-present threat, and they all ultimately target one thing: data. For most organizations, the challenge lies not only in protecting this data but also in understanding the full scope of what they have. Many organizations struggle to identify how much sensitive data they possess, where it resides, and who has access to it.
Read Post
netwrix

How Attackers Are Bypassing PowerShell Protections

Sep 11, 2024 By Jeff Warren In Netwrix
PowerShell is one of the most popular platforms for malicious actors. To protect your critical data and systems, it’s vital to implement strategies for blocking and detecting attacks that exploit PowerShell. However, you should not assume those security measures are airtight — adversaries are constantly looking for ways to bypass your defenses. Let’s explore three of those techniques, so you can build an even more robust strategy for defending your data and your business.
Read Post
knowbe4

Phishing Attack Takes a Two-Step Approach to Leverage Legitimate Sites and Evade Detection

Sep 6, 2024 By Stu Sjouwerman In KnowBe4
Analysis of a new phishing attack demonstrates how attackers may take a longer path to reach their malicious goals while staying “under the radar” of security products. It would be pretty simple to create a phishing attack that sends its’ victims a brand-impersonated email with a link that takes you to an impersonated webpage that asks for credentials, personal details or credit card information. But many of today’s security products will detect the impersonation immediately.
Read Post
keeper

Are Cyber Attacks Increasing?

Sep 6, 2024 By Ashley D'Andrea In Keeper
Yes, cyber attacks including phishing, malware and ransomware attacks, continue to increase in 2024. According to Keeper Security’s recent study, 92% of IT leaders say cyber attacks are occurring more frequently today than in 2023. Continue reading to learn which types of cyber attacks have increased in 2024, emerging cyber threats and how to protect your organization from cyber attacks.
Read Post
fireblocks

Anatomy of a Centralized Exchanges Attack

Sep 6, 2024 By Fireblocks In Fireblocks
Recently, there have been a number of attacks on high-profile centralized exchanges (CEXs) in the digital asset space. We feel it is critical to highlight some of the most common attack vectors in this area so that, in the future, CEXs can adequately protect themselves, their institutional trading partners, and their retail customers.
Read Post
splunk

Handala's Wiper: Threat Analysis and Detections

Sep 6, 2024 By Splunk Threat Research Team In Splunk
On July 19, 2024, CrowdStrike released configuration updates for its Windows sensor, aiming to enhance security and performance. Unfortunately, this update inadvertently led to widespread downtime, manifesting as Blue Screen of Death (BSOD) on millions of machines worldwide. The BSOD, a critical system error screen, halts all operations, rendering affected systems inoperable until resolved.
Read Post
safeaeon

Incident Response Services: Mitigate Damage and Recover from Cyber Attacks Quickly

Sep 6, 2024 By SafeAeon Inc. In SafeAeon
In this digital era, businesses are more likely to be attacked online by scams like phishing and viruses like ransomware. When a breach happens, it's important to respond quickly and effectively to limit the damage, keep the business running, and protect private data. Specialized cybersecurity companies offer incident response services that give businesses the knowledge and tools they need to handle security incidents quickly and effectively.
Read Post

Minimizing the Impact of Cloud Attacks

Sep 5, 2024 By Kroll In Kroll
What does your organization have in place to minimize the damage when an incident happens? Having handled thousands of incident response cases, our experts recommend putting high quality monitoring tools in place to detect potential threats to the cloud, such as zero-day vulnerabilities, misconfigurations and insider threats and more. Watch now. Additional Kroll Research on Cloud Safety.
View Video
bluevoyant logo

What Does a Third-Party Breach Look Like?

Sep 5, 2024 By BlueVoyant
In the past few years, third-party cyber attacks have imparted financial and reputational damage to every sector, from banks to healthcare systems to governments. The average cost of a third-party data breach in 2021 was $4.33 million, according to a report from IBM and the Ponemon Institute. While CISOs are well aware of the potential supply chain devastation from attacks, preventing them has been a challenge. In this white paper, we'll walk through three third-party breach scenarios, including real-world examples, offering practical solutions to prevent such attacks.
Get White Paper
jfrog

Revival Hijack - PyPI hijack technique exploited in the wild, puts 22K packages at risk

Sep 4, 2024 By Andrey Polkovnichenko In JFrog
JFrog’s security research team continuously monitors open-source software registries, proactively identifying and addressing potential malware and vulnerability threats to foster a secure and reliable ecosystem for open-source software development and deployment. This blog details a PyPI supply chain attack technique the JFrog research team discovered had been recently exploited in the wild.
Read Post
Arctic Wolf

How a Security Operations Approach Can Prevent Man-in-the-Middle Attacks

Sep 3, 2024 By Arctic Wolf In Arctic Wolf
Here’s an endpoint you don’t often think about: your car. But if it’s Wi-Fi enabled, as many new models are, that means it resides at the end point of a network connection and can communicate on that network, making it an endpoint.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.