Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

netwrix

A Comprehensive Look into Password Attacks and How to Stop Them

Nov 29, 2024 By Dirk Schrader In Netwrix
There are some things you want to keep private such as your bank account number, government ID number, etc. In the digital age, that includes the passwords that protect these accounts because once your account credentials are compromised, cybercriminals can get that information. That is why password attacks have become so prominent today.
Read Post
wallarm

How Is API Abuse Different from Web Application Attacks by Bots?

Nov 27, 2024 By Wallarm In Wallarm
API abuse and web application bot attacks are often confused. This is understandable, as both involve automated interactions and are usually executed by bots. Both attack vectors are prevalent; criminals are always eager to disrupt the foundations on which businesses base their operations to achieve their malicious goals and they frequently automate their actions for maximum results.
Read Post

Navigating the new era of attacks

Nov 26, 2024 By ManageEngine In ManageEngine
In this episode of Server Room, we sit down with Karuppaiah Veeraiah, Head of Security at Zoho, to explore the latest trends and groundbreaking technologies in the world of cybersecurity. We delve into practical insights on how organizations can stay ahead of emerging threats, fortify their digital defences, and prepare for the challenges of the upcoming year.
View Video
jfrog

Everything you need to know about EvilProxy Attacks

Nov 26, 2024 By Orel Bitan In JFrog
An “Evil Proxy” is a malicious proxy server used by attackers to intercept and change the communication between a client and a legitimate server. It is also known as Phishing-as-a-Service (PhaaS), where the attackers attempt to deceive individuals into providing sensitive information such as usernames, passwords, and credit card numbers.
Read Post
aikido

Path Traversal in 2024 - The year unpacked

Nov 23, 2024 By Mackenzie Jackson In Aikido
Path traversal, also known as directory traversal, occurs when a malicious user manipulates user-supplied data to gain unauthorized access to files and directories. Typically the attacker will be trying to access logs and credentials that are in different directories. Path traversal is not a new vulnerability and has been actively exploited since the 90s when web servers gained popularity, many relied on Common Gateway Interface (CGI) scripts to execute dynamic server-side content.
Read Post
knowbe4

Phishing Attacks Exploits the Open Enrollment Period

Nov 22, 2024 By Stu Sjouwerman In KnowBe4
A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security. The attackers are using legitimate notifications from Dropbox to send phishing messages, asking recipients to view a document on Dropbox regarding annual salary increases and open enrollment elections.
Read Post
knowbe4

Threat Group Use AI Adult-Based "Deepnude" Image Generator Honeypots to Infect Victims

Nov 22, 2024 By Stu Sjouwerman In KnowBe4
The threat group FIN7 is using the lure of generating nude images of favorite celebrities to get victims to download their NetSupport RAT. In any social engineering scam, there’s always the need to create some sense of urgency to act in order to make the potential victim take an action that enables the attack. In the case of a new attack by threat group FIN7, the urgency appears to be the desire to see deepfake nude images.
Read Post
safeaeon

Understanding the Risks and Mitigation of Phishing Attacks in 2024

Nov 22, 2024 By SafeAeon Inc. In SafeAeon
Even though cybersecurity is always changing, phishing attacks are still a threat that is getting worse. The goal of these attacks is to get people to give up private data like passwords, financial information, or company secrets by using social engineering tricks. As technology has improved, phishing schemes have grown more complex in 2024. They now use convincing methods to target both people and businesses. According to new studies, 91% of cyberattacks start with a phishing email.
Read Post

What is active directory and why is it on an attackers radar?

Nov 20, 2024 By Fidelis Security In Fidelis Security
In the past year, 85% of organizations have experienced an Active Directory attack. To strengthen your security posture and defend your AD, you need to what attackers are looking for. In this video,'s experts give you an insight into what exactly is Active Directory and what makes it such a lucrative target for cyber attackers.
View Video
foresiet

Inside Storm-0940: Uncovering Tactics of a Prolific Chinese Cyber Espionage Group

Nov 20, 2024 By Foresiet In Foresiet
Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.
Read Post
knowbe4

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

Nov 20, 2024 By Stu Sjouwerman In KnowBe4
The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.
Read Post
Trustwave

10 Tips to Help Holiday Shoppers to Stay Safe from Scams and Cyberattacks

Nov 20, 2024 By Trustwave In Trustwave
The holiday season is here, and with it comes the thrill of Black Friday deals and holiday shopping sprees. But it's not just shoppers who are gearing up – cybercriminals are ready to take advantage of the holiday rush, hoping to catch unsuspecting consumers off guard. While Trustwave generally focuses on protecting enterprises from cyberattacks and scams, we feel it’s important to help consumers, as well. After all, many people use work devices for online shopping and accessing social media.
Read Post
cloudflare

Bigger and badder: how DDoS attack sizes have evolved over the last decade

Nov 20, 2024 By José Salvador In Cloudflare
Distributed Denial of Service (DDoS) attacks are cyberattacks that aim to overwhelm and disrupt online services, making them inaccessible to users. By leveraging a network of distributed devices, DDoS attacks flood the target system with excessive requests, consuming its bandwidth or exhausting compute resources to the point of failure. These attacks can be highly effective against unprotected sites and relatively inexpensive for attackers to launch.
Read Post
datadog

How attackers take advantage of Microsoft 365 services

Nov 20, 2024 By Mallory Mooney In Datadog
According to our most recent cloud security report, most cloud security incidents are the result of compromised credentials for either human or non-human identities. Once an attacker successfully controls an identity, such as a highly privileged user account, they can quickly move to other areas of an environment, including prevalent targets like sensitive data stores. This pattern of behavior is similar across all cloud platforms and services.
Read Post
memcyco

6 Ways to Prevent Man-in-the-Middle (MitM) Attacks

Nov 20, 2024 By Zach Lakovics In Memcyco
In today’s cyber attack scene, data often takes a detour – straight through hackers’ systems. Unlike phishing or ransomware, which aim to trick users into handing over credentials or stealing data directly from systems, a Man-in-the-Middle (MitM) attack involves an unseen intermediary trying to fool each of two parties into thinking he’s the other one, capturing and/or altering information communicated between the parties, etc.
Read Post
netwrix

How to Detect and Prevent Session Hijacking

Nov 19, 2024 By Dirk Schrader In Netwrix
Imagine leaving your car key at a public place, only to drop your keys when exiting the vehicle. Someone picks them up and drives away. They speed through a school zone and are caught on camera. Later, the car is used in a robbery. Now, you’re not only missing your car but also wrongly implicated in criminal activities.
Read Post
signmycode

What is Blind XSS? How to Detect and Prevent Blind XSS Attacks & Vulnerabilities?

Nov 19, 2024 By SignMyCode In SignMyCode
Blind Cross-Site Scripting is a type of Cross-Site Scripting attack in which the injected script is executed in the context of another page and different circumstances compared to the page in which it was inserted. Blind XSS differs from regular XSS attacks as the attacker cannot see the effect of the injected script in his or her browser since the script is executed in a place that the attacker can not access.
Read Post
safeaeon

New Strategies to Auto Block Website Ping Attack for Enhanced Security

Nov 19, 2024 By SafeAeon Inc. In SafeAeon
It is more important than ever to protect websites from hacking in today's digital world. One common type of attack is the Ping Flood, also called the "Ping of Death." This is when a lot of ping requests are sent to a website's server at once, slowing it down or even crashing it. Attacks like these are more likely to happen as websites get busier and more complicated. This is why it's important to have strong defenses in place.
Read Post
cato networks

Revolutionizing TLS Inspection: How Cato Networks Is Transforming Encrypted Traffic Security

Nov 19, 2024 By Andrea Napoli In Cato Networks
In today’s digital environment, encrypted traffic has become the norm, with over 90% of web communications now utilizing encryption. While this secures data in transit, it has become a blind spot for enterprises, enabling attackers to hide malware within encrypted channels. According to the Q3 2024 Cato CTRL SASE Threat Report, organizations that enable TLS inspection block 52% more malicious traffic than organizations than don’t.
Read Post
manageengine

Mapping the DCRat attack to the MITRE ATT&CK framework

Nov 18, 2024 By General In ManageEngine
The IT industry has seen an unshakable surge in malware attacks. According to SonicWall’s 2022 Cyber Threat Report, almost 2.8 billion malware attacks were detected in 2022. Approximately 30% of these malware attacks were carried out using emails containing malicious links and attachments. On June 10, 2022, one such malware, Dark Crystal, also known as DCRat, jolted Ukraine. It is a remote access Trojan (RAT) that has been receiving regular upgrades and new modules since 2018.
Read Post
upguard

Top Strategies to Protect Your Website from Subdomain Takeovers

Nov 18, 2024 By Leah Sadoian In UpGuard
Subdomain takeovers pose a significant and often overlooked threat to website security. In today's digital age, almost every business has a website to promote, inform, and provide resources to visitors. Websites that use multiple subdomains risk exposing themselves to cyberattacks. Subdomain takeovers can lead to data breaches and reputational damage. However, these risks can be minimized with the right strategies, and your organization can stay protected.
Read Post
Arctic Wolf

The Role of Pretexting in Cyber Attacks

Nov 18, 2024 By Arctic Wolf In Arctic Wolf
A threat actor sends an email to a user at an organization claiming to be from the IT department. They need a password to a critical application, and the email is convincing – it mentions aspects of the application that would only be known to the user, it brings up a recent update email that was sent out company wide, and it even closes with a friendly, “Hope to see at next week’s happy hour!” in the sign-off.
Read Post
a10 networks

The Strategic Advantage of Hybrid DDoS Protection: Cost Efficiency and Enhanced Control

Nov 15, 2024 By Jamison Utter In A10 Networks
In the digital age, distributed denial of service (DDoS) attacks pose a significant threat to organizations, potentially leading to service disruptions and financial losses. To effectively combat these threats, businesses are increasingly adopting hybrid DDoS protection solutions. By integrating cloud traffic scrubbing, on-premises local protection, global DDoS-specific threat intelligence, and an orchestration platform, hybrid solutions offer a comprehensive defense strategy.
Read Post
cyberint

Not Your Grandfather's Hacktivists: How Hacktivism Has Evolved

Nov 14, 2024 By Coral Tayar In Cyberint
Hacktivism – the practice of carrying out cyberattacks to advance political or social goals – is not new. Hacktivist attacks go as far back as the 1980s. Yet today’s hacktivists often look and operate in ways that are markedly different from their predecessors. They’ve embraced new techniques, they often have more resources at their disposal and they can prove more challenging to stop.
Read Post
cyphere

Major cyber attacks and data breaches of 2024

Nov 14, 2024 By Harman Singh In Cyphere
As 2024 draws to a close, the cybersecurity landscape continues to evolve, marked by both familiar adversaries and emerging threats with newer technologies and improved tactics. Rather than merely cataloguing breaches, we look into the anatomy of significant cyber attacks, associated vulnerabilities that led to such events, and relevant controls. We’ve chronicled key developments month by month, offering a comprehensive view of the cyber attacks of 2024 narrative that would help you learn lessons.
Read Post
securitysenses

The Rise of Security in Today's Technology Era

Nov 14, 2024 By SecuritySenses In SecuritySenses
In today's connected world, security is one of the most crucial fears for both people and institutions. With the increase in internet use, digital transformation as well as new technologies such as cloud computing and the Internet of Things (IOT), cyber threat attack surface has increased substantially. Cybercriminals, hackers, and other malicious actors are increasingly faced with the need to secure these assets from them as more data and processes go online, thus making it a more complex endeavor.
Read Post
knowbe4

Fortifying Defenses Against AI-Powered OSINT Cyber Attacks

Nov 13, 2024 By James McQuiggan In KnowBe4
In the ever-evolving landscape of cybersecurity, the convergence of Artificial Intelligence (AI) and Open-Source Intelligence (OSINT) has created new opportunities for risk. It is crucial to understand that this powerful combination is also being weaponized by cybercriminals, presenting unprecedented challenges for organizations worldwide.
Read Post
aikido

The State of SQL Injection

Nov 11, 2024 By Mackenzie Jackson In Aikido
SQL injection (SQLi) has a history that is older than Internet Explorer (which according to Gen Z was the start of civilization). There have been thousands of breaches caused by SQL injection and an endless amount of well-documented best practices and tools to help prevent it. So surely, surely we learned our lesson from these breaches and SQLi is no longer an issue.
Read Post
securitysenses

How to Conduct a Comprehensive Base Security Assessment

Nov 11, 2024 By SecuritySenses In SecuritySenses
Conducting a comprehensive base security assessment is crucial. It ensures the safety of personnel, assets, and information. With the rise of various threats, it's more important than ever to evaluate and enhance security measures systematically. A thorough assessment not only identifies weaknesses. It also assists in implementing effective security controls to mitigate risks. In this detailed guide, we will explore essential steps and best practices to perform a base security assessment. We will enable you to deploy effective security solutions tailored to your environment.
Read Post
datadog

Protect your applications from zero-day attacks with Datadog Exploit Prevention

Nov 7, 2024 By Christophe Papazian In Datadog
Due to their numerous components and dependencies, web applications often have multiple vulnerabilities—many of them unknown and susceptible to zero-day attacks—that can be exploited by malicious HTTP requests. Determining whether a vulnerability exists is challenging without visibility into an application’s real-time data and event flows, which isn’t possible with existing firewall-based solutions.
Read Post
knowbe4

Attackers Abuse DocuSign to Send Phony Invoices

Nov 7, 2024 By Stu Sjouwerman In KnowBe4
Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm. “Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard,” Wallarm says.
Read Post
securitysenses

How AI Can Help Law Firms Ensure Cybersecurity

Nov 7, 2024 By SecuritySenses In SecuritySenses
Artificial intelligence is now being used in many sectors and can have very positive effects. Routine jobs that people no longer want to deal with are given to artificial intelligence and completed efficiently. One of these sectors can be the cyber security sector. Many companies need to ensure their cyber security, including law firms, and artificial intelligence can help companies in this regard.
Read Post
knowbe4

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

Nov 5, 2024 By Stu Sjouwerman In KnowBe4
ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks. The threat actor begins by sending mass email spam campaigns targeting employees, then adding people who fall for the emails to Microsoft Teams chats with external users. These external users pose as IT support or help desk staff, and send employees Microsoft Teams messages containing malicious QR codes.
Read Post
knowbe4

If Social Engineering Is 70% - 90% of Attacks, Why Aren't We Acting Like It?

Nov 4, 2024 By Roger Grimes In KnowBe4
Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of my 36-year career to realize it. At the time, I think everyone in cybersecurity knew social engineering was a big part of why hackers and their malware programs were so successful, but no one really knew how big.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.