Cyberattacks

Understanding Drive-by Download Attacks

Oct 8, 2024 By Sule Tatar In Arctic Wolf

An employee at a large organization is doing research for a client and clicks on what they believe is a legitimate website. What they don’t realize is, while they’re browsing, malware in the form of a Trojan virus is swiftly downloading onto their endpoint. The Trojan jumps from the endpoint into the organization’s network, and suddenly, their cybersecurity system rings alarms as ransomware takes hold in the environment.

Read Post

Arctic Wolf

Read more about Understanding Drive-by Download Attacks

How to Prevent Cyber Attacks: Strategies and Best Practices

Oct 8, 2024 By Dirk Schrader In Netwrix

In today’s digitally connected world, any organization with digital assets and internet access is vulnerable to cyberattacks. That reality has become all too pervasive in recent years. While it may not be part of your business plan, protection against cyber attacks must be a high priority. Keeping your business safe from attack should be a shared objective across all areas of the organization.

Read Post

Netwrix

Read more about How to Prevent Cyber Attacks: Strategies and Best Practices

How To Prevent Man-in-the-Middle Attacks

Oct 7, 2024 By Ashley D'Andrea In Keeper

You can prevent Man-in-the-Middle (MITM) attacks in your organization by investing in a password manager, using a VPN, monitoring your network and training employees on security best practices. MITM attacks occur when a cybercriminal intercepts private data sent between two businesses or individuals to steal or alter the data with malicious intent.

Read Post

Keeper

Read more about How To Prevent Man-in-the-Middle Attacks

Anatomy of a Cyber Attack: The PAN-OS Firewall Zero-Day

Oct 7, 2024 By Arctic Wolf In Arctic Wolf

On April 12, 2024, Palo Alto Networks published a security advisory detailing an actively exploited maximum severity zero-day vulnerability affecting the GlobalProtect feature of PAN-OS. Dubbed CVE-2024-3400, it was assigned the maximum critical severity score of 10.0 through the Common Vulnerability Scoring System (CVSS), meaning the potential for damage was large and the path to exploit was easy for cybercriminals.

Read Post

Arctic Wolf

Read more about Anatomy of a Cyber Attack: The PAN-OS Firewall Zero-Day

What Are Pretexting Attacks: Scam Types and Security Tips?

Oct 4, 2024 By Steven In IDStrong

Have you ever received a text from someone you do not know? Did you become alarmed by the message? Did the message contain information about you and the people you know? Pretexting continues to become part of the global hacker's arsenal of tricks to manipulate their victims. This hack includes clicking on malicious links that can lead to identity threats, financial fraud, and extortion. Preventing pretexting starts security awareness training for users.

Read Post

IDStrong

Read more about What Are Pretexting Attacks: Scam Types and Security Tips?

Cyberattacks in the education sector up 258% last academic year

Oct 4, 2024 By Sam Manjarres In WatchGuard

Cybercriminals are targeting educational institutions, attracted by the vast amount of sensitive data they handle: student and employee personal information, research, and intellectual property. With tight technology budgets and often weak defenses, many of these organizations are easy prey for increasingly complex cyberattacks, putting their reputation and operations at risk.

Read Post

WatchGuard

Read more about Cyberattacks in the education sector up 258% last academic year

Securing QR Codes: Protect Against Cyber Threats

Oct 4, 2024 By SecuritySenses In SecuritySenses

QR codes have become part of daily life, enabling quick access to websites and services with a single scan. However, this convenience also makes them a major target for cybercriminals who exploit their popularity. The hidden nature of QR data can easily redirect users to malicious content or phishing sites without their knowledge. With the growing risks tied to this technology, businesses need to implement more advanced security measures. Simple practices like regularly checking code destinations and verifying source authenticity can help reduce vulnerabilities.

Read Post

SecuritySenses

Read more about Securing QR Codes: Protect Against Cyber Threats

New VPN Credential Attack Goes to Great Lengths to Obtain Access

Oct 3, 2024 By Stu Sjouwerman In KnowBe4

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network. This is one of the most advanced initial access attacks I’ve seen. Security analysts at GuidePoint Security have published details on a new attack that tricks users into providing the attacker with credentialed access.

Read Post

KnowBe4

Read more about New VPN Credential Attack Goes to Great Lengths to Obtain Access

How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack

Oct 2, 2024 By Manish Arora In Cloudflare

Since early September, Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks. Cloudflare’s defenses mitigated over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (Tbps). The largest attack peaked 3.8 Tbps — the largest ever disclosed publicly by any organization. Detection and mitigation was fully autonomous.

Read Post

Cloudflare

Read more about How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack

Dick's Sporting Goods Cyber Attack Underscores Importance of Email Security and Internal Controls

Oct 2, 2024 By Stu Sjouwerman In KnowBe4

The recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls. Dick’s Sporting Goods is a $12 billion company with more than 800 stores across the United States. That measure of success made the retailer the target of a recent cyber attack. A filing with the U.S.

Read Post