In the past few years, we have witnessed a significant shift in the attack landscape, from stealing clear text credentials to targeting session-based authentication. This trend is driven by the proliferation of multi-factor authentication (MFA), which makes it harder for attackers to compromise accounts with just passwords.

In our always-online world, we're facing a new kind of cyber threat that's just as sneaky as it is harmful: subtextual attacks. These aren't your run-of-the-mill security breaches; they're cunningly crafted messages that may look harmless—but they actually carry a dangerous payload within them. Join me as we take a closer look at this under-the-radar, but still dangerous, threat.

The cybersecurity domain mirrors the physical space, with the security operations center (SOC) acting as your digital police department. Cybersecurity analysts are like the police, working to deter cybercriminals from attempting attacks on their organization or stopping them in their tracks if they try it. When an attack occurs, incident responders, akin to digital detectives, piece together clues from many different sources to determine the order and details of events before building a remediation plan.

Recent cyberattacks and the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) research indicate the danger facing the healthcare industry is not subsiding, which means healthcare providers must maintain a high level of alert and continue to bolster their cyber defenses.

Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.

The vulnerability lies in the way HTTP/2 implementations handle CONTINUATION frames, which are used to transmit header blocks larger than the maximum frame size. Attackers exploit this weakness by sending an excessive number of CONTINUATION frames within a single HTTP/2 stream. This flood of frames overwhelms the server's capacity to process them efficiently.

There were nearly 29,000 vulnerabilities published in 2023, amounting to over 3,800 more common vulnerabilities and exposures (CVEs) being issued last year than in 2022. More troubling than the sheer volume of vulnerabilities in 2023 is that over half of them were given a CVSS score indicating high or critical severity — an increase of 57% YoY.

Suppose someone left their home, got in their car, and drove to the grocery store. Much like data packets that travel over Internet highways, the car will use various pathways to reach its destination; however, once the car gets to the store, a question remains: what happened between the generating point and the destination? If nothing happened, the driver (our data) traveled safely and without incident.