Cisco Talos releases its Q2 IR trends report, ransomware groups target ESXi flaw, and scammers exploit GenAI in domain registration and network attacks.

In a notable development in the cybersecurity landscape, the emerging threat group known as Hunters International has added a novel remote access Trojan (RAT) to its arsenal. This group, which has quickly ascended the ranks of ransomware operators, is using the RAT, dubbed SharpRhino, to target IT professionals. Disguised as a legitimate network administration tool, SharpRhino facilitates initial access and persistence on targeted networks, setting the stage for ransomware attacks.

New analysis shows users can be convinced to copy and paste malicious code on behalf of the attacker. I first saw this kind of attack earlier this month – where the user is asked to launch the Run dialog box and paste in a malicious command. I never thought I'd see something similar again, but I was wrong.

Two deceptive tactics—spoofing and phishing—are at the core of many cyberattacks. Understanding these threats is essential for protecting your digital assets.

The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports. The CSA’s report found that cybercriminals are selling tools that automate these attacks, allowing unskilled threat actors to launch sophisticated attacks.

Two major organizations breached in 2023 — MGM Resorts and 23andMe — have one part of their hacks in common: identity. Initial access in the 23andMe breach came from credential stuffing, and it was a lack of access control that allowed the threat actors to move deeper into the organization, ultimately exfiltrating data from millions of user accounts.

Bot attacks constitute a major danger to businesses and individuals. For five consecutive years, the percentage of global web traffic connected to bad bots has increased, reaching 32% in 2023, a 1.8% increase from 30.2% in 2022, while human traffic represented only 50.4%. These nefarious bots are designed to breach a system, access confidential files illegally, and disrupt normal operations, which leads to severe financial and reputational consequences.

New analysis of Q2 2024 cyber attacks shows the number of attacks experienced weekly by organizations globally is on the rise. Each quarter, Check Point Research puts out a quarterly report covering what cyber attack activity they’re seeing globally. Their latest report covering Q2 of 2024 highlights an unexpected rise in overall attack numbers.