Cyberattacks

Cyber Insurance Claims Rise Due To Phishing and Social Engineering Cyber Attacks

May 21, 2024 By Stu Sjouwerman In KnowBe4

New data covering cyber insurance claims through 2023 shows claims have increased while reaffirming what we already know: phishing and social engineering are the real problem. If you’ve read enough of my articles here, you already know my view is a bit skewed towards the need for organizations to be aware of the true dangers of email-based cyber attacks.

Read Post

KnowBe4

Read more about Cyber Insurance Claims Rise Due To Phishing and Social Engineering Cyber Attacks

YouTube, the backdrop of a scammer's play

May 20, 2024 By Nyrmah J. Reina In Avast

The video sharing platform has become a trendy scene for cyberattackers as of late.

Read Post

Avast

Read more about YouTube, the backdrop of a scammer's play

8 out of 10 Organizations Experience a Cyber Attack and Attribute Users as the Problem

May 17, 2024 By Stu Sjouwerman In KnowBe4

Regardless of whether your environment is on-premises, in the cloud or hybrid, new data makes it clear that users are the top cybersecurity concern, and we cover what you can do about it. According to Netwrix’s 2024 Hybrid Security Trends Report, 79% of organizations experience one or more security incidents in the last 12 months. This is a 16% increase from the previous year, demonstrating that attacks are not subsiding one bit and that they are increasingly successful.

Read Post

KnowBe4

Read more about 8 out of 10 Organizations Experience a Cyber Attack and Attribute Users as the Problem

How to Protect Your Cloud Assets from Being Cryptojacked

May 17, 2024 By Panoptica In Panoptica

Cryptojacking attacks have become the most prevalent type of attack on cloud native infrastructures. For example, in 2022, there were 139M cryptojacking attacks, but the following year there were over 1 billion! That translates to nearly 3M cryptojacking attacks every day, on average in 2023.

View Video

Panoptica

Read more about How to Protect Your Cloud Assets from Being Cryptojacked

Analyzing Utilities Sector Cybersecurity Performance

May 16, 2024 By Alex Campanelli In BitSight

With economic sanctions being levied by the US against Iran and a trade war heating up with China, some security experts are cautioning that attacks targeting US critical infrastructure may be inevitable. Are electric utilities prepared to defend themselves and their facilities against these attacks?

Read Post

BitSight

Read more about Analyzing Utilities Sector Cybersecurity Performance

The Growing Threat of Identity-Related Cyberattacks: Insights Into the Threat Landscape

May 16, 2024 By Brandon Traffanstedt In CyberArk

The last 12 months have witnessed a rapid-fire round of innovation and adoption of new technologies. Powerful new identities, environments and attack methods are shaping the quickly changing cybersecurity threat landscape, rendering it more complex and causing the diffusion of risk reduction focus. New CyberArk research indicates that the rise of machine identities and the increasing reliance on third- and fourth-party providers are deepening the existing threats and creating novel vulnerabilities.

Read Post

CyberArk

Read more about The Growing Threat of Identity-Related Cyberattacks: Insights Into the Threat Landscape

User Training vs. Security Controls: Who's to Blame for Phishing Attacks?

May 16, 2024 By Razorthorn In Razorthorn

In this thought-provoking clip, the hosts debate whether security awareness training is enough to prevent users from falling for phishing scams or if stronger controls are necessary. Drawing on insights from a recent NCSC blog, they explore the ethical dilemma of assigning blame when users, despite training, click on malicious email attachments. Should the onus be on the end user, or is it a failure of security controls? Tune in to understand the complexities of balancing trust and control in cybersecurity.

View Video

Razorthorn

Read more about User Training vs. Security Controls: Who's to Blame for Phishing Attacks?

Using Trustwave DbProtect and Offensive Security Solutions to Protect Against Nation-State Cyber Threats

May 16, 2024 By Trustwave In Trustwave

The US Director of National Intelligence (DNI) earlier this month gave a stark warning to the Senate Armed Services Committee detailing the cyberthreats arrayed against the US and the world from China, Russia, North Korea, and Iran.

Read Post

Trustwave

Read more about Using Trustwave DbProtect and Offensive Security Solutions to Protect Against Nation-State Cyber Threats

How Cybersecurity Financial Quantification Helps CISOs Make Their Case to the Board

May 15, 2024 By Joe Lyons In BitSight

More enterprise business leaders are beginning to understand that cybersecurity risk equates to business risk—and getting a clearer sense of the impact that cyber exposures can have on the bottom line. Consider the MGM Resorts and Clorox Company cybersecurity incidents that occurred last year. Both suffered considerable attacks, reportedly led by the Scattered Spider cybercriminal group, causing widespread business disruption and substantial financial losses.

Read Post

BitSight

Read more about How Cybersecurity Financial Quantification Helps CISOs Make Their Case to the Board

Attackers Leveraging XSS To Make Phishing Emails Increasingly Evasive

May 14, 2024 By Stu Sjouwerman In KnowBe4

Attackers are exploiting Reflected Cross-Site Scripting (XSS) flaws to bypass security filters, according to a new report from Vipre. This technique allows attackers to send benign links in phishing emails that will redirect users to malicious sites. Vipre also found that attackers are increasingly using links instead of malicious attachments in their phishing emails. “Three years ago, it was a 50/50 split between phishing emails utilizing links versus attachments,” the researchers write.

Read Post