Cyberattacks

Preventing Magecart Attacks Through Supply Chain Vulnerabilities

Apr 30, 2024 By Nethanel Gelernter In IONIX

The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that is depended on for a particular first-party service (such as your website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.

Read Post

IONIX

Read more about Preventing Magecart Attacks Through Supply Chain Vulnerabilities

Shamane Tan on cyber resilience - Cyber Security Decoded

Apr 30, 2024 By Rubrik In Rubrik

Bouncing back from a cyber incident, data breach or #ransomware attack is a great accomplishment…but how can you bounce forward? A complete Cyber Resilience strategy is mission-critical. Security teams should be proactive and have response plans in place for when #CyberAttacks hit, rather than attempting to prevent attacks from occurring. With a #CyberResilience strategy, your team will be equipped with a plan when a cyber incident occurs while also having tools to identify those malicious attacks before they happen.

View Video

Rubrik

Read more about Shamane Tan on cyber resilience - Cyber Security Decoded

What is MFA bombing? Apple users were targeted using this phishing technique

Apr 29, 2024 By Luis Corrons In Avast

Some Apple users have reported phishing attacks using the password reset feature.

Read Post

Avast

Read more about What is MFA bombing? Apple users were targeted using this phishing technique

Targeted Smishing Attacks by Threat Group "The Com" On The Rise

Apr 29, 2024 By Stu Sjouwerman In KnowBe4

Cyber activity by the group "The Com," which leverages (SIM) swapping, cryptocurrency theft, swatting, and corporate intrusions, is increasing. Security researchers at Intel471 have published an analysis of the threat group, “The Com” (short for “The Community”), providing details about their targets and tactics. Operating mostly from Canada, the U.S.

Read Post

KnowBe4

Read more about Targeted Smishing Attacks by Threat Group "The Com" On The Rise

New Report Finds That 27% of Small Businesses Would Be Put Out of Business By A Cyber Attack

Apr 25, 2024 By Stu Sjouwerman In KnowBe4

According to the U.S. Chamber of Commerce, the pressure is mounting on small and medium businesses (SMBs), as they must get their cyber preparedness correct or the next cyber attacks could prove disastrous.

Read Post

KnowBe4

Read more about New Report Finds That 27% of Small Businesses Would Be Put Out of Business By A Cyber Attack

Four Iranian Hackers Charged With Cyberattacks On American Firms

Apr 25, 2024 By Key Dutch In ImmuniWeb

Read also: Samourai Wallet founders charged with money laundering, German police shut down a DDoS-for-hire service, and more.

Read Post

ImmuniWeb

Read more about Four Iranian Hackers Charged With Cyberattacks On American Firms

Architecting Cyber Resilience: Building Your Breach and Attack Simulation Program

Apr 25, 2024 By SafeBreach In SafeBreach

In recent years, breach and attack simulation (BAS) has gained significant traction among enterprises, emerging as a crucial component in fortifying proactive security by automating the ongoing testing of threat vectors. It empowers organizations to verify potential threats, enhance security controls, identify vulnerabilities in critical assets, and prioritize remediation efforts to bolster cyber resilience.

Read Post

SafeBreach

Read more about Architecting Cyber Resilience: Building Your Breach and Attack Simulation Program

AI-driven cyber attacks to be the norm within a year, say security leaders

Apr 24, 2024 By Netacea In Netacea

New research from Netacea reveals 93% of security leaders expect to face daily AI-driven attacks by the end of this year. Ransomware and phishing attacks are expected to be enhanced by offensive AI, but bots remain an underestimated threat. All respondents are benefiting from AI in their security stack, but adoption of bot management is lagging behind.

Read Post

Netacea

Read more about AI-driven cyber attacks to be the norm within a year, say security leaders

Combating phishing attacks with passwordless FIDO2 authentication

Apr 24, 2024 By ADSelfService Plus In ManageEngine

Attackers predominantly use phishing attacks to steal and misuse user identities. A global Statista study on employee-reported malicious emails revealed that in the first quarter of 2023, 58.2% of malicious emails were credential theft attacks, 40.5% were impersonation attacks, and 1.3% were malware deliveries. Phishing attacks create a sense of urgency and panic in users, who, as a result, easily fall victim to them.

Read Post

ManageEngine

Read more about Combating phishing attacks with passwordless FIDO2 authentication

Top 10 Best Practices for Attack Surface Reduction

Apr 24, 2024 By Vinugayathri Chinnasamy In Indusface

Vulnerabilities are everywhere and often exploited. For example, in 2023, over 29,000 critical and high vulnerabilities were discovered across approximately 1,400 applications. The dynamic and evolving attack surfaces make it harder to protect against these threats. When the attack surface gets bigger, so does the risk of cyber attacks. This blog delves into what an attack surface is and recommends best practices in attack surface reduction.

Read Post