One in two sites on AppTrana WAAP have faced a DDoS attack in the last 90 days. Most of those attacks were thwarted using a combination of machine learning on user behaviour and granular rate limits at URI, IP, and Geo levels. For SOC teams who don’t have an advanced behavioural DDoS mitigation tool like AppTrana at their disposal, this blog covers basic mitigation measures that can thwart the most simple and medium-severity DDoS attacks.

Clark County School District in Nevada, the fifth-largest school district in the United States, recently experienced a massive data breach. Threat actors gained access to the school district’s email servers, which exposed the sensitive data of over 200,000 students. The district is now facing a class-action lawsuit from parents, alleging it failed to protect sensitive personal information and take steps to prevent the cybersecurity attack.

Today’s adversaries increasingly use compromised credentials to breach target environments, move laterally and cause damage. When attackers are logging in — not breaking in — legacy endpoint security offers little help in detecting and stopping breaches. Exacerbating the problem is an expanding attack surface, largely due to the growth of remote work and evolving supply chains.

In the current cyber threat landscape, where online security is paramount, the threat of session cookie replay attacks looms large. These attacks sidestep the conventional need for credentials and aim to hijack your online sessions, potentially compromising sensitive data and taking over user accounts. This blog post delves into the intricacies of session cookie replay attacks, shedding light on what they are, how they work, and the potential consequences they can unleash.

The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control. It’s usually bad when we compare one month or quarter to another and see an increase. But when it’s a single month compared to more than half a year, you know it’s REALLY bad. And that’s what we find in security vendor ReliaQuest’s latest blog covering how Quishing is being used.

In a supply chain attack, hackers aim to breach a target's defenses by exploiting vulnerabilities in third-party companies. These attacks typically follow one of two paths. The first involves targeting a service provider or contractor, often a smaller entity with less robust security. The second path targets software developers, embedding malicious code into their products. This code, masquerading as a legitimate update, may later infiltrate the IT systems of customers.

Businesses today leverage technology in almost all aspects of their operations because it enhances efficiency. However, this reliance on digital tools exposes them to cyber threats like an eavesdropping attack. Research says more than 37% of smartphones worldwide have become eavesdropping targets. That's a lot of mobile devices belonging to employees of many companies. So, understanding what an eavesdropping attack is and how to prevent it can save your organization from potential problems.

Rubrik has been assisting our customers with recovery from cyber attacks since 2018. We immediately took notice of these attacks, and early on, began developing processes and procedures to respond more effectively to better assist our customers. Our spirit of continuous improvement and execution of lessons learned from the field has led to a number of improvements to both our products and processes.

The data about the rise of phishing attacks against businesses in the United Kingdom is in, and it’s bleak: UK phishing reports indicate that 79 percent of organizations in the UK were targeted by phishing attacks in the past year. Meanwhile, phishing is the initial attack vector in 36 percent of all data breaches globally, according to Verizon’s 2023 Data Breach Investigations Report. And 80,000 new phishing sites appear every month, according to Cyberint research.