Cyberattacks

What are the top cybersecurity trends to look out for in 2024?

Dec 20, 2023 By Johnny Carpenter, General Manager EMEA In 11:11 Systems

As 2024 fast approaches, organisations are looking back on the past year to try and gain some insight into what the next 12 months could hold. This past year has been particularly interesting in the world of cyber security, with ransomware and data breaches dominating the headlines, the rise to prominence of AI strengthening cybercrime's arsenal, and the shift of focus to cyber resilience causing businesses to question what comes next for the industry.

Read Post

11:11 Systems

Read more about What are the top cybersecurity trends to look out for in 2024?

Cyber Crime Surge: Unmasking Employee Collusion and Modular Attack Chains || Razorthorn Security

Dec 20, 2023 By Razorthorn In Razorthorn

In the evolving landscape of cyber threats, a seismic shift has occurred over the last couple of years. Join us in unraveling the intricate web of cyber crime as a service, where operators entice employees into collusion by dangling lucrative financial incentives. This phenomenon has contributed to a staggering rise in organized cyber attacks.

View Video

Razorthorn

Read more about Cyber Crime Surge: Unmasking Employee Collusion and Modular Attack Chains || Razorthorn Security

Protecting your SDLC from a supply chain attack

Dec 19, 2023 By Log360 In ManageEngine

Did you know that nine out of 10 companies detected software supply chain risks in the past 12 months? The increase in the number of dependencies in a supply chain has extended the attack surface for adversaries. It has also caused threat actors to shift their focus from the downstream chain affecting just end users to the upstream chain affecting vendors, customers, and end users alike.

Read Post

ManageEngine

Read more about Protecting your SDLC from a supply chain attack

The risk behind QR codes, how to protect your business against quishing attacks

Dec 19, 2023 By Carlos Arnal In WatchGuard

Cybercriminals are increasingly using QR codes in their phishing campaigns to trick users and obtain their email account information, credentials, or sensitive data. This tactic to obtain credentials known as quishing, or QR code phishing, was first observed at scale in May of this year, when a group of cybercriminals spoofed Microsoft security alerts asking employees across multiple industries to scan a QR code to update their account security settings.

Read Post

WatchGuard

Read more about The risk behind QR codes, how to protect your business against quishing attacks

The Effectiveness of Cybersecurity Awareness Training

Dec 19, 2023 By Scott Gray In 11:11 Systems

A recent article from The Hacker News highlights the challenges and significance of cybersecurity awareness training within organizations. As companies budget for 2024, many are allocating funds for employee security awareness training. However, the effectiveness of such training has come into question, given the behaviors in the workplace including phishing attacks and social engineering.

Read Post

11:11 Systems

Read more about The Effectiveness of Cybersecurity Awareness Training

Unique Malware Used in Cyber Attacks Increases by 70% in Just One Quarter

Dec 18, 2023 By Stu Sjouwerman In KnowBe4

As more cybercriminal gangs continue to enter the game, the massive increase in unique types of malware means it will become increasingly difficult to identify and stop attacks. Blackberry just put out their Global Threat Intelligence Report in November, covering June through August of this year. According to the report, the number of attacks identified and stopped in the three-month period covered equates to an average of 26 attacks per minute.

Read Post

KnowBe4

Read more about Unique Malware Used in Cyber Attacks Increases by 70% in Just One Quarter

SLP Denial of Service Amplification - Attacks are ongoing and rising

Dec 18, 2023 By Pedro Umbelino In BitSight

The Service Location Protocol (SLP), as defined in the RFCs, is vulnerable to abuse allowing attackers to use it as a powerful reflective denial-of-service amplification vector. Earlier this year, Bitsight and Curesec published a joint research regarding this flaw tracked as CVE-2023-29552, which details the issue as well as its global impact and exposure.

Read Post

BitSight

Read more about SLP Denial of Service Amplification - Attacks are ongoing and rising

What Is an Email Account Takeover Attack?

Dec 18, 2023 By Tim Tran In Keeper

An email account takeover is a type of account takeover attack in which a cybercriminal gains unauthorized access to a user’s email account. Cybercriminals can gain access by stealing your email’s login credentials or finding them on the dark web. When a cybercriminal has gained access to your email account, they can lock you out of your account, monitor your activity, access your sensitive information, take over other accounts and impersonate you.

Read Post

Keeper

Read more about What Is an Email Account Takeover Attack?

Detect & Recover From VM Encryption Attacks With Rubrik

Dec 18, 2023 By Rubrik In Rubrik

Did you know that last year, 73% of encryption attacks occurred at the hypervisor layer, rather than the filesystem? In this video, Technical Marketing Architect Kev Johnson shows how Rubrik Security Cloud can detect and recover your workloads from just such an attack.

View Video

Rubrik

Read more about Detect & Recover From VM Encryption Attacks With Rubrik

N-Day Hijack: Analyzing the lifespan of package hijacking attacks

Dec 14, 2023 By Yair Mizrahi In JFrog

Software package hijacking has become a prominent concern for individuals, businesses, and the cybersecurity community at large. We’ve seen this new threat trend rise over the past couple of years, with the potential to severely impact the software supply chain by attackers exploiting software packages to execute malicious code. This blog post details a case study conducted by our security research team, in an effort to trace the typical time before a package hijack is detected.

Read Post