Cyberattacks

The Evolution of Security and Identity is Key to Successful Digital Transformation

Oct 4, 2023 By Stephen Smithers In Xalient

The Evolution of Security and Identity is Key to Successful Digital Transformation. Not a day goes by when we don’t hear about yet another data breach or sophisticated compromise. As a result, there cannot be a C-Suite executive that is unaware of the cyber threats their organisation faces, either through guidance from their security teams or the constant media reporting of ransomware or data theft as a result of successful cyber-attacks.

Read Post

Xalient

Read more about The Evolution of Security and Identity is Key to Successful Digital Transformation

What Is a Watering Hole Attack?

Oct 2, 2023 By Tim Tran In Keeper

A watering hole attack is a type of cyberattack in which a threat actor targets an organization by hacking a website often visited by an employee in order to infect the employee’s device with malware. Once the device of one employee is infected, the threat actor targets other members of the organization and steals their confidential information.

Read Post

Keeper

Read more about What Is a Watering Hole Attack?

Why Every Company Should Include Threat Intelligence in Their Cybersecurity Strategy

Sep 29, 2023 By Chris Jacob, Global VP of Threat Intelligence Engineering In ThreatQuotient

In the fast-evolving digital landscape, the prevalence of cyber threats has become a stark reality for businesses and individuals. While essential, conventional cybersecurity measures are often reactive and inadequate against sophisticated attacks. This is where Cyber Threat Intelligence (CTI) emerges as a proactive and complementary approach to cybersecurity. Utilising CTI helps organisations to protect their systems from potential hazards. It provides a way to cut through the noise and focus on threats relevant to that specific company and industry.

Read Post

ThreatQuotient

Read more about Why Every Company Should Include Threat Intelligence in Their Cybersecurity Strategy

Protecting Your Software Supply Chain: Understanding Typosquatting and Dependency Confusion Attacks

Sep 29, 2023 By Guest Expert In GitGuardian

Typosquatting and dependency confusion are two common tactics used by hackers to exploit open-source package repositories. Understand how these attacks work and discover preventive measures to secure your infrastructure.

Read Post

GitGuardian

Read more about Protecting Your Software Supply Chain: Understanding Typosquatting and Dependency Confusion Attacks

Scattered Spiders and Black Cats: MGM and Caesars Hacked?

Sep 28, 2023 By Cato Networks In Cato Networks

In this week's episode, Bill and Robin dive deep into the techniques and tricks used by the masterminds behind the recent attacks on MGM and the Caesars Entertainment group, Scattered Spider and ALPHV. Why was MGMs business down for 10 days? Why did Caesars pay an alleged $15M ransom? What is BlackCat? How can this have been prevented, and how would this map to something like the MITRE ATT&CK framework?

View Video

Cato Networks

Read more about Scattered Spiders and Black Cats: MGM and Caesars Hacked?

CTI Roundup: FBI and CISA Issue a Joint Advisory for Snatch RaaS

Sep 27, 2023 By Tanium In Tanium

Threat actors repurpose old code in fake vulnerability PoC, the FBI and CISA issue a joint advisory for Snatch RaaS, and threat actors deploy new SprySOCKS Linux malware in cyberespionage attacks.

Read Post

Tanium

Read more about CTI Roundup: FBI and CISA Issue a Joint Advisory for Snatch RaaS

Amazon (AWS) S3 Bucket Take Over

Sep 27, 2023 By Medz Barao In Trustwave

Let’s try something a bit different and take a look at some of Trustwave SpiderLabs’ Open Source Intelligence (OSINT) research findings, and exploitation of vulnerable buckets and domains. I published this research internally on February 3, 2023, and here are my findings. Today, I will share with you how deleted S3 buckets could become a liability or threat to your organization and highlight the importance of cybersecurity in data and asset management.

Read Post

Trustwave

Read more about Amazon (AWS) S3 Bucket Take Over

Live DDoS Attack Simulation on Websites & APIs

Sep 26, 2023 By Indusface In Indusface

DDoS attacks have increased by 75% in Q2 when compared to Q1, 2023 as per Indusface research – State of Application Security. Launching a 1-hour DDoS attack costs only a couple of bucks on the dark web. So, how does one fortify defenses to ensure app and API availability in case of an attack? In this live attack simulation, Karthik Krishnamoorthy (CTO - Indusface) demonstrates a wide variety of attacks and mitigation measures.

View Video

Indusface

Read more about Live DDoS Attack Simulation on Websites & APIs

Fortifying your wireless network: A comprehensive guide to defend against wireless attacks

Sep 26, 2023 By Kushalveer Singh Bachchas In AT&T Cybersecurity

In our increasingly interconnected world, wireless networks have become the lifeblood of modern communication and productivity. However, this convenience comes with a price – the heightened risk of wireless attacks. In this in-depth blog, we will delve into the technical intricacies of safeguarding your network against wireless threats. Armed with this knowledge, you can confidently defend your wireless infrastructure against potential attackers.

Read Post