While perhaps new to AI researchers, supply chain attacks are nothing new to the world of cybersecurity. For those in the know, it has been best practice to verify the source and authenticity of downloads, package repositories, and containers. But human nature usually wins. As developers, our desire to move quickly to improve ease of use for users and customers can cause us to delay efforts to validate the software supply chain until we are forced to by our peers in compliance or security organizations.

As part of their campaign against the West, SiegedSec announced of their successful attack on NATO and leaking some valuable documents. The leak, as the group stated, included hundreds of sensitive documents from NATO’s COI portal, which were meant exclusively for NATO countries and partners. SiegedSec claims that their motive behind the attack is NATO’s alleged infringement on human rights.

In 2017, Joseph O'Connor was charged with the crime of using his computer to hack into the Twitter accounts of multiple celebrities. Using a phishing attack, he was able to gain access to sensitive information and post messages without the celebrity's permission. This included posts that contained links to malicious software and webpages containing viruses. He also used his access to send malicious messages in the names of celebrities, as well as posting defamatory content about them.

Clickjacking, also known as a clickjacking attack or a clickjack, is a cyberattack in which hidden links trick users into completing an unintended action which results in the exposure of sensitive information and hacking. Keep reading to understand more about clickjacking and how it works.

The digital landscape has become an integral part of our daily lives. However, with the convenience and connectivity offered by digital platforms comes an increased risk of cyber threats. One such threat that’s gained prominence in recent years is SIM swapping attacks. SIM swapping attacks involve a threat actor fraudulently gaining control over an individual’s mobile phone number. This ultimately allows the attacker to hijack their digital identity.

In the current geopolitical climate, the energy sector, which powers our modern society - from homes and businesses to critical infrastructure and national defense systems, finds itself under the growing threat of cyberattacks.

Salt has just released a new resource for business and security leaders – “Understanding API Attacks: Why Are They Different and How Can You Stop Them.” Salt undertook writing this eBook as part of our ongoing commitment to educate the market about API security issues and trends. In this new eBook, we take a close look at how API attacks differ from traditional attacks, and the measures organizations can take to protect against them.

On paper, applications are created to be useful tools that solve specific business needs. Think of an application that tracks all ongoing projects for a product manager, an automation that triggers emails to prospective customers when they fill out a marketing form, or a flow that sends aggregated payment information to a finance manager. While all these applications are fairly straightforward, and seemingly used for singular cases, they are anything but.

Microsoft's security team has recently made a significant discovery regarding an increase in cyber-attacks orchestrated by the Russian state-backed group known as the Midnight Blizzard crew. This group, which also operates under the aliases Nobelium, APT29, Cozy Bear, Iron Hemlock, and The Dukes, has been actively targeting personal credentials, according to Microsoft's findings. The Midnight Blizzard hackers employ residential proxy services to conceal the source IP addresses of their attacks.