What do ambulances in the UK, the Norwegian government, and a major Russian bank have in common? They were all victims of successful supply chain attacks in July 2023. Could you be next? It’s more likely than you think. Organizations entrust more sensitive data to vendors and third parties (like government agencies and critical infrastructure operators) than ever as part of their software development and operations.

If you still rely on legacy antivirus software to stop modern cyberattacks, this post is for you. Today’s adversaries are relentless. While many threat actors have adopted newer techniques such as data extortion, identity-based threats and in-memory attacks to achieve their goals, some continue to rely on tried-and-proven threats — and legacy software is no match for either.

The financially motivated Desorden (Disorder in Spanish) group, previously known as “chaoscc”, was first observed going by the new name Desorden in 2021 while acting against multiple Asian-based organizations in various sectors. The group mainly targets high-revenue enterprises and supply chains to amass as much profit as possible by extracting sensitive organizational data and demanding a ransom for it.

If you want to visualize how data flows across your connected applications, you can think back to that childhood game of Chutes and Ladders (also called Snakes and Ladders). As a kid, the board felt like a confusing grid that had the weirdest, seemingly arbitrary connections between blocks. In your modern digital environment, your Application Programming Interfaces (APIs) fulfill the same role that the ladders and chutes/snakes fulfilled, connecting disparate blocks across a larger whole.

Web cache poisoning is a cyber attack that wreaks havoc on unsuspecting websites. It exploits vulnerabilities by caching mechanisms that web servers, proxies, and content delivery networks (CDNs) use, compromising data integrity. Malicious actors can use cache poisoning to deliver malicious payloads, tamper with sensitive information, or redirect users to fraudulent websites. In this article, we’ll comprehensively explore web cache poisoning attacks and how they work.

The Attack Surface is Growing, and fast. What once was considered the attack surface is no longer. Instead organizations are faced with a sprawling attack surface, including not just domains, IPs and sub-domains, but also third parties, brand risks and more. Businesses in the finance sector face two additional challenges: This blog focuses on banks, FinTech companies and insurance providers, as they are among the largest types of entities in the financial sector.

Earlier this year, analysts in the AT&T Cybersecurity Managed Threat Detection and Response (MTDR) security operations center (SOC) were alerted to a potential ransomware attack on a large municipal customer. The attack, which was subsequently found to have been carried out by members of the Royal ransomware group, affected several departments and temporarily disrupted critical communications and IT systems.

There was some good news on the cybersecurity front in August, starting with a joint effort by U.S. and European authorities that broke up a far-reaching network of compromised computers used in attacks on healthcare organizations around the world. The takedown also netted more than $8 million in illicit cryptocurrency from Russian-affiliated hacking groups.