Clickjacking, also known as a clickjacking attack or a clickjack, is a cyberattack in which hidden links trick users into completing an unintended action which results in the exposure of sensitive information and hacking. Keep reading to understand more about clickjacking and how it works.

The digital landscape has become an integral part of our daily lives. However, with the convenience and connectivity offered by digital platforms comes an increased risk of cyber threats. One such threat that’s gained prominence in recent years is SIM swapping attacks. SIM swapping attacks involve a threat actor fraudulently gaining control over an individual’s mobile phone number. This ultimately allows the attacker to hijack their digital identity.

Salt has just released a new resource for business and security leaders – “Understanding API Attacks: Why Are They Different and How Can You Stop Them.” Salt undertook writing this eBook as part of our ongoing commitment to educate the market about API security issues and trends. In this new eBook, we take a close look at how API attacks differ from traditional attacks, and the measures organizations can take to protect against them.

On paper, applications are created to be useful tools that solve specific business needs. Think of an application that tracks all ongoing projects for a product manager, an automation that triggers emails to prospective customers when they fill out a marketing form, or a flow that sends aggregated payment information to a finance manager. While all these applications are fairly straightforward, and seemingly used for singular cases, they are anything but.

Microsoft's security team has recently made a significant discovery regarding an increase in cyber-attacks orchestrated by the Russian state-backed group known as the Midnight Blizzard crew. This group, which also operates under the aliases Nobelium, APT29, Cozy Bear, Iron Hemlock, and The Dukes, has been actively targeting personal credentials, according to Microsoft's findings. The Midnight Blizzard hackers employ residential proxy services to conceal the source IP addresses of their attacks.

In the current geopolitical climate, the energy sector, which powers our modern society - from homes and businesses to critical infrastructure and national defense systems, finds itself under the growing threat of cyberattacks.

We often think of advanced persistent threats or APTs as threats primarily targeting governments for cyber espionage, but they could have just as much impact on the private sector. Oftentimes, both the techniques and the tooling used overlap between APTs and financially-motivated cybercriminals, and some APT groups themselves have taken to moonlighting as cybercriminals for profit.

We recently published a blog post detailing how threat actors could leverage AI tools such as ChatGPT to assist in attacks targeting operational technology (OT) and unmanaged devices. In this blog post, we highlight why healthcare organizations should be particularly worried about this.

Welcome to the second DDoS threat report of 2023. DDoS attacks, or distributed denial-of-service attacks, are a type of cyber attack that aims to disrupt websites (and other types of Internet properties) to make them unavailable for legitimate users by overwhelming them with more traffic than they can handle — similar to a driver stuck in a traffic jam on the way to the grocery store.