Cyberattacks

DDoS threat report for 2023 Q1

Apr 11, 2023 By Omer Yoachimik In Cloudflare

Welcome to the first DDoS threat report of 2023. DDoS attacks, or distributed denial-of-service attacks, are a type of cyber attack that aim to overwhelm Internet services such as websites with more traffic than they can handle, in order to disrupt them and make them unavailable to legitimate users. In this report, we cover the latest insights and trends about the DDoS attack landscape as we observed across our global network.

Read Post

Cloudflare

Read more about DDoS threat report for 2023 Q1

The Credential Stuffing Guide: How To See & Stop Credential Stuffing Attacks

Apr 7, 2023 By Kayly Lange In Splunk

What do cybercriminals do with the information they obtain during a data breach? Most of the time, it results in credential stuffing. Credential stuffing is a cyberattack where criminals systematically use stolen data to test usernames and passwords across multiple online platforms. Bad actors gain access to these accounts for financial gain, identity theft and other malicious purposes.

Read Post

Splunk

Read more about The Credential Stuffing Guide: How To See & Stop Credential Stuffing Attacks

Recent Cyber Attacks - 2023

Apr 7, 2023 By Nivedita James In Astra

The prediction is that $8 trillion will be lost to cyber crimes by the end of 2023, which is almost a third of the USA’s GDP in 2022 and twice as much as India’s predicted GDP in March 2023. The global loss to cybercrime is will grow more than 15% year by year to reach $10.5 trillion by 2025.

Read Post

Astra

Read more about Recent Cyber Attacks - 2023

What is a Cross-Site Request Forgery (CSRF) Attack?

Apr 7, 2023 By Greg Brown In IDStrong

Successful hackers have the ability to find a specific vulnerability and turn it into millions of dollars if the account is large enough. Good hackers keep it simple by using the browser as a means to attack unwitting users. Cross-site request forgery, commonly called CSRF, is an innovative attack method in which hackers use header and form data to exploit the trust a website has in a user’s browser.

Read Post

IDStrong

Read more about What is a Cross-Site Request Forgery (CSRF) Attack?

What Is a DMA Attack? Understanding and Mitigating the Threat

Apr 6, 2023 By Kroll In Kroll

You have probably wondered what would happen if your company laptop got lost or stolen. Would someone be able to extract sensitive data from your laptop even if the device is encrypted or locked? There are several ways to compromise a laptop with physical access, and one of them is through a direct memory access (DMA) attack.

Read Post

Kroll

Read more about What Is a DMA Attack? Understanding and Mitigating the Threat

Protecting Nonprofits From Cyber Attacks

Apr 6, 2023 By CISO Global In CISO Global

CISO Global's SOC Director Jess Dinsmore gives his perspective on protecting non-profits from cyber attacks.

View Video

CISO Global

Read more about Protecting Nonprofits From Cyber Attacks

How to Detect and Mitigate the 3CXDesktopApp Supply Chain Attack

Apr 5, 2023 By Shivram Amirtha and Forescout Vedere Labs In Forescout

On March 29, researchers from two security companies identified an active campaign originating from a modified version of a legitimate, signed application: 3CXDesktopApp, a popular voice and video conferencing software. 3CXDesktopApp is developed by 3CX, a business communications software company. According to its website, 3CX has 600,000 client organizations and 12 million daily users.

Read Post

Forescout

Read more about How to Detect and Mitigate the 3CXDesktopApp Supply Chain Attack

SQL INJECTION ATTACK

Apr 5, 2023 By VISTA InfoSec In VISTA InfoSec

An SQL Injection vulnerability may affect any website or web application that uses an SQL database such as MySQL, Oracle, SQL Server, or others. SQL may be used to gain unauthorized access to sensitive data: customer information, personal data, trade secrets, intellectual property, and more. SQL Injection is one of the oldest, most prevalent, and most dangerous web application vulnerability. The OWASP organization (Open Web Application Security Project) lists injections in their OWASP Top 10 document as the number one threat to web application security.

View Video

VISTA InfoSec

Read more about SQL INJECTION ATTACK

The New Frontiers of Cybersecurity - Exponential Increase in Complexity

Apr 5, 2023 By Itzik Kotler In SafeBreach

The New Frontiers of Cybersecurity is a three-part thought-leadership series investigating the big-picture problems within the cybersecurity industry. In the first post, we explored the reasons malicious actors have been able to enhance their ability to execute and profit from attacks. In the second post, we discussed how the massive increase in endpoints and systems online has dramatically increased the attack surface.

Read Post

SafeBreach

Read more about The New Frontiers of Cybersecurity - Exponential Increase in Complexity

NCB Management Services Hit By a Cyber Attack Exposing Data for 500,000 Consumers

Apr 4, 2023 By Steven In IDStrong

NCB Management Services is a debt-buying company that acquires debt from other businesses and attempts to collect that debt. The organization works with many major companies, such as Bank of America, and it suffered from a serious data breach recently. Since NCB works with so many major companies, customers of those companies can be put at risk of data loss when their data is lost.

Read Post