Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

2023 Business Impact Report: Small Businesses and Cyberattacks

We live in a highly digitized world, and small businesses and solopreneurs have become prime targets for cybercriminals. The 2023 Business Impact Report, conducted by the Identity Theft Resource Center (ITRC), sheds light on a concerning trend: a sharp rise in cyberattacks on these smaller entities. This annual report reveals that 73% of small business owners and leaders experienced data breaches or cyberattacks in the past year, a significant increase.

Ransomware Attacks Rise 85% Compared to the Previous Year

With November demonstrating multiple increases when compared to various previous time periods, new data signals that we may be in for a bumpy ride in 2024. It’s nice when we get to see reports that are published relatively quickly to let us get a sense of where cyberattacks are today versus, say, a quarter or two ago (or even last year!). The NCCGroup’s Cyber Threat Intelligence Report was just published and covers ransomware attacks through November of this year.

Top tips: Wishing you a vishing-free holiday season with 3 ways to avoid vishing attacks

Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week we’re looking at three ways you can avoid falling victim to a vishing attack. Huge discounts, massive promotional campaigns, and a cheerful festive spirit—the holiday season is officially in full swing! ‘Tis the season of joy and giving, but it looks like some people may have missed the memo.

TEMU phishing attacks using spyware up 112% in the run up to Christmas

As the most downloaded app in the world right now, the number of TEMU impersonation emails has increased by 112% since October 1st, 2023. As discounts and spending-based reward coupons form a substantial part of TEMU’s awareness campaigns, the company is reportedly spending $2bn annually on marketing. As the brand continues to grow in popularity, cybercriminals are increasingly leveraging it to lend authenticity to their spoofing attempts.

Featured Post

What are the top cybersecurity trends to look out for in 2024?

As 2024 fast approaches, organisations are looking back on the past year to try and gain some insight into what the next 12 months could hold. This past year has been particularly interesting in the world of cyber security, with ransomware and data breaches dominating the headlines, the rise to prominence of AI strengthening cybercrime's arsenal, and the shift of focus to cyber resilience causing businesses to question what comes next for the industry.

Protecting your SDLC from a supply chain attack

Did you know that nine out of 10 companies detected software supply chain risks in the past 12 months? The increase in the number of dependencies in a supply chain has extended the attack surface for adversaries. It has also caused threat actors to shift their focus from the downstream chain affecting just end users to the upstream chain affecting vendors, customers, and end users alike.

The risk behind QR codes, how to protect your business against quishing attacks

Cybercriminals are increasingly using QR codes in their phishing campaigns to trick users and obtain their email account information, credentials, or sensitive data. This tactic to obtain credentials known as quishing, or QR code phishing, was first observed at scale in May of this year, when a group of cybercriminals spoofed Microsoft security alerts asking employees across multiple industries to scan a QR code to update their account security settings.

The Effectiveness of Cybersecurity Awareness Training

A recent article from The Hacker News highlights the challenges and significance of cybersecurity awareness training within organizations. As companies budget for 2024, many are allocating funds for employee security awareness training. However, the effectiveness of such training has come into question, given the behaviors in the workplace including phishing attacks and social engineering.

Unique Malware Used in Cyber Attacks Increases by 70% in Just One Quarter

As more cybercriminal gangs continue to enter the game, the massive increase in unique types of malware means it will become increasingly difficult to identify and stop attacks. Blackberry just put out their Global Threat Intelligence Report in November, covering June through August of this year. According to the report, the number of attacks identified and stopped in the three-month period covered equates to an average of 26 attacks per minute.

SLP Denial of Service Amplification - Attacks are ongoing and rising

The Service Location Protocol (SLP), as defined in the RFCs, is vulnerable to abuse allowing attackers to use it as a powerful reflective denial-of-service amplification vector. Earlier this year, Bitsight and Curesec published a joint research regarding this flaw tracked as CVE-2023-29552, which details the issue as well as its global impact and exposure.