Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Defending Your Organization Against Session Cookie Replay Attacks

In the current cyber threat landscape, where online security is paramount, the threat of session cookie replay attacks looms large. These attacks sidestep the conventional need for credentials and aim to hijack your online sessions, potentially compromising sensitive data and taking over user accounts. This blog post delves into the intricacies of session cookie replay attacks, shedding light on what they are, how they work, and the potential consequences they can unleash.

QR Code Phishing Attacks Surging

The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control. It’s usually bad when we compare one month or quarter to another and see an increase. But when it’s a single month compared to more than half a year, you know it’s REALLY bad. And that’s what we find in security vendor ReliaQuest’s latest blog covering how Quishing is being used.

How prepared is your company for a supply chain attack?

In a supply chain attack, hackers aim to breach a target's defenses by exploiting vulnerabilities in third-party companies. These attacks typically follow one of two paths. The first involves targeting a service provider or contractor, often a smaller entity with less robust security. The second path targets software developers, embedding malicious code into their products. This code, masquerading as a legitimate update, may later infiltrate the IT systems of customers.

9 Tips to Prevent Eavesdropping Attacks in Your Organization

Businesses today leverage technology in almost all aspects of their operations because it enhances efficiency. However, this reliance on digital tools exposes them to cyber threats like an eavesdropping attack. Research says more than 37% of smartphones worldwide have become eavesdropping targets. That's a lot of mobile devices belonging to employees of many companies. So, understanding what an eavesdropping attack is and how to prevent it can save your organization from potential problems.

Cyber Attack Preparedness

Rubrik has been assisting our customers with recovery from cyber attacks since 2018. We immediately took notice of these attacks, and early on, began developing processes and procedures to respond more effectively to better assist our customers. Our spirit of continuous improvement and execution of lessons learned from the field has led to a number of improvements to both our products and processes.

UK Phishing Report: Attacks Are on the Rise

The data about the rise of phishing attacks against businesses in the United Kingdom is in, and it’s bleak: UK phishing reports indicate that 79 percent of organizations in the UK were targeted by phishing attacks in the past year. Meanwhile, phishing is the initial attack vector in 36 percent of all data breaches globally, according to Verizon’s 2023 Data Breach Investigations Report. And 80,000 new phishing sites appear every month, according to Cyberint research.

Container Security with Calico: Detect and Respond to Container Attacks with Network Anomaly Detection

Considering the vast attack surface and flat network architecture, Kubernetes workloads are particularly susceptible to network-based threats. While following best practices like workload access controls, workload-centric IDS/IPS, and WAF can help prevent and block attacks, anomaly detection has become crucial in today’s IT landscape to proactively anticipate security threats.

DDoS attacks have increased by 40% over the last six months

Distributed denial-of-service (DDoS) attacks have been around for a long time. However, the sophistication and scale of these threats has grown in recent years. Cybercriminals are employing amplification techniques that exploit vulnerabilities in misconfigured services or network protocols to increase the traffic they can generate and maximize the impact of their attacks.

New Claims of Attacks Against Israeli SCADA Systems

Since Hamas’s attack on Israel last month, SecurityScorecard’s SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has paid close attention to hacktivist activity provoked by the conflict, with particular focus on the international scope.