The MITRE ATT&CKⓇ framework holds immense value in the realm of cybersecurity. With its comprehensive and structured approach, it serves as a powerful tool for understanding and countering complex, multi-vector cyber threats.
Ransomware and cyberattacks are on the rise, and that’s a deeply concerning thought for technology leaders. Considering what a breach could cost, and how long it would take to rectify, it’s no wonder risk mitigation and response is at the forefront of every CTO’s mind. Ransomware is a type of malicious software that blocks access to a computer system or encrypts files until a ransom is paid. It’s often spread through phishing emails or infected websites.
An abnormally massive focus on business email compromise attacks in Europe has fueled an equally large growth in overall email attacks there, with the U.S. also seeing significant attack growth. We’ve seen a lot of recent reports looking back at 2022 to help provide insight into what to continue to expect this year. But new data from security analysts at Abnormal Security takes us well into June of this year, highlighting the problem of email-based attacks.
Deception technology is a cybersecurity strategy that utilizes decoys to gather information about current threats and attack methodologies used by cybercriminals. The premise of this approach is to offer some sort of bait in your network, such as a fake database that looks like a legitimate one, that attackers will find too enticing to pass up.
Read also: Poly Network hacked for the second time in two years, a massive phone scam disrupted and more.
To obtain a better perspective of attacks worldwide, Trustwave has implemented a network of honeypots located in multiple countries across the globe. By distributing honeypots in such a manner, we can gather a reliable set of information on the methods and techniques used by attackers and their botnets. In our pursuit to explore the current threat landscape, we established a honeypot sensors network across six countries: Russia, Ukraine, Poland, UK, China, and the United States.
The largest port in Japan, Nagoya, is now the most recent victim of a ransomware attack. The attack impacts the operation of container terminals, as the port handles over two million containers each year. This port is also used by the Toyota Motor Corporation, one of the world’s largest automakers, to export most of its cars.
Credential harvesting is a technique that hackers use to gain unauthorized access to legitimate credentials using a variety of strategies, tactics, and techniques such as phishing and DNS poisoning. Phishing is the most frequent type of cyber threat and can lead to more harmful attacks such as ransomware and credential harvesting. According to recent research, phishing assaults targeted credential harvesting in 71.5% of cases in 2020.
The entire cybersecurity realm is buzzing over zero-day vulnerabilities and SQL injection attacks owing to the MOVEit Transfer MFT breach. In case you missed it, here’s the back story, timeline of events, and latest updates. On May 31, 2023, Progress Software rolled out security patches for the recently discovered SQL injection vulnerability in their file sharing application, MOVEit Transfer.
