The attack surface is inevitably going to grow. That’s why we believe it’s crucial for customers to not only know what assets they are exposing online but knowing to what extent assets are exposed. Users can now toggle the view of their attack surface by active and inactive assets. When toggled on, users will see all active assets present on their attack surface in the last 14 calendar days making it easier to discern what may no longer be on the attack surface.

This blog is the latest in a series dedicated to Zhadnost, a Russia-aligned botnet first discovered by SecurityScorecard in March.

Recent research studies demonstrate that software supply chain attacks are on the upswing—by almost 300% in 2021 alone. To avoid attacks related to open-source libraries and JavaScript, businesses need to understand the tactics, techniques, and procedures (TTPs) associated with JavaScript supply chain attacks.

Read also: Coca-Cola investigates a possible hack, the US offers a $10 million reward for info on Sandworm hackers, and more.

The advance of the 21st century brought with it a significant shift in the work scene. Every industry and field relies heavily on computers and the digital world to function seamlessly. However, with it came the ever-mounting fear of cyber attack. Among the many forms of cyber attack is a watering hole attack, also known as a supply chain attack. In a watering hole attack, attackers mainly try to compromise a user by infecting the user’s computer and gaining access to the network.

Cryptocurrency mining (or crypto mining) can be a lucrative yet resource-intensive operation, so cyber threat actors are targeting more organizations in order to take advantage of their cloud resources for mining. Datadog Cloud SIEM can now help you monitor your cloud-based systems for unwanted crypto mining via a built-in detection rule. All you need to get started is to configure your resource logs with Datadog’s @network.client.ip standard attribute.

Attack Surface Assessment tools enable information security teams to look at their organizations “outside-in” from the attacker’s point of view, prioritizing the issues that attackers will see first.

Handling our system memory safely and protecting it from harmful programs and other programs that are prone to executable code run from a data page on different memory locations and specific data section is a challenging task. The essential Windows programs and services have been a big step forward in easing that task.

Read also: the US blames North Korea’s Lazarus Group for the $620M Axie Infinity hack, Beanstalk Farm suffers $182 million financial losses due to a cyber-attack, and more.

Today’s threat landscape is evolving rapidly. Attackers are constantly adjusting their tactics and finding new ways to infiltrate organizations with increasingly sophisticated attacks to steal valuable data. As such, businesses and IT professionals must remain up to date on the industry’s latest threat intelligence in order to better understand the current state of this cybersecurity landscape and know their enemies to shore up defenses.

As mentioned in SecurityScorecard’s (SSC) previous Zhadnost blog posts (part one and part two), the DDoS attacks against Ukrainian and Finnish websites do not appear to have a lasting impact, as the sites were back online within hours of the attack.

Telecommunication is the first, and most robust network ever invented. This may seem like a brazen and bold statement, but when examined closely, it is not the stuff of fantasy. Prior to the invention and development of the internet, what other way could a person pick up a device, and “dial” a few numbers and end up seamlessly connected to someone across the vast expanse of a countryside?

We've recently been inundated with news of increased cyberattacks and a general increase in cyber threats online. Hackers - both bad and good, government related or private groups - have their hands full every day as never before and compounding the situation is the Russia-Ukraine (UA) war which has sparked a cyber storm. This made us just more curious about Internet attacks on the UA telecom infrastructure.

A democratized approach to cybersecurity risk management that leverages continuous monitoring and public-private partnerships is overdue, and critical, for today’s cyber threat environment.

One of the key tools at the center of social engineering attacks against organizations is phishing. According to the Anti-Phishing Working Group’s latest report, the number of unique phishing websites detected in December 2021 was 316,747, where they have detected between 68,000 and 94,000 attacks per month in early 2020, meaning that phishing attacks have more than tripled from 2020 to 2021.

SecurityScorecard (SSC) has identified a DDoS attack which targeted the websites of the Finnish Ministry of Foreign Affairs and Ministry of Defense. SSC discovered more than 350 bots, mainly located in Bangladesh and African countries, which are now considered to be part of the Zhadnost botnet, previously discovered by SSC in March.

Last month’s revelation that Okta had been hacked created a seismic impact in the world of security, with organizations still bracing themselves for the fallout from this incident. While resources, like Microsoft’s article on Lapsus$ (tracked as DEV-0537), have broadly dissected the attack vectors used in the group’s attacks, we wanted to expand on the broader trends and context surrounding the Okta hack.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about how a country and global economy is impacted when a cybercrime happens, how every citizen is victimized, and what governments are doing to mitigate this rising issue.

Web applications across the digital world are teeming with vulnerabilities increasingly equipped to defeat security mechanisms. Among them are injection attacks. We are aware of the many injection vulnerabilities present in a web application, for example, SQL injection, HTML injection, CRLF injection, cross-site scripting and many others. This article will discuss CRLF injection vulnerability in detail for web application security.

It’s almost that time of the year to file taxes in Portugal, so John opens the email he received asking him to submit his taxes. It’s from a bank he trusts, so he follows the instructions in the email and proceeds to download the attached PDF. Little did he know that when he clicked the links in the email body, the Lampion trojan was downloaded from an online server.

While the COVID-19 pandemic brought much of the world to work together to advance medical research and slow the spread of the disease, it may be of little surprise that cyber threat actors took advantage of the pandemic for their own personal gain. While all industries can be affected by a cybersecurity incident, the nature of the health and human services industry’s mission poses unique challenges.

While the C-suite is becoming increasingly aware of the threats bad cyber actors pose, many still harbour an antiquated impression of cybercriminals. We imagine hooded “hackers”, working alone in a basement, and of course, the stock image that accompanies the vast majority of media articles about cyber attacks depicts just this.

Contrary to what the name suggests, rainbow tables are nowhere as picturesque and pose a severe threat to users and businesses using the digital world. This article will attempt to break down the hows and whats of a rainbow table and arm you with knowledge on preventing a rainbow table attack. Primarily used as the base of a password cracking tool, this table helps crack password hash values or crack passwords.