%term

How Graylog Helps You Spot LockBit-Style Attacks Sooner

Oct 6, 2025 By Jeff Darrington In Graylog

The DFIR Report recently detailed a LockBit attack with ransomware intrusion that succeeded without advanced exploits or zero-day vulnerabilities. The attack relied on a stolen AnyDesk installer, credential reuse, and renamed PowerShell scripts that blended into routine activity. These moves were not sophisticated, but they were fast and effective. The end result: complete domain encryption.

Read Post

Graylog

Read more about How Graylog Helps You Spot LockBit-Style Attacks Sooner

Manufacturing: Executives Voice Cyberattack Readiness Concerns

Oct 6, 2025 By Doug Olenick In LevelBlue

Manufacturing executives recently surveyed by LevelBlue expressed a deep concern that emerging attack methods, such as deepfakes and AI-powered attacks, will be almost as likely as more traditional attacks like ransomware. We derived the information from a research-based survey conducted in January 2025, which included 220 C-suite and senior manufacturing executives.

Read Post

LevelBlue

Read more about Manufacturing: Executives Voice Cyberattack Readiness Concerns

API Attack Awareness: Injection Attacks in APIs - Old Threat, New Surface

Oct 3, 2025 By Wallarm In Wallarm

Injection attacks are among the oldest tricks in the attacker playbook. And yet they persist. The problem is that the core weakness, trusting user inputs too much, keeps resurfacing in new forms. As organizations have shifted to API-driven architectures and integrated AI systems that consume unstructured input, the attack surface has expanded dramatically.

Read Post

Wallarm

Read more about API Attack Awareness: Injection Attacks in APIs - Old Threat, New Surface

How SOC Teams Operationalize Real-Time Defense Against Credential Replay Attacks

Oct 3, 2025 By Riley MacCausland In Memcyco

Credential replay remains one of the most efficient ways attackers turn stolen usernames, passwords, or tokens into real account access. Verizon’s 2024 DBIR shows that over 40% of breaches involve stolen credentials, underscoring the durability of this tactic. Even strong authentication is not immune. Techniques like pass-the-cookie and adversary-in-the-middle phishing allow attackers to replay tokens and sidestep MFA.

Read Post

Memcyco

Read more about How SOC Teams Operationalize Real-Time Defense Against Credential Replay Attacks

Report: Deepfake Attacks Have Targeted Nearly Two-Thirds of Organizations

Oct 3, 2025 By KnowBe4 Team In KnowBe4

A survey by Gartner found that 62% of organizations have been hit by a deepfake attack in the past twelve months, Infosecurity Magazine reports. Akif Khan, senior director at Gartner Research, told Infosecurity Magazine that deepfakes are currently being used in social engineering attacks to impersonate executives and trick employees into transferring money. “That’s trickier because social engineering is a perpetually reliable thing for attackers to use,” Khan said.

Read Post

KnowBe4

Read more about Report: Deepfake Attacks Have Targeted Nearly Two-Thirds of Organizations

API Attack Awareness: Broken Object Level Authorization (BOLA) - Why It Tops the OWASP API Top 10

Oct 1, 2025 By Wallarm In Wallarm

For this Cybersecurity Awareness Month, we thought it important to draw attention to some of the most common and dangerous API vulnerabilities. This week, we’re starting with Broken Object Level Authorization (BOLA). BOLA vulnerabilities top the OWASP API Top Ten. And for good reason: they’re startlingly prevalent, remarkably easy to exploit, and can have devastating consequences. So, let’s explore what they are, why they matter, and how you can mitigate them.

Read Post

Wallarm

Read more about API Attack Awareness: Broken Object Level Authorization (BOLA) - Why It Tops the OWASP API Top 10

When Electricity Meets Cyber: How Electric Firms Must Harden Their Systems

Oct 1, 2025 By SecuritySenses In SecuritySenses

The electric sector is undergoing a digital revolution. From smart meters to automated substations, electricity providers now rely heavily on software, connected devices, and real-time data analytics. While this transformation drives efficiency, sustainability, and innovation, it also exposes power grids and electrical systems to cyber risks. As cyberattacks on critical infrastructure become more frequent, firms must not only harden their systems but also strengthen their workforce to meet this evolving challenge.

Read Post

SecuritySenses

Read more about When Electricity Meets Cyber: How Electric Firms Must Harden Their Systems

SpiderLabs Ransomware Tracker Update September 2025: Qilin, Akira Top Ransomware Attackers

Sep 30, 2025 By Trustwave In Trustwave

The threat groups Qilin and Akira together conducted about one-quarter of the 402 ransomware attacks tracked by Trustwave SpiderLabs in September, with the manufacturing and technology sectors receiving the brunt of these efforts. This information was derived from a new SpiderLabs ransomware tracking tool that gathers information from a variety of open intelligence sources and our own proprietary research.

Read Post

Trustwave

Read more about SpiderLabs Ransomware Tracker Update September 2025: Qilin, Akira Top Ransomware Attackers

7 Man-in-the-Middle (MitM) Attacks to Look Out For

Sep 30, 2025 By The Apono Team In Apono

Today’s man-in-the-middle (MitM) attacks go far beyond coffee-shop Wi-Fi: they target browsers, APIs, device enrollments, and DNS infrastructure. Using automated proxykits and supply-chain flaws, attackers hijack session cookies, tokens, and device credentials—turning one interception into persistent, high-value access. Concerningly, these are not edge cases.

Read Post

Apono

Read more about 7 Man-in-the-Middle (MitM) Attacks to Look Out For

When Attackers Weaponize AI Webinar - The Energy Grid Attack Path

Sep 30, 2025 By Nucleus Security In Nucleus

As AI use grows, so does its dependency on the energy grid remaining up and running. This makes the energy grid a more likely target for future attacks.

View Video