%term

How To Prevent Man-in-the-Middle Attacks

May 30, 2025 By Keeper Security In Keeper

Man-in-the-Middle (MITM) attacks are a type of cyber attack in which cybercriminals intercept data sent between two businesses or individuals. It’s a major threat to both individuals and businesses. Watch this video to learn how you can protect yourself from Man-in-the-Middle attacks.

View Video

Keeper

Read more about How To Prevent Man-in-the-Middle Attacks

Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

May 29, 2025 By SquareX

Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal credentials and gain unauthorized access to enterprise SaaS apps. BitM attacks work by using a remote browser to trick victims into interacting with an attacker-controlled browser via a pop-up window in the victim's browser.

Read Post

Read more about Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

Why APIs Are the #1 Target for Modern Cyber Attacks

May 29, 2025 By Wallarm In Wallarm

Forget zero-days. Attackers now focus on API logic flaws like BOLA and IDOR to steal data using legitimate requests.

View Video

Wallarm

Read more about Why APIs Are the #1 Target for Modern Cyber Attacks

Preventing Supply Chain Cyberattacks: Lessons from the Marks & Spencer Breach

May 29, 2025 By Trustwave In Trustwave

As more details of the April ransomware attack on UK retailer Marks and Spencer are made public, we are directly witnessing the cascading repercussions that organizations face when victimized by a well-thought-out and properly executed attack. In the specific case of M&S, the UK retailer is dealing with a supply chain attack, as M&S CEO Stewart Machin confirmed in a published report.

Read Post

Trustwave

Read more about Preventing Supply Chain Cyberattacks: Lessons from the Marks & Spencer Breach

Make Your Business More Resilient with Proven Continuity Strategies

May 29, 2025 By SecuritySenses In SecuritySenses

Possessing a resilient business allows for easy maneuvering around competitors during cyberattacks or supply-chain ordeal. In modern business, agility is paramount. New technologies and shifting markets have the potential to rapidly catalyze change. Still, external factors such as cyber attacks and natural disasters can disrupt the flow of even the most nimble businesses.

Read Post

SecuritySenses

Read more about Make Your Business More Resilient with Proven Continuity Strategies

How To Mitigate the Risk of Ransomware Attacks

May 28, 2025 By Keeper Security In Keeper

Ransomware attacks can damage businesses by locking them out of sensitive data. Watch this short video to learn 10 best practices to mitigate ransomware attacks in your organization.

View Video

Keeper

Read more about How To Mitigate the Risk of Ransomware Attacks

CTI Roundup: Hazy Hawk, Remcos RAT, and npm Phishing

May 28, 2025 By Tanium In Tanium

Hazy Hawk uses DNS records to target domains, a new malware campaign delivers fileless Remcos RAT, and threat actors combine AES encryption and malicious npm packages in a novel phishing attack.

Read Post

Tanium

Read more about CTI Roundup: Hazy Hawk, Remcos RAT, and npm Phishing

Catching Up on Cloud Attack Paths with Cloud Threat Specialist Sebastian Walla

May 28, 2025 By CrowdStrike In CrowdStrike

Today’s adversaries are increasingly operating in the cloud — and Sebastian Walla, Deputy Manager of Emerging Threats at CrowdStrike, is watching them. In this episode, he joins Adam and Cristian to dive into the latest cloud attack techniques and the adversaries behind them.

View Video

CrowdStrike

Read more about Catching Up on Cloud Attack Paths with Cloud Threat Specialist Sebastian Walla

Layer 7 DDoS Attack Methods

May 27, 2025 By A10 Networks In A10 Networks

A10 Networks' security experts Jamison Utter and Carlo Alpuerto delve into comprehensive DDoS protection. In this segment, Carlo Alpuerto explains how attackers exploit Layer 7 DDoS methods, such as slow POST attacks and other slow-rate techniques (potentially referring to "slow patches" or similar application-layer attacks), to disrupt services. Whether you're a security professional, network administrator, or business leader concerned about cyber resilience, this expert conversation provides actionable insights to strengthen your organization's DDoS protection posture.

View Video

A10 Networks

Read more about Layer 7 DDoS Attack Methods

Why Codefinger represents a new stage in the evolution of ransomware

May 27, 2025 By Justin Giardina, Chief Technology Officer In 11:11 Systems

Forget typical ransomware! Codefinger hijacked cloud keys directly, exposing backup flaws and shared responsibility risks. Time to rethink defence. If you didn't pay much attention to news of the recent Codefinger ransomware attack, it's possibly because ransomware has become so prevalent that major incidents no longer feel notable. But Codefinger is not just another ransomware breach to add to the list of incidents where businesses lost sensitive data to attackers. In key respects, Codefinger represents a substantially new type of ransomware attack.

Read Post