%term

What Healthcare Leaders Face After a Cyberattack

Mar 12, 2026 By Rubrik In Rubrik

In this episode of Building Cyber Resilience: A Healthcare Leader’s Guide, host Josh Howell speaks with Errol Weiss, Chief Security Officer at Health-ISAC. Drawing on decades of experience across government, finance, and healthcare, Errol walks through what leaders actually face in the hours and weeks following a cyberattack. The conversation explores why healthcare remains a top ransomware target, how uncertainty shapes recovery decisions, and why trusted, anonymous information sharing has become one of the sector’s strongest defenses.

View Video

Rubrik

Read more about What Healthcare Leaders Face After a Cyberattack

FBI: Phishing Attacks Are Impersonating City and County Officials

Mar 12, 2026 By KnowBe4 Team In KnowBe4

The US Federal Bureau of Investigation (FBI) has issued an advisory warning of a phishing campaign that’s impersonating city and county officials to send phony requests for permit fees. “Individuals and businesses with active applications for land-use permits are being targeted by criminals impersonating city and county planning and zoning board officials, fraudulently requesting fees associated with these permits,” the FBI says.

Read Post

KnowBe4

Read more about FBI: Phishing Attacks Are Impersonating City and County Officials

Ransomware Attacks Surge by 50% Even as Payments Drop

Mar 11, 2026 By KnowBe4 Team In KnowBe4

The number of ransomware attacks increased by 50% in 2025, even though the number of victims who decided to pay the ransom fell to an all-time low, according to a new report from Chainalysis. The size of the ransom for victims who did pay increased significantly, growing 368% year-over-year to nearly $60,000. The total ransom payments observed by Chainalysis last year amounted to $820 million.

Read Post

KnowBe4

Read more about Ransomware Attacks Surge by 50% Even as Payments Drop

AppsFlyer's JavaScript SDK Has Been Compromised

Mar 11, 2026 By Feroot In Feroot

AppsFlyer’s JavaScript SDK has been compromised in an active supply chain attack. Websites loading the script are serving malicious code to their users without any changes to their own codebase.

Read Post

Feroot

Read more about AppsFlyer's JavaScript SDK Has Been Compromised

How to Detect Account Takeover Attempts in the First 5 Minutes

Mar 9, 2026 By Ezra M. In Memcyco

Most ATO detection tools are watching the wrong moment. Attackers don’t start at your login page – they start days earlier, registering lookalike domains, cloning your site, and harvesting credentials before your stack sees a single signal. Knowing how to detect account takeover means moving detection upstream: to the reconnaissance stage, the cloning event, and the live harvesting window. That’s where the attack is stoppable.

Read Post

Memcyco

Read more about How to Detect Account Takeover Attempts in the First 5 Minutes

How to Prevent and Defend Against Spoofing Attacks

Mar 5, 2026 By SafeAeon Inc. In SafeAeon

In this age of computers and the internet, cyber risks like spoofing attacks are becoming more sophisticated and more harmful. Spoofing is when cybercriminals pretend to be legitimate entities, like companies, people, or websites, to trick people into giving up private information or doing malicious activities. Spoofing has significant effects, ranging from financial losses to reputational damage. According to Proofpoint’s research, over 90% of phishing attacks occur through email spoofing alone.

Read Post

SafeAeon

Read more about How to Prevent and Defend Against Spoofing Attacks

How Does Endpoint Deception Detect Attacks Before Damage Happens?

Mar 5, 2026 By Fidelis Security In Fidelis Security

Let’s be honest. EDR has improved endpoint security dramatically over the last few years. It catches malware, blocks suspicious processes, and alerts on abnormal behavior. But no tool is perfect. Every detection model has blind spots. Attackers know this. They test environments. They move carefully. They use living-off-the-land techniques, stolen credentials, and legitimate tools. Sometimes, they move in ways that don’t immediately trigger alarms.

Read Post

Fidelis Security

Read more about How Does Endpoint Deception Detect Attacks Before Damage Happens?

Detecting Living-off-the-Land Attacks in OT Networks

Mar 5, 2026 By Fidelis Security In Fidelis Security

The most dangerous attacker inside your OT network right now may not have brought a single piece of malware with them. They’re using your own tools. Your own administrative credentials. Your own scheduled tasks and remote management utilities to execute malicious commands, move laterally, and quietly pre-position for a future disruption. This is living-off-the-land (LOTL), the dominant attack technique in critical infrastructure targeting today.

Read Post

Fidelis Security

Read more about Detecting Living-off-the-Land Attacks in OT Networks

How LAPSUS$ Bypassed MFA and How to Prevent Similar Identity Attacks

Mar 4, 2026 By Julian Agudelo In Memcyco

LAPSUS$-linked breaches did not break multi-factor authentication (MFA) cryptographically. Attackers obtained valid authentication outcomes through techniques commonly described as MFA fatigue attacks or MFA bypass attacks, including push-prompt abuse, SIM swapping, social engineering, and session token replay. Understanding how these attacks succeed helps explain where modern identity defenses must evolve.

Read Post