%term

How SMB Misconfigurations Can Lead to Full Network Takeover: A Red Team Case Study

Jan 31, 2025 By Komodo Research In Komodo Consulting

Server Message Block (SMB) is a ubiquitous protocol used for file sharing, remote access, and resource management across enterprise networks. While critical for business operations, its misconfigurations can expose vulnerabilities to attackers. In this blog post, we’ll dive into a real-world red team operation where a simple yet effective PowerShell-based tool led us from SMB enumeration to full network takeover.

Read Post

Komodo Consulting

Read more about How SMB Misconfigurations Can Lead to Full Network Takeover: A Red Team Case Study

What is a Path Traversal Attack?

Jan 30, 2025 By Indusface In Indusface

A Path Traversal Attack allows attackers to access restricted files on a server by manipulating file paths. Learn how it works and how to prevent it.

View Video

Indusface

Read more about What is a Path Traversal Attack?

The Role of Cybersecurity in Ensuring Business Continuity in 2025

Jan 30, 2025 By SecuritySenses In SecuritySenses

In today's digital age, cybersecurity is no longer just a technical concern; it's a business-critical priority. With cyber threats evolving rapidly, businesses must adopt robust strategies to protect their operations and ensure continuity. From ransomware attacks to insider threats, the risks are multifaceted and require proactive measures. As someone deeply invested in the cybersecurity space, I've seen firsthand how businesses can thrive when they prioritize security.

Read Post

SecuritySenses

Read more about The Role of Cybersecurity in Ensuring Business Continuity in 2025

Operation Phantom Circuit: North Korea's Global Data Exfiltration Campaign

Jan 29, 2025 By SecurityScorecard In SecurityScorecard

In December 2024, a routine software update concealed a global threat. Attackers from the Lazarus Group, based in North Korea, infiltrated trusted development tools, compromising hundreds of victims worldwide. This sophisticated campaign, code-named “Phantom Circuit,” targeted cryptocurrency and technology developers, employing advanced obfuscation techniques through proxy servers in Hasan, Russia.

Read Post

SecurityScorecard

Read more about Operation Phantom Circuit: North Korea's Global Data Exfiltration Campaign

API Supply Chain Attacks - The Sky's the Limit

Jan 28, 2025 By Amit Elbirt In Salt Security

Account takeover of a third-party service provider may put millions of airline users worldwide at risk.

Read Post

Salt Security

Read more about API Supply Chain Attacks - The Sky's the Limit

Nearly Three-Quarters of UK Education Orgs Have Sustained Cyberattacks

Jan 27, 2025 By Stu Sjouwerman In KnowBe4

73% of educational institutions in the UK have sustained at least one cyberattack or breach in the past five years, according to researchers at ESET. Additionally, a fifth of these organizations said they’ve experienced three or more cyberattacks. 43% of the organizations surveyed cited phishing attacks as their top concern.

Read Post

KnowBe4

Read more about Nearly Three-Quarters of UK Education Orgs Have Sustained Cyberattacks

How to Detect and Prevent Corporate Espionage Attacks

Jan 27, 2025 By Teramind In Teramind

14 years in prison and a $200,000 fine. That’s what it cost a Michigan chemist caught stealing trade secrets from Coca-Cola and Eastman Chemical Company. And no, she wasn’t an outsider—she was a trusted Principal Engineer with legitimate access to these technologies worth $120 million in development costs . Every year, companies fall victim and lose billions to corporate espionage attacks, with many attacks going undetected for months or even years.

Read Post

Teramind

Read more about How to Detect and Prevent Corporate Espionage Attacks

What is the Mirai Botnet?

Jan 24, 2025 By Indusface In Indusface

The Mirai Botnet is one of the most famous tools behind some of the largest DDoS attacks in history.

View Video

Indusface

Read more about What is the Mirai Botnet?

84% of Healthcare Organizations Sustained Cyberattacks Last Year

Jan 24, 2025 By Stu Sjouwerman In KnowBe4

A new survey by cybersecurity vendor Netwrix found that 84% of healthcare organizations spotted a cyberattack in the past twelve months, with phishing attacks accounting for 63% of these incidents. “Phishing was the most common type of incident experienced on premises, similar to other industries,” Netwrix says. “Account compromise topped the list for cloud attacks: 74% of healthcare organizations that spotted a cyberattack reported user or admin account compromise.”

Read Post

KnowBe4

Read more about 84% of Healthcare Organizations Sustained Cyberattacks Last Year

How Bot Attacks Damage Brand Reputation

Jan 23, 2025 By Alex McConnell In Netacea

A strong reputation is vital for business success, influencing customer loyalty and spending decisions. When a brand’s reputation is damaged, customers often turn to competitors, which can reduce key metrics like lifetime customer value. Trust is central to a brand’s reputation. Customers expect their personal data to be secure, pricing to be fair, and services to be reliable. However, bot attacks undermine this trust.

Read Post