A widespread ransomware attack has brought thousands of car dealerships across the United States to a halt. The incident, attributed to the BlackSuit ransomware gang, targeted CDK Global, a software provider essential to the operations of numerous car dealerships. This breach underscores the critical need for robust cybersecurity measures such as stolen credentials detection, darknet monitoring services, and digital footprint analysis.

No, you don’t have to change your password every 90 days. This idea of regularly changing your password is known as password rotation. The main benefit of changing your passwords so often is to prevent unauthorized users from accessing private information. For personal accounts, changing your passwords every 90 days can actually end up being worse than keeping them the same.

Zimperium's Global Mobile Threat Report found that unique mobile malware samples grew by 51% in 2022. According to Anne Neuberger, the US Deputy National Security Advisor for Cyber and Emerging Technologies, the annual average cost of cybercrime will reach over $23 trillion in 2027. The threat landscape and the cost of ignoring security are increasing. It is no longer advisable to just be reactive but proactive in maintaining the security of mobile devices.

ONNX Store targets the financial industry, Boolka delivers the BMANAGER trojan via SQLi attacks, and SneakyChef deploys SpiceRAT and SugarGh0st.

Following the kick-off of the UEFA EUROs 2024 in Germany, Egress’ Threat Intelligence team has observed a massive spike in Euros-related phishing attacks, recording 7,000 unique campaigns with over 24,000 individual attacks since June 17th, 2024. These attacks are more sophisticated than you might expect, with many attackers choosing to impersonate businesses associated with the tournament rather than impersonating UEFA directly.

In Part 1, the existing global regulations around IoT were introduced. In this part, the challenge of complying with these rules is examined.

For years, we as security practitioners were promised that AI and machine learning would change our lives for the better, but time and time again, the companies that touted this technology disappointed us. In the first decade or so of AI-branded security tools, we saw plenty of products that demoed well, but were completely undeployable.

To help preserve a safe Internet for content creators, we’ve just launched a brand new “easy button” to block all AI bots. It’s available for all customers, including those on our free tier.

For over a decade, a massive vulnerability that could have unleashed a huge supply chain attack lay dormant. Luckily the good guys found it first or so it seems. This month we are taking a look at CVE-2024-38368.

As the NIS2 Directive reshapes the cybersecurity landscape across Europe, a key focus for organisations is understanding and managing their critical suppliers. The directive mandates heightened scrutiny and tighter controls around these essential entities, underscoring their importance in your overall cybersecurity strategy. But the pivotal question remains: How do you determine who qualifies as a 'critical supplier'?