A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network. This is one of the most advanced initial access attacks I’ve seen. Security analysts at GuidePoint Security have published details on a new attack that tricks users into providing the attacker with credentialed access.

According to CIS, just in the first half of 2024, malware-based threats rose by 30% from 2023. A similar 30% year-over-year increase was also found in cyber attacks in 2024 in a report by Check Point Research. With such alarming statistics, it is evident that the need for threat monitoring has become more critical than ever before. In this blog post, we'll explore what threat monitoring entails, why it's essential, and how you can implement best practices to safeguard your business.

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset questions with real answers! It’s not Jeopardy! You don’t have to answer the questions correctly. In fact, you’re putting yourself at increased risk if you do. Instead, give a false question to any required password reset answer.

International law enforcement agencies have scored another victory against the LockBit gang, with a series of arrests and the seizure of servers used within the notorious ransomware group's infrastructure. As Europol has detailed in a press release, international authorities have continued to work on "Operation Cronos", and now arrested four people, seized servers, and implemented sanctions against an affiliate of the ransomware group.

This story starts when Sébastien Lorber, maintainer of Docusaurus, the React-based open-source documentation project, notices a Pull Request change to the package manifest. Here’s the change proposed to the popular cliui npm package: Specifically, drawing our attention to the npm dependencies change that use an unfamiliar syntax: Most developers would expect to see a semver version range in the value of a package or perhaps a Git or file-based URL.

Saudi Arabia's Personal Data Protection Law (PDPL), enacted in 2021, marks a significant step in regulating the processing of personal data in the Kingdom. The PDPL aims to protect individuals' privacy by setting out clear rules on how personal data can be collected, processed, stored, and shared. As more businesses undergo digital transformations, the PDPL holds companies accountable for safeguarding data and ensuring transparency in their handling of personal information.

A ransomware attack is underway. The threat actor has gained initial access to an endpoint and executed malicious code on it. As far as the threat actor is concerned, things are going well. However, the next stage is critical to a ransomware attack’s success. Without the ability to spread throughout the entire environment, encrypting or locking up all systems, threat actors are unlikely to be able to extort payment from an organization.