Cyberattacks
Cyberattacks | News, how-tos, features, reviews, and videos
MoonBounce UEFI implant used by spy group brings firmware security into spotlight
The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.
Attackers use public cloud providers to spread RATs
Cisco discovers malware campaign using Azure and AWS to spread Nanocore, Netwire and AsyncRATs.
Biden memo aims to bolster cybersecurity in national security systems
A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.
BadUSB explained: How rogue USBs threaten your organization
The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks.
Russia-linked cyberattacks on Ukraine: A timeline
Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.
Russian cyberattacks on Ukraine raise IT security concerns
The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.
Three recent events prove the need for an insider risk playbook
Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.
The emotional stages of a data breach: How to deal with panic, anger, and guilt
Intense situations require both the security experts and stakeholders to be calm and focused, but that is easier said than done. This advice can help.
Cybercrime group Elephant Beetle lurks inside networks for months
Elephant Beetle specializes in stealing money from financial and commerce firms over an extended period of time while remaining undetected.
CISA sees no significant harm from Log4j flaws but worries about future attacks
The U.S. cybersecurity agency can't rule out that adversaries are using Log4j to gain persistent access to launch attacks later.
The Apache Log4j vulnerabilities: A timeline
The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded.
Exploit chains explained: How and why attackers target multiple vulnerabilities
Here is what you need to know about exploit chain risks, use cases, and mitigation.
Lessons learned from 2021 network security events
Rather than predict what 2022 will bring, let's manage the future by implementing the lessons learned from this year's biggest security threats.
How ransomware negotiations work
Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.
Supply chain attacks show why you should be wary of third-party providers
The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.
How to detect Log4Shell exposure and exploitation
Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help.
What is Magecart? How this hacker group steals payment card data
Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.
Google disrupts major malware distribution network Glupteba
The botnet take-down is believed to be temporary as the criminal group has a backup command-and-control mechanism based on Bitcoin blockchain.
-
White Paper
-
Video/Webcast
Sponsored -
White Paper
-
White Paper
-
White Paper
Most Popular
BrandPosts
Learn more-
Sponsored by ExtraHop
-
Sponsored by Netscout
-
Sponsored by OneNeck IT Solutions