Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

gavel / abstract binary lines  >  court judgment / fine / penalty / settlement
8 data protection gdpr

malware attack

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.

cloud security / data protection / encryption / security transition

Attackers use public cloud providers to spread RATs

Cisco discovers malware campaign using Azure and AWS to spread Nanocore, Netwire and AsyncRATs.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden memo aims to bolster cybersecurity in national security systems

A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.

Malicious USB dongle / memory stick / thumb drive with skull icon

BadUSB explained: How rogue USBs threaten your organization

The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks.

Cyber warfare  >  Russian missile launcher / Russian flag / binary code

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.

Russian hammer and sickle / binary code

Russian cyberattacks on Ukraine raise IT security concerns

The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.

woman holding playbook guide book guide binary by undefined undefined getty images

Three recent events prove the need for an insider risk playbook

Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.

A stressed businessman with head in hand sits at a desk and computer in an office workspace.

The emotional stages of a data breach: How to deal with panic, anger, and guilt

Intense situations require both the security experts and stakeholders to be calm and focused, but that is easier said than done. This advice can help.

An anonymous hooded figure is surrounded by an abstract network of avatars.

Cybercrime group Elephant Beetle lurks inside networks for months

Elephant Beetle specializes in stealing money from financial and commerce firms over an extended period of time while remaining undetected.

Cybersecurity  >  abstract network of circuits data and lock

CISA sees no significant harm from Log4j flaws but worries about future attacks

The U.S. cybersecurity agency can't rule out that adversaries are using Log4j to gain persistent access to launch attacks later.

Scanning for vulnerabilities.

The Apache Log4j vulnerabilities: A timeline

The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded.

keys on a keychain / key ring / password management / binary code overlay

Exploit chains explained: How and why attackers target multiple vulnerabilities

Here is what you need to know about exploit chain risks, use cases, and mitigation.

network security / network traffic scanning

Lessons learned from 2021 network security events

Rather than predict what 2022 will bring, let's manage the future by implementing the lessons learned from this year's biggest security threats.

locked data / bitcoins

How ransomware negotiations work

Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.

human weak link cybersecurity primary

Supply chain attacks show why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

A laptop user with magnifying lens examines binary data.

How to detect Log4Shell exposure and exploitation

Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help.

online shopping cart magecart hackers shopping online

What is Magecart? How this hacker group steals payment card data

Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.

CSO  >  Botnet  >  Robots amid a blue binary matrix

Google disrupts major malware distribution network Glupteba

The botnet take-down is believed to be temporary as the criminal group has a backup command-and-control mechanism based on Bitcoin blockchain.

Load More