Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

binary cyberattack cybersecurity hacked protected
vulnerable breach cyberattack hacker

broken binary code matrix / breached / failed / hacked

Twitch breach highlights dangers of choosing ease of access over security

Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario.

vulnerable breach cyberattack hacker

October is high season for cyberattacks, Infosec Institute study shows

A study by Infosec Institute indicates that there has been an exponential increase in cyberattacks globally in the last five years, and a major part of it happened in the month of October each year as attackers apparently exploit...

Fragmented image of a Boeing 787 airplane represented in encrypted data.

TSA to issue cybersecurity requirements for US rail, aviation sectors

New rules include reporting incidents to CISA and naming cybersecurity leads, but experts and industry representatives cite lack of input.

examining / analyzing / selecting / business data / statistics / analytics

Top cybersecurity statistics, trends, and facts

Survey data from the past year paints a picture for what your threat landscape will potentially look like in the coming months.

trojan horse malware virus binary by v graphix getty

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.

A magnifying lens examines top secret information amid binary code.

How corporate data and secrets leak from GitHub repositories

Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.

Cybersecurity  >  Email security threats, such as phishing

4 steps to protect the C-suite from business email compromise attacks

Preventing top executives from becoming BEC victims requires a different approach. Putting the risk in business terms is key.

Security system alert, warning of a cyberattack.

Why today’s cybersecurity threats are more dangerous

Greater complexity and interdependence among systems gives attackers more opportunity for widespread, global damage, say government and industry experts.

backdoor / abstract security circuits, locks and data blocks

APT29 targets Active Directory Federation Services with stealthy backdoor

The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.

botnet

Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots

The automated bots are highly successful because they effectively emulate legitimate service providers.

cybersecurity ts

MITRE ATT&CK, VERIS frameworks integrate for better incident insights

The MITRE ATT&CK/VERIS collaboration aims to create a common dictionary for communicating information about security incidents.

healthcare data breach / medical patient privacy security violation

Breach reporting required for health apps and devices, FTC says

A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.

red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.

security threats and vulnerabilities

APT actors exploit flaw in ManageEngine single sign-on solution

US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.

A U.S. dollar sign casts a question mark shadow.

7 unexpected ransomware costs

Indirect costs related to a ransomware attack can add up over time. These are the expenses and financial risks that CISOs should be aware of.

danger lurking in mobile binary code

How APTs become long-term lurkers: Tools and techniques of a targeted attack

A new McAfee report details the tools and techniques an APT group used to go undetected on a client network for over a year.

Encrypted blocks of multicolored data cubes rolling out.

Steganography explained and how to protect against it

Steganography is reasonably easy to implement yet difficult to detect, which is why threat actors use it to deliver malware, evade detection, and gain persistence.

access control / authentication / privileges / security / key

NTLM relay attacks explained, and why PetitPotam is the most dangerous

Attackers can intercept legitimate Active Directory authentication requests to gain access to systems. A PetitPotam attack could allow takeover of entire Windows domains.

Load More