Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

Security system alert, warning of a cyberattack.

How to prepare for the next SolarWinds-like threat

It is possible to minimize the risk from nation-state attacks like SolarWinds. This is the best advice based on what experts have learned so far.

HTTP prefix sympolizing a web address / URL/ domain being manipulated by a hacker.

What is typosquatting? A simple but effective attack technique

Typosquatting is a type of social engineering attack that uses purposely misspelled domains for a variety of malicious purposes.

malicious email with skull and crossbones

14 tips to prevent business email compromise

Criminals fool victims into clicking on malicious links or assisting in financial theft by sending emails that mimic real senders and real companies. Here's how to stop BEC.

Russian hammer and sickle / binary code

SolarWinds attack explained: And why it was so hard to detect

A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.

cyber attack alert / data breach

FireEye breach explained: How worried should you be?

The theft of red team tools, allegedly by Russia's Cozy Bear group, poses only a small threat to other organizations. The real lesson: Anyone can be hacked.

CSO  >  security threats / laptop bombarded by attacks

6 new ways threat actors will attack in 2021

Cyber criminals will leverage improved capabilities and vulnerabilities introduced during the COVID crisis to improve the efficiency of their attacks.

Malware alert  >  United States Capitol Building

TrickBot gets new UEFI attack capability that makes recovery incredibly hard

Researchers discover a new TrickBot module that allows malware to persist even after reformatting or replacing a hard drive.

Computerworld Cheat Sheet  >  Microsoft Excel 2016

Why Excel 4.0 macro exploits are surging

Researchers discover progressively complex and effective XL4 attacks that take advantage of the many organizations that still rely on the old functionality.

swatting swat team raid police by onfokus getty images

What is swatting? Unleashing armed police against your enemies

Swatting is a form of harassment that uses prank calls to send police SWAT teams into victims' homes. Here's what you need to know about this dangerous practice.

supply chain management connections - ERP - Enterprise Resource Planning

China’s exclusion from US 5G market likely to continue with Biden administration

Telecom insiders discuss supply chain security and call for better communication, collaboration, and transparency from the federal government about threats within their industry.

Dark net warning sign against black and yellow warning stripes in the background.

What is the dark web? How to access it and what you'll find

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]

Mercenary APT group CostaRicto hits organizations worldwide

This hacker-for-hire advanced persistent threat group uses its own custom malware and takes great effort to hide its activity.

ransomware

How to protect backups from ransomware

Ransomware is getting smarter, attacking backups to prevent recovery. Prevent this from happening by taking a few simple steps.

Data breach  >  open padlock allowing illicit streaming data collection

Avoiding the snags and snares in data breach reporting: What CISOs need to know

Ambiguities in a growing list of US reporting requirements keep CISOs up at night: Will they be compelled to report every breach even if they can prove the data was untouched? Experts advise on how to avoid trouble.

Security system alert, warning of a cyberattack.

Common pitfalls in attributing cyberattacks

Attack attribution is always difficult as criminal groups often share code and techniques, and nation-state actors excel at deception. Here, security researchers share their techniques and common pitfalls.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.

Elusive hacker-for-hire group Bahamut linked to historical attack campaigns

The Bahamut group targets high-value victims and takes meticulous care with its own operational security.

Law enforcement coordination  >  A team of investigators collaborates. [detectives / FBI agents]

New FBI strategy seeks to disrupt threat actors, help defenders through better coordination

The FBI sharpens its focus on collaboration among US and foreign government agencies and the private sector. It will acting as a central hub to deal with cybersecurity threats.

CSO  >  Botnet  >  Robots amid a blue binary matrix

InterPlanetary Storm cross-platform P2P botnet infects computers and IoT devices

IPStorm's ability to infect Android, macOS and Windows devices as well as those that are Linux-based makes it much more dangerous.

forensics threat hunter cyber security thumbprint

Tips to prep for digital forensics on Windows networks

Know what data you need to collect and how you will collect it before a security incident occurs on your Windows network.

Phishing attack   >   A fish hook hover above binary code with a caution triangle.

9 top anti-phishing tools and services

Some of these solutions will help find and stop phishing emails before they can cause damage, while others will find phishers fraudulently using your business's brand.

Load More