Cyber Attacks

Cyber Attacks | News, how-tos, features, reviews, and videos

jet aircraft is maneuvering for landing 149957988
budget piggy bank spending savings security spending

Maersk container ship / shipping containers / abstract data

Rebuilding after NotPetya: How Maersk moved forward

In the wake of NotPetya attacks, Maersk’s IT and security teams embraced transparency, greater collaboration with business, and a risk-based approach.

CSO slideshow - Insider Security Breaches - Flag of China, binary code

Chinese cyberespionage group PKPLUG uses custom and off-the-shelf tools

A previously unknown group or collective associated with China is targeting victims in Asia, possibly for geopolitical gain.

cybersecurity eye with binary face recognition abstract eye

Cyber-risk management is about to get easier

New continuous automated penetration and attack testing (CAPAT) tools will help CISOs better see where they are vulnerable and prioritize remediation actions.

online shopping cart magecart hackers shopping online

Magecart web skimming group targets public hotspots and mobile users

IBM researchers discover new Magecart scripts suggest planned advertisement injection through Wi-Fi and supply chain attacks.

Impersonation / disguise / fraud / false identity / identity theft

Rich PII enables sophisticated impersonation attacks

Hackers are now using rich personally identifying information, including device types and browser versions, cookies and web histories, and even voice recordings to gain account access or commit fraud.

Botnet Trouble / Botnet army

Secrets of latest Smominru botnet variant revealed in new attack

Researchers gained access to a Smominru command-and-control server to get details on compromised devices and scope of the attack.

DDOS attack

Misconfigured WS-Discovery in devices enable massive DDoS amplification

Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible.

computer crime scene / hacked / infected / cybercrime / cyberattack

Why you need a cybersecurity incident response specialist

If your cyber insurance provider gives you the number of an incident response specialist, call them now. It will save time when an attack occurs.

Capital One  >  hack

Capital One hack shows difficulty of defending against irrational cybercriminals

The motivation of the malicious actor who stole data of more than 100 million people was driven by emotional distress and did not follow traditional hacker patterns.

Smishing, an SMS phishing attack / Vishing, a voice phishing attack by phone

Smishing and vishing: How these cyber attacks work and how to prevent them

Smishing and vishing are types of phishing attacks that try to lure victims via SMS message and voice calls. Both rely on the same emotional appeals employed in traditional phishing scams and are designed to drive you into urgent...

compromised data / security breach / vulnerability

New Spectre-like CPU vulnerability bypasses existing defenses

The SWAPGS vulnerability can allow attackers to access contents of kernel memory addresses. Microsoft and Intel have coordinated on a mitigation.

team of hackers / organized attack / group of threat actors

Time – and the lack thereof

For cybersecurity, it is pivotal for the next decade to be able to operate with a decreasing time window to act.

cloud migration shipping company outsourcing global consolidation

Modernized maritime industry transports cyberthreats to sea

Attackers are equally capable of wreaking havoc whether their target is based on land or sea. Considering that more than 70 percent of the earth is covered by water, and an expanding attack surface for the vessels journeying across...

CSO  >  ransomware / security threat

To pay or not pay a hacker’s ransomware demand? It comes down to cyber hygiene

A recent call for city leaders to stop paying ransomware demands underscores the need for municipalities to step up their cyber practices and have a good backup process in place.

Telecom tower

Telcos around the world hit by long-term intelligence gathering cyberattack

Operation Soft Cell saw telcos around the world lose over 100GB of call record data, but it could have been much worse. Attackers could have shut down cell networks if they wanted.

rambleed ram memory card hardware hack breach binary by 13threephotography getty

OpenSSH to protect keys in memory against side-channel attacks

The new OpenSSH patch makes it harder to execute attacks such as Spectre, Meltdown, Rowhammer and Rambleed.

red light / warning / caution / alert / sign of threat or danger

Emerging security threats at the half-year mark

We’ve hit the halfway mark of 2019, and I’m sure that we have all noticed some interesting happenings in the cybersecurity world. I’d like to highlight a few that I’ve found interesting, but also disturbing – and I am sure that there...

collage of US government icons

Will the US ever get serious about security and privacy?

We have the ability to drastically reduce cybercrime. So why are we still failing?

Load More