Legacy infrastructures and unmanaged devices top security risks in the healthcare industry
The proliferation of healthcare IoT devices, along with unpartitioned networks, insufficient access controls and the reliance on legacy systems, has exposed a vulnerable …
Attackers are weaponizing more vulnerabilities than ever before
2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of …
The correlation between DDoS attacks and cryptomining
There is a direct correlation between cryptocurrency and DDoS attacks. As the price of cryptocurrency dropped in 2018, leading to decreased profits from cryptomining, hackers …
Who are the biggest targets of credential stuffing attacks?
Media organizations, gaming companies, and the entertainment industry are among the biggest targets of credential stuffing attacks, in which malicious actors tap automated …
Finance knocks business and professional services off top spot in four most attacked industries
Finance is the most attacked sector in EMEA, accounting for 30% of all attacks – compared to 17% globally, according to NTT Security. It knocks business and professional …
Only 12% of enterprises are consistently able to detect insider threats
73 percent of IT professionals believe that insider attacks have become more frequent in the past year. Additionally, 59 percent said that their organizations experienced at …
Attackers fighting back against security teams while also targeting supply chains
According to the world’s leading IR professionals, increasingly sophisticated attacks involving instances of “island hopping,” counter incident response (IR), and lateral …
As fraud attacks grow more sophisticated, a need for contextual detection strategies increases
Fraudsters are using a complex array of tools to build armies of fake accounts, 74% of all fraudulent accounts are created from desktops, and cloud service provider IP ranges …
Zero-day Chrome/Windows combo actively exploited in the wild
We now know why a number of Googlers made a point to urge users to implement the latest Chrome update as soon as possible: the vulnerability (CVE-2019-5786) is definitely …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
New privacy-breaking attacks against phones on 4G and 5G cellular networks
Three new attacks can be used to track the location and intercept calls of phone users connected to 4G and 5G cellular networks, researchers from Purdue University and The …
Featured news
Resources
Don't miss
- Autonomous AI-driven worm can reason its way through corporate networks
- Only 11% of production agents pass the AI agent security bar
- A small Slovenian team handles 6,000 cyber incidents a year
- Agent Threat Rules: Open detection rule format for AI agent security threats
- Google fixes actively exploited Android vulnerability (CVE-2025-48595)