cybercrime
Employee cybersecurity awareness takes center stage in defense strategies
As cyberattacks intensify, more and more organizations recognize the need to have a strong security culture for all employees, according to Fortinet. Employee cybersecurity …
Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element
Verizon Business today released the results of its 16th annual Data Breach Investigations Report (2023 DBIR), which analyzed 16,312 security incidents and 5,199 breaches. …
MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims
The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been …
How fraudsters undermine text passcodes
Malicious bots are taking new forms – a burst of spam and scam text messages led to 18,000+ consumer complaints at the FCC last year. One of the newest scams – artificial …
How defense contractors can move from cybersecurity to cyber resilience
As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat actors target the US more than any …
Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing …
Fighting ransomware: Perspectives from cybersecurity professionals
Ransomware has become an ever-present threat to individuals, businesses, and even entire nations. In this Help Net Security round-up, we present parts of previously recorded …
Phishing campaigns thrive as evasive tactics outsmart conventional detection
A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and …
Organizations spend 100 hours battling post-delivery email threats
Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, …
Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low …
New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …
Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege