Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets may be at risk and thereby more efficiently and effectively address identified risks.

During a penetration test, it's not an uncommon practice for a penetration tester to launch a password attack against Active Directory. Many times this password attack uses a list of domain user accounts that were enumerated or even just a list of potential domain user accounts that were generated randomly. Many penetration testers will either perform just a single password attack or at least 2-3 attempts, depending on domain's password lockout policy is set to.

A whaling attack is a type of phishing attack that targets high-level executives, such as the CEO or CFO, to steal sensitive information from a company. This could include financial information or employees' personal information. The reason whaling attacks target high-ranking employees is because they hold power in companies and often have complete access to sensitive data.

Cybersecurity threats are evolving and the IT industry is on high alert. Modern cyber threats are more sophisticated and fast such as malware, phishing, cryptojacking, and IoT threats. The major cyber-attacks in 2019 witnessed that cybersecurity defenses were inefficient to prevent cyber threats altogether. The situation will even prevail in 2020. However, mitigation strategies can help to minimize the chances of data breaches.

Over the past couple of years, cyber-attacks have been increasing both in frequency and sophistication. 2019 also witnessed a surge in cyber-attacks and many companies were suffering a huge financial and reputational loss. According to CISCO, DNS hijacking and targeted malware were the serious cyber threats of 2019, along with various others. Cyber pests were using various tools to capture data and evade detection, from Remote Access Trojans (RATs) to hide threats in encrypted traffic.

Real time cyber attack maps offer us an insight on the attacks going on around the globe. They sure are eye candies, but do they have any use? Read our article to learn more. Although their extent, kind and intent changes, one thing about cyber attacks remain the same: They never stop. At any given moment, there are hundreds of cyber attacks happening.

Data destruction is an aggressive attack technique observed in several nation-state campaigns. This technique under MITRE ATT&CK 1485, describes actions of adversaries that may “..destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources. Data destruction is likely to render stored data irrecoverable by forensic techniques through overwriting files or data on local and remote drives”.

2019 has become another record-breaking year in eCommerce. This unprecedented growth has a dark side - since an overwhelming 71% of security incidents are financially motivated, digital retailers are becoming even more attractive targets for cyber attacks and fraud. As we near 2020, digital retailers will have to work hard to protect their digital assets. Here are a few factors that will make this task harder than ever.

CyrusOne, a major provider of enterprise data center services, is reported to have suffered a ransomware attack. The Dallas-headquartered company, which operates more than 30 data centers across the United States, China, London, and Singapore, is reported by ZDnet to have had some of its systems infected by the REvil (Sodinokibi) ransomware.

Summary The Great Cannon is a distributed denial of service tool (“DDoS”) that operates by injecting malicious Javascript into pages served from behind the Great Firewall. These scripts, potentially served to millions of users across the internet, hijack the users’ connections to make multiple requests against the targeted site. These requests consume all the resources of the targeted site, making it unavailable.