Our friends at BlackBerry recently released an in-depth blog post on a campaign by threat actors targeting online payment businesses that discusses what happens from initial compromise to the skimmer scripts themselves. You can read their blog here. This blog is focused on what we found across the AT&T Cybersecurity customer base as we looked for the indicators of compromise (IOCs) identified in the BlackBerry blog and on the quick-follow up analysis we performed and provided to our customers.

In an era where technology advances at breakneck speed, the corporate world finds itself facing an evolving and insidious threat: deepfakes. These synthetic media creations, powered by artificial intelligence (AI) algorithms, can convincingly manipulate audio, video, and even text - posing significant risks to businesses, their reputation, and their security. To safeguard against this emerging menace, a forensic approach is essential.

Scott Scheppers, chief experience officer for AT&T Cybersecurity, weighs on how his team is addressing the cybersecurity talent shortage. This is part one of a two-part blog.

“History repeatedly has demonstrated that inferior forces can win when leaders are armed with accurate intelligence.” – Central Intelligence Agency; Intelligence in War In the ever-changing landscape of global cybersecurity, the boundaries between traditional military intelligence and cybersecurity are increasingly blurred. At the heart of this convergence lies the science of intelligence analysis—a process fundamental to both realms.

In the field of Digital Forensics and Incident Response (DFIR), acquiring a forensic copy of a suspect's storage device is a critical first step. This process involves either disk imaging or disk cloning, each with its own distinct purposes and methodologies. In this blog, we'll delve into the differences between disk imaging and disk cloning, when to use each method, and provide step-by-step guidance on how to create a forensic disk image using FTK Imager.

As Cybersecurity Awareness Month winds down and you prepare for Halloween festivities like trick-or-treating and pumpkin carving, don't forget to protect against real-world monsters: artificial intelligence-driven cyber threats. Here are a few steps that may help ward off such threats like garlic protects against Dracula: Taking precautionary steps against them may keep the real monsters at bay!

The healthcare industry is progressing towards a more mature cybersecurity posture. However, given it remains a popular attack target, more attention is needed. Results from The Cost of a Data Breach Report 2023 reported that healthcare has had the highest industry cost of breach for 13 consecutive years, to the tune of $10.93M. In 2022, the top 35 global security breaches exposed 1.2 billion records, and 34% of those attacks hit the public sector and healthcare organizations.

In today’s rapidly evolving digital landscape, containerized microservices have become the lifeblood of application development and deployment. Resembling miniature virtual machines, these entities enable efficient code execution in any environment, be it an on-premises server, a public cloud, or even a laptop. This paradigm eliminates the criteria of platform compatibility and library dependency from the DevOps equation.

In this blog, lets focus on the intersection of psychology and technology, where cybercriminals manipulate human psychology through digital means to achieve their objectives. Our world has become more interconnected over time, and this has given rise to an entirely new breed of criminal masterminds: digital criminals with deep psychological insights who use technology as the ultimate battlefield for social engineering activities.

As we mark another Cybersecurity Awareness Month, it's essential to recognize that this is more than a calendar event; it's a wake-up call for proactive vigilance in the digital age. In an environment rife with technological threats, the cornerstone of robust cybersecurity isn't just advanced systems and firewalls—it's informed and empowered individuals. There are three most important insights organizations can learn before implementing any cybersecurity awareness-raising campaign.