Amid potential concerns by governments, customers, and prospects about ties with the Russian government, the cybersecurity vendor Group-IB continues in its promise to separate itself from Russia. You can understand how an organization may look at a Russia-based company these days; it’s not the fault of the Russian company, but of the negative posture many feel towards the Russian government.

New data focused on the first half of the year shows some anomalies. Phishing attacks are slowing down… that is, until you dive into the details. I can’t remember the last time I posted a headline stating that phishing numbers were down; that’s because we haven’t seen this trend occur in a number of years. But new data from Vade Secure’s H1 2023 Phishing and Malware Report shows an interesting outlier that skews a high-level view of the data.

Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that hackers and malware successfully attack devices and networks. No other initial root cause comes close (unpatched software and firmware are a distant second, being involved in about 33% of attacks). A particular type of social engineering is responsible for more successful compromises than any other type of attack: spear phishing.

With the rise of hybrid work, data leakage has become a significant issue. Employees are now working from a variety of locations, including their homes, coffee shops, and even public libraries. This makes it more difficult to keep track of data moving between managed endpoints and your organization's SaaS applications or private apps. Shadow IT, the use of unauthorized or unapproved software and services by employees has always been a challenge for IT departments.

It’s late Friday evening and Tom (your average everyday employee) has worked diligently to meet project deadlines and follow up with customers before his much-anticipated weeklong vacation. Exhausted from burning the midnight oil and juggling multiple tasks, he’s eager to wrap up his work and enjoy a well-deserved break. As Tom completes his last remaining task, he is greeted with one final email before signing off for the week.

The healthcare sector has been under constant threat from cybercriminals due to the sensitive nature of patient data and the valuable information held by healthcare providers. This blog analyzes the ransomware landscape for the healthcare sector for the years 2022-2023. This report uses data compiled for the recently released Trustwave SpiderLabs research: Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape report.

The Barbie movie has captivated audiences worldwide, breaking box-office records and generating massive excitement and enthusiasm among fans. However, as with any major news sensation, threat actors are quick to exploit the fervor surrounding the movie for their malicious gain. The Barbie movie, given its immense popularity, has become an ideal bait for cybercriminals seeking to exploit the frenzy around it.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Certificates are vital to secure communications and reassurance that all is well. Well, not unless you mess it up…

As screen recorders are becoming more popular, concern is growing about potential problems associated with them. First and foremost, people want to ensure their software is secure and not in danger of being hacked. Unfortunately, it is often the case that as software grows in popularity, so too does the potential for hacking. The hacking business has become a well-known and common theme in pop culture. You can now turn on the TV or go online and find a range of cybersecurity TV shows.

Read also: Alphapo hacked for over $60M in crypto, the UK to tighten rules on illegal online ads, and more.

Windows 10, which is still the most widely deployed operating system on desktops, has announced end of support for October 14, 2025. The current version, 22H2, will be the last version of Windows 10, which means that Microsoft will stop providing support and security updates for that particular version and any vulnerabilities discovered after the EOL (End of Life) date will not be fixed by Microsoft, leaving your operating system, and that of your customers, exposed to security risks.

MITRE ATT&CK® is a globally accessible knowledge base of 14 adversary tactics and over 500 techniques based on real-world observations. The first model was proposed in 2013 and publicly released in 2015 which has been gathering momentum over the last couple of years.