Cyberattacks

5 Reasons Why Securing your IP Address is Important

Dec 26, 2024 By SecuritySenses In SecuritySenses

Think of your IP address as your home address on the internet-it's how websites know where to deliver information and how your devices connect to the digital world. It's not just a random string of numbers; it's a direct link to you. That might sound harmless at first, but here's the catch: leaving your IP address exposed is like putting up a neon sign outside your house saying, "Come on in!"

Read Post

SecuritySenses

Read more about 5 Reasons Why Securing your IP Address is Important

CTI Roundup: Earth Koshchei, RiseLoader, and a New Ransomware Advisory

Dec 25, 2024 By Tanium In Tanium

Earth Koshchei executes rogue RDP attacks, Zscaler releases technical details about RiseLoader malware, and Corvus issues a ransomware advisory.

Read Post

Tanium

Read more about CTI Roundup: Earth Koshchei, RiseLoader, and a New Ransomware Advisory

Prevent yourself from Phishing Attack: Simple and Best Strategies

Dec 22, 2024 By SecuritySenses In SecuritySenses

Are you concerned about preserving yourself against phishing attacks? Phishing is a common online threat. Many attackers use it to trick people on the Internet. The attackers might trick you into sharing personal details like passwords. Additionally, they can also ask for sensitive information, such as credit card numbers. Phishing attempts usually appear as communications from trusted sources. They are made to take your information, though.

Read Post

SecuritySenses

Read more about Prevent yourself from Phishing Attack: Simple and Best Strategies

Mitigating IoT Denial of Service Attacks: Essential Strategies for Protection

Dec 20, 2024 By Louise José In Device Authority

An IoT denial of service attack overwhelms devices with traffic, making them unresponsive. This article explains these attacks and offers strategies to protect your devices.

Read Post

Device Authority

Read more about Mitigating IoT Denial of Service Attacks: Essential Strategies for Protection

Attackers Abuse HubSpot's Free Form Builder to Craft Phishing Pages

Dec 20, 2024 By Stu Sjouwerman In KnowBe4

A threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42. The campaign has targeted at least 20,000 users at European companies in the automotive, chemical, and industrial compound manufacturing sectors. The attacks are designed to steal credentials in order to compromise victims’ Microsoft Azure cloud services.

Read Post

KnowBe4

Read more about Attackers Abuse HubSpot's Free Form Builder to Craft Phishing Pages

Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

Dec 20, 2024 By Stu Sjouwerman In KnowBe4

ESET has published its threat report for the second half of 2024, outlining a new social engineering tactic targeting mobile banking users. Threat actors are using Progressive Web Apps (PWAs) and WebAPKs to bypass mobile security measures, since these files don’t require users to grant permissions to install apps from unknown sources. “The initial phishing messages were delivered through various methods, including SMS, automated voice calls, and social media malvertising,” ESET says.

Read Post

KnowBe4

Read more about Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

Securing Infrastructure in the Age of Identity Attacks with Ev Kontsevoy

Dec 19, 2024 By Teleport In Teleport

Learn why identity-based attacks are now more common than malware attacks and discover practical strategies to secure your computing infrastructure. The talk covers the economics of cybersecurity, the impact of complexity on human error, and proven approaches to reduce your attack surface. With real data from industry surveys, learn how leading organizations are successfully preventing identity attacks through passwordless authentication, cryptographic identities, and infrastructure simplification.

View Video

Teleport

Read more about Securing Infrastructure in the Age of Identity Attacks with Ev Kontsevoy

How (and Why) Cyber Attacks are Exploiting the Supply Chain

Dec 19, 2024 By Stuart Itkin In NeoSystems

Your business is a link in one or more supply chains. Your business depends on those who supply to you, and in turn those you supply to (and their customers and their customers’ customers) depend on you. Any disruption at any point affects the flow of goods, services, and information affecting others in the supply chain. It’s important that we understand the risk in our supply chain and the potential risk we pose to our customers, especially cyber-related risk. Why?

Read Post

NeoSystems

Read more about How (and Why) Cyber Attacks are Exploiting the Supply Chain

Refresh yourself on 2024's top cyber attack trends to stay safe in 2025

Dec 18, 2024 By Marla Rosner In Sysdig

We’re officially in the final days of 2024, a year so eventful it feels difficult to remember half of what happened. We had the Olympics in Paris, which turned the world into fans of sharpshooting, breakdancing, and the pommel horse; a solar eclipse visible in totality from the US for the first time since 1979; and a monthslong, very impassioned rap battle between Kendrick Lamar and Drake.

Read Post

Sysdig

Read more about Refresh yourself on 2024's top cyber attack trends to stay safe in 2025

Email Bombing: Why You Need to be Concerned

Dec 18, 2024 By Phil Hay In Trustwave

Over the last few months, the topic of email bombing has been brought to our attention multiple times, mostly queries from customers that go something like this: “I have a few users experiencing some sort of spam attack, where they are receiving thousands of random registration or subscription emails. What do I do, and why is it occurring? Help!” This scenario is known as email or subscription bombing.

Read Post