Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

SecurityScorecard

Cyberattack at Sisense Puts Critical Infrastructure on Alert

Apr 11, 2024 By SecurityScorecard In SecurityScorecard
The cybersecurity community woke up on Thursday to news of a cyberattack on Sisense, a major business analytics software company. It’s thought that the breach may have exposed hundreds of Sisense’s customers to a supply chain attack and provided the attacker with a door into the company’s customer networks.
Read Post
securitysenses

The Future of Cybersecurity: Leveraging Breach and Attack Simulation for Proactive Defense

Apr 10, 2024 By SecuritySenses In SecuritySenses
The digital landscape is no longer a frontier; it's a full-fledged battlefield. As organizations become increasingly reliant on interconnected technologies, their attack surface expands exponentially. Firewalls and antivirus software, the traditional defense lines, are akin to medieval fortifications in the face of modern artillery. To survive in this ever-evolving warzone, organizations need a proactive approach, a way to anticipate and counter threats before they inflict damage. Enter Breach and Attack Simulation (BAS), a transformative tool poised to revolutionize the future of cybersecurity.
Read Post
Arctic Wolf

The Top 18 Healthcare Industry Cyber Attacks of the Past Decade

Apr 10, 2024 By Arctic Wolf In Arctic Wolf
10.93 million dollars USD. That’s the average cost of a healthcare breach in the U.S. It’s an alarming number that’s only continued to climb, increasing by over 53% in the past three years, according to IBM’s 2023 Cost of a Data Breach Report. In fact, the healthcare industry has had the highest average cost of a breach for 13 years running. It’s not just the costs that are climbing, either.
Read Post
komodo consulting

Having Fun with SSRF HTML to PDF Exports: A Cybersecurity Exploration

Apr 10, 2024 By Komodo Research In Komodo Consulting
PDF Exports: Hidden SSRF Risk In the realm of cybersecurity, understanding vulnerabilities is paramount to safeguarding sensitive data and maintaining the integrity of systems. One such vulnerability that often lurks in the shadows is SSRF, or Server Side Request Forgery. While SSRF vulnerabilities have been extensively discussed in various contexts, today, we're going to delve into a unique perspective – exploring SSRF vulnerabilities through the lens of HTML to PDF exports.
Read Post
CrowdStrike

CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud

Apr 10, 2024 By Venu Shastri In CrowdStrike
Two recent Microsoft breaches underscore the growing problem of cloud identity attacks and why it’s critical to stop them. While Microsoft Active Directory (AD) remains a prime target for attackers, cloud identity stores such as Microsoft Entra ID are also a target of opportunity. The reason is simple: Threat actors increasingly seek to mimic legitimate users in the target system. They can just as easily abuse identities from cloud identity providers as they can in on-premises AD environments.
Read Post
SecurityScorecard

Change Healthcare Ransomware Attack Spotlights Single Point of Failure with Third-Party Vendor

Apr 10, 2024 By SecurityScorecard In SecurityScorecard
The ongoing cyberattack on Change Healthcare, a major player in medical claims processing in the United States, had profound repercussions across the healthcare sector. With the company forced to disconnect over 100 systems, medical claims processing ground to a halt. This disruption, termed by the president and chief executive of the American Hospital Association as “the most serious incident of its kind” in healthcare, brought many medical providers to the brink of closure.
Read Post
cyberark

Cookies Beyond Browsers: How Session-Based Attacks Are Evolving

Apr 9, 2024 By Shay Nahari In CyberArk
In the past few years, we have witnessed a significant shift in the attack landscape, from stealing clear text credentials to targeting session-based authentication. This trend is driven by the proliferation of multi-factor authentication (MFA), which makes it harder for attackers to compromise accounts with just passwords.
Read Post
alienvault

The Hidden Threat in Plain Sight: Analyzing Subtextual Attacks in Digital Communications

Apr 9, 2024 By Nahla Davies In AT&T Cybersecurity
In our always-online world, we're facing a new kind of cyber threat that's just as sneaky as it is harmful: subtextual attacks. These aren't your run-of-the-mill security breaches; they're cunningly crafted messages that may look harmless—but they actually carry a dangerous payload within them. Join me as we take a closer look at this under-the-radar, but still dangerous, threat.
Read Post
elastic

Tracing history: The generative AI revolution in SIEM

Apr 9, 2024 By Mike Nichols, In Elastic
The cybersecurity domain mirrors the physical space, with the security operations center (SOC) acting as your digital police department. Cybersecurity analysts are like the police, working to deter cybercriminals from attempting attacks on their organization or stopping them in their tracks if they try it. When an attack occurs, incident responders, akin to digital detectives, piece together clues from many different sources to determine the order and details of events before building a remediation plan.
Read Post
Trustwave

Healthcare Industry on High Alert: Trustwave Research Reveals Cyber Threats Persist

Apr 9, 2024 By Trustwave In Trustwave
Recent cyberattacks and the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) research indicate the danger facing the healthcare industry is not subsiding, which means healthcare providers must maintain a high level of alert and continue to bolster their cyber defenses.
Read Post
Subscribe to Cyberattacks

Copyright © 2024 OpsMatters™. All rights reserved.