Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

NOTE: The MOVEit Transfer vulnerability remains under active exploitation, and Kroll experts are investigating. Expect frequent updates to the Kroll Cyber Risk blog as our team uncovers more details. On June 5, 2023, the Clop ransomware group publicly claimed responsibility for exploitation of a zero-day vulnerability in the MOVEit Transfer secure file transfer web application (CVE-2023-34362).

May often heralds the start of summer — warm weather, long days, and plenty of cybersecurity workers taking much needed time off. Cybercriminals however, are always at their monitors and love to take advantage of times when they know defenses may be down and this month was no different. May saw a wide range of cybercrime, including disruptions of schools and news organizations, a slow-burn in the tech sector, and public negligence from one of the web’s most well-known entities.

MiTM or Man-in-the-middle attack is one of the most common cyberattacks that online users must be aware of. Anyone who’s actively connected to the internet for both work and entertainment purposes is at risk of being a victim of a MiTM attack. Fortunately, you can prevent the above from happening. This blog is here to help. Below, we’ll discuss MiTM attacks, their types, how they work, and how to prevent becoming a victim.

Traveling abroad, whether for business or leisure, brings plenty of tangible benefits to individuals and organizations. Coupled with the convenience of innovative technology at our fingertips, business professionals can achieve a lot if they spend much of their time on foreign shores. However, despite this digital evolution, traveling abroad can present numerous risks to your data and systems.

Attackers use remote code execution as a way to gain unauthorized access, perform data breaches, disrupt services and deploy malware. Here’s how you can prevent your organization from RCE attacks: Let’s dive deep into remote code execution and, importantly, its prevention techniques.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In an era where digital technology increasingly underpins food production and distribution, the urgency of cybersecurity in agriculture has heightened.

Dark Pink (also known as Saaiwc Group) is an advanced threat actor that has been operating since mid-2021, mainly in the Asia-Pacific region and to a lesser extent in Europe, leveraging a range of sophisticated custom tools within a sophisticated kill chain relying on spear-phishing emails. The group has been quite active since 2021, attacking at least 13 organizations in Vietnam, Bosnia and Herzegovina, Cambodia, Indonesia, Malaysia, Philippines, Belgium, Thailand, and Brunei.

A pretexting attack is a type of social engineering attack where the threat actor persuades their target into revealing sensitive information or sending them money by making up a story, hence the word “pretext.” Pretexting attacks can come in many different forms including a phone call, text message, email or even in person.

Read also: Jimbos Protocol hacked for $7.5M, nearly 9 million dental patients impacted in a ransomware attack, and more.

The theft of users’ credentials is a growing industry. The market for compromised credentials is vast and has huge potential due to: These factors have created a lucrative market for cybercriminals who are able to steal credentials and sell them on the black market. The stolen credentials can then be used to access personal and financial information, commit identity theft, or launch other cyberattacks.