Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks consistently hit the headlines throughout the year, and they aren’t expected to slow down any time soon. While the intensity and impact change from one attack to the other, there are always a few that rank the highest in terms of size. We looked at the five biggest cyberattacks of 2022 and how they influenced users around the globe.

A phishing attack is a fraudulent email pretending to be from a safe, familiar, or reliable source intended to induce the email recipient to reveal personal information such as financial information, personally identifiable information (PII), Passwords, or credit and bank account numbers to the writer.

Credential stuffing is on the rise. The number of annual credential spill incidents nearly doubled between 2016 and 2020, according to the F5 Labs 2021 Credential Stuffing Report. Organizations need to be wary of sophisticated attackers or risk becoming a victim of a credential stuffing attack. As one of the most common account takeover techniques, your team must be equipped with the knowledge necessary to prevent this from happening.

Recently, we’ve noticed an increase in user reports of SMS-based Business Email Compromise (BEC) messages. This seems to be part of a wider trend as phishing scams via text messages surge. The Federal Communications Commission (FCC) observed an increase in unsolicited text messages, with 2022 practically tripling the number of phishing texts reported to the FCC in 2019. Phishing scams are prevalent in the SMS threat landscape, and now, BEC attacks are also going mobile.

November has turned cold in much of the Northern Hemisphere, and there was plenty of cold comfort to go around in the world of cybersecurity. Our latest round-up looks at a massive company that can’t stop getting breached, another one scrambling to correct an unforced error, a worst-case scenario for the blending of church and state, and a depressing report on just how much money ransomware gangs are pulling in. Let’s get ready for a dip into the chilly waters of cybercrime.

Another day, another legitimate cloud service exploited for a cyber espionage campaign… Researchers at ESET recently discovered Dolphin, a previously unreported backdoor used by the North-Korean threat actor APT37 (AKA ScarCruft and Reaper) against selected targets. The backdoor, deployed after the initial compromise using less sophisticated malware, was observed for the first time in early 2021, during a watering-hole attack on a South Korean online newspaper.

‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.

The Sysdig Threat Research Team (TRT) recently discovered threat actors leveraging an open source tool called PRoot to expand the scope of their operations to multiple Linux distributions and simplify their necessary efforts. Typically, the scope of an attack is limited by the varying configurations of each Linux distribution. Enter PRoot, an open source tool that provides an attacker with a consistent operational environment across different Linux distributions, such as Ubuntu, Fedora, and Alpine.