Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Social engineering and phishing are involved in 70% to 90% of all successful cybersecurity attacks. No other initial root hacking cause comes close. This is not a recent development. Social engineering has been the number one type of attack since the beginning of networked computers. Despite this long-time fact, most organizations do not spend 3% of their IT/IT Security budget to fight it.

Password Spraying Activity Targeting Various VPN Appliances, Firewalls, and Other Public Web-Based Applications

Arctic Wolf has recently observed an uptick in detected password spraying for multiple Firewall and VPN appliances. This activity began on February 28, 2024. A variety of products are affected by this activity, including but not limited to devices from vendors such as Cisco, Palo Alto Networks, and WatchGuard. Further investigation revealed that authentication against web-based applications in general was being targeted as opposed to a selection of firewall vendors.

Despite Feeling Prepared for Image-Based Attacks, Most Organizations Have Been Compromised by Them

With QR-code phishing attacks on the rise, new data sheds light on just how unprepared organizations actually are in stopping and detecting these device-shifting attacks. One of the challenges with attacks is that we rely on security solutions to look for indicators of malicious intent. Content within an email, where a link points to, and the insides of an attachment can indicate potential foul play.

Mitigating a token-length side-channel attack in our AI products

Since the discovery of CRIME, BREACH, TIME, LUCKY-13 etc., length-based side-channel attacks have been considered practical. Even though packets were encrypted, attackers were able to infer information about the underlying plaintext by analyzing metadata like the packet length or timing information. Cloudflare was recently contacted by a group of researchers at Ben Gurion University who wrote a paper titled “What Was Your Prompt?

AnyDesk Case: What steps should users take to protect themselves?

On February 2, the popular remote access tool AnyDesk disclosed that it had suffered a cyberattack that had compromised its production systems. Although AnyDesk has not revealed specific details about the root cause of the attack, the measures taken to mitigate it, such as mandatory password resets and code signing certificate renewals, suggest that cybercriminals gained access to user passwords and the company's code signing certificate.

Side Channel Attack: Everything You Need To Know

Every year, millions of people get victimized by data breaches. Criminals steal their data from the network environments of organizations, vendors, providers, institutions, and governments; with ever-increasing frequency, cybercriminals are making big moves in the cyber wars—and making billions of dollars.

Cloud Threats deploying Crypto CDN

The Sysdig Threat Research Team (TRT) discovered a malicious campaign using the blockchain-based Meson service to reap rewards ahead of the crypto token unlock happening around March 15th. Within minutes, the attacker attempted to create 6,000 Meson Network nodes using a compromised cloud account. The Meson Network is a decentralized content delivery network (CDN) that operates in Web3 by establishing a streamlined bandwidth marketplace through a blockchain protocol.

What Is Kerberoasting and How to Prevent it

Kerberoasting is a form of cyber attack that targets service accounts using the Kerberos authentication protocol. Attackers exploit the authentication protocol to extract password hashes and crack the plaintext passwords attached to the account. These attacks are prevalent because they can be difficult to notice and mitigate.