Secrets in collaboration tools are becoming prime targets for attackers. Reduce your attack surface by extending GitGuardian automated secrets detection capabilities to Slack, Jira, Confluence, or Microsoft Teams. Ensure security wherever your teams collaborate!

The CDK Global ransomware attack was first reported in June 2024. Ransomware infected CDK Global, a software vendor that serves thousands of North American car dealerships. This ransomware attack affected over 10,000 U.S. car dealerships, their employees and their customers.

Watching the recent Snowflake customer attacks unfold felt a bit like rewatching a horror movie with predictable attack sequences and missed opportunities to run to safety. But this time, the ending was far more devasting. More than 100 organizations were exposed, and many are now grappling with the impacts of data theft and extortion in what some are calling one of the largest breaches in history.

This story starts when Sébastien Lorber, maintainer of Docusaurus, the React-based open-source documentation project, notices a Pull Request change to the package manifest. Here’s the change proposed to the popular cliui npm package: Specifically, drawing our attention to the npm dependencies change that use an unfamiliar syntax: Most developers would expect to see a semver version range in the value of a package or perhaps a Git or file-based URL.

A new report focused on cyber espionage actors targeting government and critical infrastructure sectors highlights the strategic use of ransomware for distraction or misattribution. It was inevitable: a threat group using a secondary attack type to cover their tracks – whether those “tracks” are the groups true intent, who’s responsible – or to simply make some additional money after they’re done with the initial attack.

In today’s interconnected digital landscape, distributed denial of service (DDoS) attacks pose a significant threat to organizations of all sizes. To effectively combat this ever-evolving menace, there is a critical need for DDoS threat intelligence and collaborative sharing of data. We’ll explore the importance of DDoS threat intelligence, the benefits of collaborative data sharing, and the collective effort required to mitigate the impact of DDoS attacks.

As organizations continue to digitize and passwords proliferate across systems, applications, and even assets, identity and access management (IAM) has become a pillar of cybersecurity. One component of IAM has become ubiquitous with access security: multi-factor authentication (MFA). MFA is an access control technique that adds a layer of security to user logins and access by making the user verify their identity.

Cryptojacking is rapidly emerging as the most popular type of attack on cloud native applications and infrastructure. Care to guess how many cryptojacking attacks were recording in 2023? As a reference point, in the year before (2022), there were 139M cryptojacking attacks. However, this number jumped 659% the following year (2023) to 1.06B! That averages nearly 3M cryptojacking attacks every day, on average.