Businesses today leverage technology in almost all aspects of their operations because it enhances efficiency. However, this reliance on digital tools exposes them to cyber threats like an eavesdropping attack. Research says more than 37% of smartphones worldwide have become eavesdropping targets. That's a lot of mobile devices belonging to employees of many companies. So, understanding what an eavesdropping attack is and how to prevent it can save your organization from potential problems.

Rubrik has been assisting our customers with recovery from cyber attacks since 2018. We immediately took notice of these attacks, and early on, began developing processes and procedures to respond more effectively to better assist our customers. Our spirit of continuous improvement and execution of lessons learned from the field has led to a number of improvements to both our products and processes.

The data about the rise of phishing attacks against businesses in the United Kingdom is in, and it’s bleak: UK phishing reports indicate that 79 percent of organizations in the UK were targeted by phishing attacks in the past year. Meanwhile, phishing is the initial attack vector in 36 percent of all data breaches globally, according to Verizon’s 2023 Data Breach Investigations Report. And 80,000 new phishing sites appear every month, according to Cyberint research.

Considering the vast attack surface and flat network architecture, Kubernetes workloads are particularly susceptible to network-based threats. While following best practices like workload access controls, workload-centric IDS/IPS, and WAF can help prevent and block attacks, anomaly detection has become crucial in today’s IT landscape to proactively anticipate security threats.

On the 7th of November, Sumo Logic announced a security incident. Their security team detected the use of a compromised set of credentials to access a Sumo Logic AWS account. This Sumo Logic breach has had a downstream impact on users. Let’s get into the facts of what we know.

Distributed denial-of-service (DDoS) attacks have been around for a long time. However, the sophistication and scale of these threats has grown in recent years. Cybercriminals are employing amplification techniques that exploit vulnerabilities in misconfigured services or network protocols to increase the traffic they can generate and maximize the impact of their attacks.

Since Hamas’s attack on Israel last month, SecurityScorecard’s SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has paid close attention to hacktivist activity provoked by the conflict, with particular focus on the international scope.

A recent wave of advanced persistent threat (APT) attacks is spreading throughout the Asia-Pacific (APAC) region, and these have been attributed to a newly identified group known as Dark Pink (also referred to as the Saaiwc Group). While evidence suggests that Dark Pink commenced its operations as early as mid-2021, the group’s activities escalated notably in the latter part of 2022.

While Kubernetes adoption continues to soar, it has become a prime target for cyberattacks. Unfortunately, Kubernetes clusters are complex and can be difficult to secure. Safeguarding your Kubernetes environment requires a solid understanding of the common attack chains that pose a threat to your infrastructure. In this blog post, we dig into the top attack chains that target Kubernetes, shedding light on the risks and offering valuable insights to bolster your defenses.