Splunk Attack Analyzer Feature Video: Following Complex Attack Chains
Learn how Splunk Attack Analyzer saves analysts time and enhances SOC efficiency by automatically analyzing complex attack chains.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
AI-Generated Attacks: What are They and How to Avoid Them?
AI-generated attacks, such as social engineering, phishing, deepfakes, malicious GPTs, data poisoning, and more, are disrupting the current security landscape speedily. But there are ways to avoid them and strengthen our defences with miniOrange IAM solutions.
How Graylog Helps You Spot LockBit-Style Attacks Sooner
The DFIR Report recently detailed a LockBit attack with ransomware intrusion that succeeded without advanced exploits or zero-day vulnerabilities. The attack relied on a stolen AnyDesk installer, credential reuse, and renamed PowerShell scripts that blended into routine activity. These moves were not sophisticated, but they were fast and effective. The end result: complete domain encryption.
Manufacturing: Executives Voice Cyberattack Readiness Concerns
Manufacturing executives recently surveyed by LevelBlue expressed a deep concern that emerging attack methods, such as deepfakes and AI-powered attacks, will be almost as likely as more traditional attacks like ransomware. We derived the information from a research-based survey conducted in January 2025, which included 220 C-suite and senior manufacturing executives.
How SOC Teams Operationalize Real-Time Defense Against Credential Replay Attacks
Credential replay remains one of the most efficient ways attackers turn stolen usernames, passwords, or tokens into real account access. Verizon’s 2024 DBIR shows that over 40% of breaches involve stolen credentials, underscoring the durability of this tactic. Even strong authentication is not immune. Techniques like pass-the-cookie and adversary-in-the-middle phishing allow attackers to replay tokens and sidestep MFA.
Report: Deepfake Attacks Have Targeted Nearly Two-Thirds of Organizations
A survey by Gartner found that 62% of organizations have been hit by a deepfake attack in the past twelve months, Infosecurity Magazine reports. Akif Khan, senior director at Gartner Research, told Infosecurity Magazine that deepfakes are currently being used in social engineering attacks to impersonate executives and trick employees into transferring money. “That’s trickier because social engineering is a perpetually reliable thing for attackers to use,” Khan said.
API Attack Awareness: Injection Attacks in APIs - Old Threat, New Surface
Injection attacks are among the oldest tricks in the attacker playbook. And yet they persist. The problem is that the core weakness, trusting user inputs too much, keeps resurfacing in new forms. As organizations have shifted to API-driven architectures and integrated AI systems that consume unstructured input, the attack surface has expanded dramatically.
API Attack Awareness: Broken Object Level Authorization (BOLA) - Why It Tops the OWASP API Top 10
For this Cybersecurity Awareness Month, we thought it important to draw attention to some of the most common and dangerous API vulnerabilities. This week, we’re starting with Broken Object Level Authorization (BOLA). BOLA vulnerabilities top the OWASP API Top Ten. And for good reason: they’re startlingly prevalent, remarkably easy to exploit, and can have devastating consequences. So, let’s explore what they are, why they matter, and how you can mitigate them.
When Electricity Meets Cyber: How Electric Firms Must Harden Their Systems
The electric sector is undergoing a digital revolution. From smart meters to automated substations, electricity providers now rely heavily on software, connected devices, and real-time data analytics. While this transformation drives efficiency, sustainability, and innovation, it also exposes power grids and electrical systems to cyber risks. As cyberattacks on critical infrastructure become more frequent, firms must not only harden their systems but also strengthen their workforce to meet this evolving challenge.
7 Man-in-the-Middle (MitM) Attacks to Look Out For
Today’s man-in-the-middle (MitM) attacks go far beyond coffee-shop Wi-Fi: they target browsers, APIs, device enrollments, and DNS infrastructure. Using automated proxykits and supply-chain flaws, attackers hijack session cookies, tokens, and device credentials—turning one interception into persistent, high-value access. Concerningly, these are not edge cases.