Cyberattacks

How To Detect Man-in-the-Middle Attacks

Oct 16, 2023 By Tim Tran In Keeper

It is notoriously difficult to detect a man-in-the-middle attack. However, these attacks do have some subtle signs, including landing on obviously fake websites and your internet connection mysteriously becoming unreliable. Additionally, man-in-the-middle attacks often happen on open, unencrypted public networks, so it’s very important to be aware of your online environment at all times.

Read Post

Keeper

Read more about How To Detect Man-in-the-Middle Attacks

Windows Gaming Host, Shadow PC, Attacked via Malicious Software

Oct 16, 2023 By Steven In IDStrong

Shadow PC is a Paris-based gaming host with thousands of clients in Europe and the US. Shadow’s service allows video games with high resource consumption to run on old software; this is made possible by Shadow’s ability to open a virtual computer. The virtual computer takes the onus of running games, allowing even incompatible computers to run game software. Shadow PC’s services are cloud-based, which should allow up to 100,000 users to play on their servers simultaneously.

Read Post

IDStrong

Read more about Windows Gaming Host, Shadow PC, Attacked via Malicious Software

Challenge of Cybersecurity Insurance Amid Ransomware Attacks

Oct 14, 2023 By Razorthorn In Razorthorn

The issue at hand is a direct result of the significant ransomware attacks that have forced organizations to pay out millions. In response, insurance companies have adopted a seemingly superficial, tick-box approach to cybersecurity assessments. Although they are attempting to enhance their due diligence, they fall short in truly evaluating security measures. Instead of thorough testing and on-site inspections, insurance companies rely on organizations to truthfully disclose their cybersecurity measures.

View Video

Razorthorn

Read more about Challenge of Cybersecurity Insurance Amid Ransomware Attacks

How a Database Risk Assessment Reduces the Risk of a Cyberattack

Oct 13, 2023 By Trustwave In Trustwave

Database security often, and to an organization's detriment, falls between the cracks as security and IT teams scramble to stay on top of daily cyber hygiene tasks and deal with the never-ending problems of running their network. The danger of overlooking their database, or to put it in, say, banking terms – the vault – is this is likely a threat actor's primary target. An organization's database is where IP, credentials, and financial information are stored.

Read Post

Trustwave

Read more about How a Database Risk Assessment Reduces the Risk of a Cyberattack

DDoS Attacks in 2024: Distributed DoS Explained

Oct 13, 2023 By Shanika Wickramasinghe In Splunk

Picture this: A crowd of people suddenly, without warning, enter a tiny shop, with room for only a handful of customers. All these extra people make it impossible for customers to get in or get out. Those extra people do not intend to shop — instead they want to disrupt the regular business operations. All this traffic jam-packs the shop, preventing it from carrying out normal business operations.

Read Post

Splunk

Read more about DDoS Attacks in 2024: Distributed DoS Explained

HTTP/2 Rapid Reset

Oct 13, 2023 By Medz Barao In Trustwave

A recent vulnerability tracked as Rapid Reset (CVE-2023-44487) in the HTTP/2 protocol was recently disclosed by researchers and vendors. It was exploited in the wild from August 2023 to October 2023. The issue arises from the HTTP/2 protocol's ability to cancel streams using an RST_STREAM frame, which can be misused to overload servers by initiating and quickly canceling numerous streams, circumventing the server's concurrent stream limit.

Read Post

Trustwave

Read more about HTTP/2 Rapid Reset

53% of Organizations Experienced Cyber Attacks

Oct 13, 2023 By Stu Sjouwerman In KnowBe4

As increasing percentages of businesses experience cyberattacks, new data provides details on where the most organizational risk lies. According to U.K. cyber insurer Hiscox’s Cyber Readiness Report 2023, attacks are on the rise: With these increases, how prepared are organizations? According to Hiscox, organizations are spending money on the problem; the median cybersecurity spend is a little over $1.39 million (with enterprises spending $4.9 million).

Read Post

KnowBe4

Read more about 53% of Organizations Experienced Cyber Attacks

New Cyber Attack Techniques Will Not Replace Old-School Social Engineering

Oct 12, 2023 By Stu Sjouwerman In KnowBe4

Even though there are new attack types for cybercriminals, they are still leveraging old-school attack vectors. Why? Because they still work. I cover new attack methods all the time, with recent examples including a sophisticated phishing campaign impersonating Microsoft and an attack last month targeting the Ukrainian military.

Read Post

KnowBe4

Read more about New Cyber Attack Techniques Will Not Replace Old-School Social Engineering

Cyber Attack on Merck | Cyber Insurance

Oct 12, 2023 By Razorthorn In Razorthorn

This case concerns a cyber attack on the pharmaceutical company, Merck, which, while not part of the national infrastructure, plays a crucial role in the healthcare ecosystem. The argument arises about whether they should be considered as critical as hospitals, as they supply medications and treatments, essentially acting as wizards in the healthcare industry.

View Video

Razorthorn

Read more about Cyber Attack on Merck | Cyber Insurance

Introducing Splunk Add-On for Splunk Attack Analyzer and Splunk App for Splunk Attack Analyzer

Oct 11, 2023 By Neal Iyer In Splunk

Following our announcement of Splunk Attack Analyzer in July 2023, we are excited to announce the launch of the Splunk Add-on for Splunk Attack Analyzer and Splunk App for Splunk Attack Analyzer. These offerings help us bolster our unified security operations experience by bringing threat analysis results from Splunk Attack Analyzer into the Splunk platform. The challenges with hiring top talent to staff a modern Security Operations Center (SOC) are ubiquitous.

Read Post