Cyberattacks

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Jun 18, 2024 By Stu Sjouwerman In KnowBe4

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North Korea and Russia. “The Brazil-focused targeting of these groups mirrors the broader priorities and industry targeting trends we see elsewhere,” the researchers write.

Read Post

KnowBe4

Read more about Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

The Cyber Threats Targeting the UEFA League - Euro 2024

Jun 16, 2024 By Alon Davidoff In Cyberint

The UEFA League, alternatively known as Euro 2024, has officially started, marking a thrilling period for football fans worldwide. The unmatched enthusiasm for watching the matches, whether through digital screens or by experiencing the live vibe in the stadiums, has filled the air. However, this surge in excitement isn’t solely confined to sports fans but has also caught the attention of threat actors.

Read Post

Cyberint

Read more about The Cyber Threats Targeting the UEFA League - Euro 2024

How Enterprise Identity Protection Can Prevent Cyber Attacks?

Jun 13, 2024 By SecuritySenses In SecuritySenses

Protecting enterprise identities has never been more critical in today's interconnected business landscape. Cybersecurity Ventures predicts cybercrime will cost the world $10.5 trillion annually by 2025. Attacks on company identities are a major cause of cybercrime. Hackers are always trying to steal employee logins to get into company secrets. They use tricks like phishing emails and fancy hacking to do this. Protecting identities is super important for businesses, and it is not just an IT concern.

Read Post

SecuritySenses

Read more about How Enterprise Identity Protection Can Prevent Cyber Attacks?

Two Recent Campaigns from Brazil and Korea Exploiting Legitimate Cloud Services

Jun 13, 2024 By Paolo Passeri In Netskope

The exploitation of cloud services is a flexible weapon in the hands of attackers, so flexible that we uncover new campaigns abusing legitimate apps on a daily basis.

Read Post

Netskope

Read more about Two Recent Campaigns from Brazil and Korea Exploiting Legitimate Cloud Services

CDR: How Cloud Has Changed the Game

Jun 13, 2024 By Mike Watson In Sysdig

Some organizations are just beginning their migration to the cloud, while others are already firmly settled there, but almost everyone is in the cloud in some capacity by now. And for good reason: the cloud creates substantial advantages in speed, scalability, and cost. But the sobering reality is that modern threat actors have also made gains from migrating to the cloud. By weaponizing cloud automation, these threat actors can fully execute an attack in 10 minutes or less.

Read Post

Sysdig

Read more about CDR: How Cloud Has Changed the Game

Expanding Cyber Threats: Sticky Werewolf Targets Russia and Belarus

Jun 11, 2024 By Foresiet In Foresiet

The cyber threat landscape is constantly evolving, with new threat actors emerging and expanding their targets. Cybersecurity researchers have recently revealed information about a threat actor named Sticky Werewolf, who has been associated with cyber attacks on organizations in Russia and Belarus. This development highlights the critical need for robust cybersecurity measures, including stolen credentials detection, darknet monitoring services, and dark web surveillance.

Read Post

Foresiet

Read more about Expanding Cyber Threats: Sticky Werewolf Targets Russia and Belarus

New HR-Themed Credential Harvesting Phishing Attack Uses Legitimate Signature Platform Yousign

Jun 11, 2024 By Stu Sjouwerman In KnowBe4

A new phishing campaign is exploiting the eSignature platform Yousign. There have been plenty of phishing attacks that leverage legitimate platforms to help establish credibility with security solutions – including online email services, web hosting, payment processors and more.

Read Post

KnowBe4

Read more about New HR-Themed Credential Harvesting Phishing Attack Uses Legitimate Signature Platform Yousign

Four Ways to Prevent Credential Theft and Credential-Based Attacks

Jun 7, 2024 By Mike McCleary In Arctic Wolf

When it comes to cybercrime, there are few tactics as useful and widespread as credential theft and the use of stolen credentials. In the 2023 breach of password management giant Okta, it was a set of credentials that jumpstarted the incident — threat actors hacked into an employee’s personal Google account, where they found an Okta customer service account had also been saved.

Read Post

Arctic Wolf

Read more about Four Ways to Prevent Credential Theft and Credential-Based Attacks

The Most Common Ways Cyber Criminals Will Target Your Business

Jun 6, 2024 By SecuritySenses In SecuritySenses

Businesses face an ever-growing array of security threats from cybercriminals. Scammers and hackers employ increasingly sophisticated techniques to infiltrate corporate networks, steal sensitive information, and disrupt operations. In 2023, consumers and businesses in the United States reported losing more than $10 billion to fraud and online scams, marking the first time that fraud losses have reached that benchmark. This is a 14% increase over reported losses in 2022.

Read Post

SecuritySenses

Read more about The Most Common Ways Cyber Criminals Will Target Your Business

Surge in CatDDoS Attacks: Exploiting Vulnerabilities to Spread Mirai Variant

Jun 6, 2024 By Foresiet In Foresiet

The cybersecurity landscape has recently been shaken by a surge in activity involving a Mirai distributed denial-of-service (DDoS) botnet variant known as CatDDoS. Over the past three months, threat actors have aggressively exploited more than 80 vulnerabilities to spread this malware. In this blog, we explore the recent CatDDoS attacks, the targeted sectors, and the implications for cybersecurity practices.

Read Post