A recap of Q2 from Cisco Talos’ incident response services provides insight into exactly what kinds of attacks are being seen in the field, and what kinds of attacks you need to be protecting against. While I love covering industry reports here, I also love to see practical experiences from the field summarized into trends. And that’s exactly what we find with Cisco Talos Incident Response’s Incident Response trends Q2 2023 recap.

The Document Object Model (DOM) acts as an interface between HTML and JavaScript, bridging the gap between static content and dynamic interactivity. This function makes the DOM indispensable for modern web developers. However, the DOM has a pitfall — DOM clobbering. DOM clobbering occurs when HTML elements conflict with global JavaScript variables or functions, which can lead to unexpected behavior and a potential security loophole in your web application.

Following research on a notorious cybercrime mastermind known as Neo_Net, Cyberint has unveiled the extent of the threat actor’s activities, who primarily targets Spanish and Chilean banks. The findings indicate that the mastermind’s crimes have now expanded into multiple countries and industries worldwide. Further analysis reveals that Neo_Net has not only focused on targeting Financial Applications through the creation of fake Android applications, but has also expanded its schemes.

Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. The analysis, by Comparitech, looked at 478 confirmed ransomware attacks on manufacturing companies between 2018 and July 2023, in an attempt to determine their true cost.

July was one of the hottest months in recent memory, and cybercriminals did their part to keep the heat cranked up for organizations around the globe. As organizations continued sorting through the wreckage of the massive MoveIT incident, new and ongoing threats continued to arrive from every corner. July’s notable breaches include attacks on healthcare providers, emergency services, government agencies, and free speech.

It’s no surprise that cyber attacks are on the rise. The sheer volume of attacks — along with the increase in ransomware, business email compromise, and other kinds of attacks — has steadily ticked up year after year. Cybercrime is now the number one global business risk, rakes in trillions for cybercriminals, and has advanced far beyond simple “scam emails” and brute-force attacks.

Your business runs on servers. Without your DNS server, your users wouldn’t be able to connect to online resources. Without your proxy servers, your local networks would be visible across the public internet. Without your database servers, your organization wouldn’t be able to execute the queries that enable them to make data-driven decisions. Since servers are critical to business operations, threat actors value them.

The second annual threat report from the Sysdig Threat Research Team (Sysdig TRT) is packed with their findings and analysis of some of the hottest and most important cybersecurity topics this year. Threat actors are really embracing the cloud and are using it to their advantage to evade detection and speed up their attacks.

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement about the need for greater security in the IT services industry.

The question “What is cybercrime?” is more critical today than ever. Advancements in tech, oversharing on social media, and even the latest AI innovations have significantly increased the risk of cyberattacks. Just look at the statistics. Ransomware attacks grew by 92.7% in 2021 compared to 2020. As internet connectivity and usage grow globally, cybercriminals are becoming more brazen in targeting unsuspecting victims.