Cyberattacks

Compromised Credentials: Tactics, Risks, Mitigation

May 31, 2023 By Darja Feldman In Cyberint

The theft of users’ credentials is a growing industry. The market for compromised credentials is vast and has huge potential due to: These factors have created a lucrative market for cybercriminals who are able to steal credentials and sell them on the black market. The stolen credentials can then be used to access personal and financial information, commit identity theft, or launch other cyberattacks.

Read Post

Cyberint

Read more about Compromised Credentials: Tactics, Risks, Mitigation

A Tale of Two States and Counties: How Whole-of-State is Shaping the Future of Cybersecurity

May 31, 2023 By Tanium In Tanium

We all know that cyberattacks in the public sector are mounting. Over 100 state and municipal governments and dozens of school districts were compromised by ransomware last year. And geopolitical tensions will only embolden both state-linked and financially motivated threat actors going forward. These are uneasy times for cybersecurity leaders at these government and education sector entities. But help is at hand.

Read Post

Tanium

Read more about A Tale of Two States and Counties: How Whole-of-State is Shaping the Future of Cybersecurity

Avoiding the ransomware trap

May 31, 2023 By Centripetal

Even large, global firms with enormous IT budgets are falling victim to the latest attacks. Why? Because cybercriminals know that popular network inspection and threat intelligence solutions can't keep up with the deluge of attacks hammering at our networks daily. But there is hope! By evolving from traditional threat intelligence to ThreatOps, we can put an end to ransomware and proactively shield your business from 99% of global threats mapped by the threat intelligence community automatically.

Get EBook

Centripetal

Read more about Avoiding the ransomware trap

New vulnerability could lead to one of world's most powerful cyber attacks

May 30, 2023 By Noah Stone In BitSight

The other week, Bitsight released a piece of high-profile research alerting the public to a high-severity vulnerability potentially allowing attackers to launch one of the most powerful Denial-of-Service (DoS) attacks in history. Here’s a summary of what happened and why it matters: Security leaders are asking “now what?” and Bitsight has answers.

Read Post

BitSight

Read more about New vulnerability could lead to one of world's most powerful cyber attacks

The Growing Number of Cyber Attacks on Australian Hospitals and Healthcare Providers

May 30, 2023 By Arctic Wolf In Arctic Wolf

Cyber attacks on Australian hospitals and healthcare providers are becoming a more frequent occurrence. The Australian Cyber Security Centre, the ACSC, has recently warned healthcare providers in Australia of an increased number of cyber attacks aimed at the healthcare industry. The ACSC has identified ransomware and other cyber attack methods as leading to dangerous breaches of sensitive hospital data, which can have widespread ramifications if not addressed and preempted.

Read Post

Arctic Wolf

Read more about The Growing Number of Cyber Attacks on Australian Hospitals and Healthcare Providers

Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining

May 30, 2023 By Tom Neaves In Trustwave

As is tradition with my blog posts, let’s start off a definition of what HTTP pipelining is all about. “HTTP pipelining is a feature of HTTP/1.1 which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding responses. HTTP/1.1 requires servers to respond to pipelined requests correctly, with non-pipelined but valid responses even if server does not support HTTP pipelining.

Read Post

Trustwave

Read more about Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining

How Large is Your Target? Advice for the Smallest Businesses

May 30, 2023 By Bob Covello In Tripwire

Most cybersecurity professionals will often try to cybersplain the importance of protection to their friends. In most social circles, many of the businesses that people work in are small businesses. Perhaps you are the owner of a small delicatessen, a dry cleaner, or you run a yoga studio, or some similar individually owned operation.

Read Post

Tripwire

Read more about How Large is Your Target? Advice for the Smallest Businesses

What is Doxxing?

May 26, 2023 By Aranza Trevino In Keeper

Doxxing, also spelled doxing, is when a threat actor publishes Personally Identifiable Information (PII) about their target online. This can include publishing the target’s place of employment, home address, credit or debit card numbers and any other sensitive information. The purpose of the threat actor publishing another person’s PII varies, but most commonly has to do with harassment.

Read Post

Keeper

Read more about What is Doxxing?

How to protect yourself from a rainbow table attack with the help of MFA

May 26, 2023 By Carla Roncato In WatchGuard

Since 2013, World Password Day has been celebrated on the first Thursday of May and aims to foster better password habits. This event reminds us that passwords are the main guardians of our digital identities and that we must implement complex passwords such as passphrases capable of protecting us. In 2022 alone, 721.5 million exposed credentials were leaked online. As a result of these leaks, account takeover attacks (ATOs) are on the rise.

Read Post

WatchGuard

Read more about How to protect yourself from a rainbow table attack with the help of MFA

Analyzing the NTC Vulkan Leak: What it Says About Russia's Cyber Capabilities

May 25, 2023 By Arthur Erzberger In Trustwave

Information disclosed in the leaked NTC Vulkan papers allows us to investigate the high probability of cooperation between the Russian private software development company and the Russian Ministry of Defense, namely, the GRU (Sandworm), and possibly others.

Read Post