Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

Password attacks: How to combat them

“Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.” – Clifford Stoll, Astronomer and engineer This identity security week, it’s important to understand the importance of passwords in cybersecurity, how easily they can be compromised if you are not careful, and how ManageEngine ADSelfService Plus helps fortify your passwords and enhance your organizational security.

The Simply Cyber Report: November 14, 2022

The top cyber news stories you need to know about right now. CISA make Cyber.org range available to all 50 states. New rules around blue checkmarks on Twitter cause swings in the stock market. Mondelez International has settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover the snack giant's $100-million-plus cleanup bill following the 2017 NotPetya outbreak.

Common Payloads Attackers Plant in Malicious Software Packages

In this third post in our series on Malicious Software Packages, we’ll focus on the aftermath of a successful attack and how the attacker executes payloads to serve their needs through various real-life scenarios. Before we start, let’s review a few highlights from the second post you might’ve missed: Now, let’s get to blog three in the series.

More improvements to Attack Surface Custom Policies

In October, we launched a new feature called Attack Surface Custom Policies for Surface Monitoring customers. Attack Surface Custom Policies makes it possible to set, enforce, and scale customizable security policies so you can focus on the issues that matter most. Since launching this feature, we’ve generated thousands of alerts on potential risks for our customers. For some customers, it was particularly difficult to view these reports.

Cyber Kill Chains Explained: Phases, Pros/Cons & Security Tactics

Sometimes referred to as CKC or the cyberattack lifecycle, the cyber kill chain is a security defense model developed to identify and stop sophisticated cyberattacks before they impact an organization. Typically comprised of seven steps, a cyber kill chain model breaks down the multiple stages of a cyberattack, allowing security teams to recognize, intercept or prevent them.

New Phishing Technique Targeting Over 20 Crypto Wallets

Netskope Threat Labs spotted a new crypto-phishing attack that aims to steal sensitive data from crypto wallets, including private keys and security recovery phrases, disguising itself as a service to revoke stolen ERC (Ethereum Request for Comments) assets. The page was created and hosted with Netlify, which is a free cloud service to create websites and apps.

The Ultimate List of Biggest Bot Attacks Ever

Bots have been in the news a lot lately. Before committing to the Twitter takeover, Elon Musk cited huge bot numbers as a hurdle in completing the deal. Social media bots have also been blamed for interfering in elections and other political processes in recent years. Despite the current focus on bots, they’re not a new phenomenon. Bots have been around for decades — and some have caused serious damage to businesses around the world.

Detecting DOS attacks

A denial of service attack is a type of network attack in which an attacker makes the system, machine, or network unavailable to the intended users. There are various types of DOS attacks, like, for instance, a user is trying to reach a webpage but the page redirects the user to another URL or even the user can’t reach its destination i.e. access is blocked.