Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Phishing Holds the Top Spot as the Primary Entry Point for Ransomware Attacks

Dec 10, 2024 By Stu Sjouwerman In KnowBe4
New analysis of ransomware attacks shows that phishing is the primary delivery method and organizations need to offer more effective security awareness training to mitigate the threat. Hornet Security’s Q3 2024 Ransomware Attacks Survey report paints a pretty bleak picture of how organizations have fared this year against ransomware attacks. So almost one in five organizations is a victim. According to the survey data, 52.3% of the attacks started with a phishing email.
Read Post
securitysenses

Cyber Attacks and You: What the South Staffs Water Breach Teaches Us

Dec 10, 2024 By SecuritySenses In SecuritySenses
The recent cyber attack on South Staffs Water has sent ripples across the digital security landscape, highlighting the vulnerabilities that organisations and individuals face in an increasingly connected world. This breach serves as a sobering reminder of the potential risks and repercussions associated with cyber threats. To truly grasp the magnitude of these incidents, it's essential to explore what transpired during the South Staffs Water breach, and subsequent South Staff Water data breach claim.
Read Post
fidelis security

How to Safeguard your Network from DDoS Attacks?

Dec 9, 2024 By Fidelis Security In Fidelis Security
Did you know that during the past year, DDoS attacks have increased by 117%? Industries including retail, shipping, and public relations have been the most impacted by this increase, with businesses seeing significant disruptions during peak shopping seasons like Black Friday. Businesses must understand how to stop these attacks as they become increasingly common and complex.
Read Post
Corelight

It's Typhoon Season: Attackers are deliberately evading EDR. What can you do about it?

Dec 6, 2024 By Vince Stoffer In Corelight
Over the past year, several sophisticated cyber-espionage campaigns have grabbed the attention of our industry and challenged defenders and vendors alike with advanced tactics, techniques, and procedures (TTPs). One of the most visible campaigns is Volt Typhoon, named by the Microsoft threat intelligence team in May 2023 and attributed to Chinese state-sponsored threat actors.
Read Post
memcyco

What is Session Hijacking and 8 Ways to Prevent It

Dec 5, 2024 By Charlie Madere In Memcyco
What if there were a way to negate the effectiveness of multi-factor authentication (or even bypass secure login protocols) without ever cracking a password? Session hijacking offers attackers a tempting shortcut to user accounts, bypassing the usual security barriers. In 2022 alone, researchers scouring the shadier corners of the internet (like the dark web) found 22 billion device and session cookie records – each of which could help to enable session hijacking.
Read Post
mend

The @Solana/web3.js Incident: Another Wake-Up Call for Supply Chain Security

Dec 5, 2024 By Tom Abai In Mend
On December 2, 2024, the Solana community faced a significant security incident involving the @solana/web3.js npm package, a critical library for developers building on the Solana blockchain with over 450K weekly downloads. This blog post aims to break down the attack flow, explore how it happened, and discuss the importance of supply chain security.
Read Post
securitysenses

Navigating Cybersecurity Challenges in the Manufacturing Sector

Dec 5, 2024 By SecuritySenses In SecuritySenses
The manufacturing sector has seen a significant transformation in recent years, with increasing reliance on digital systems and interconnected devices to streamline operations. While this shift toward Industry 4.0 has brought efficiency and innovation, it has also introduced a new wave of cybersecurity threats. With cybercriminals targeting vulnerabilities in industrial networks, protecting sensitive data and systems has become a top priority for manufacturers.
Read Post

Data Detection and Response (DDR): Stopping an Attack in its Tracks

Dec 4, 2024 By Rubrik In Rubrik
In this episode of Into the Breach, host James Purvis dives into the cutting-edge world of Data Detection and Response (DDR) with data security expert Drew Russell. Together, they explore how DDR can halt cyberattacks in their tracks by combining autonomous asset inventory, user activity insights, and data classification for a comprehensive defense strategy.
View Video
CrowdStrike

The Rise of Cross-Domain Attacks Demands a Unified Defense

Dec 4, 2024 By Dana Larson In CrowdStrike
Modern adversaries are quiet. No longer reliant on clunky malware to breach their targets, they have adopted more subtle and effective methods to infiltrate businesses, move laterally and access critical applications, steal data, impersonate users and more. They are also gaining speed: The average eCrime breakout time, now just 62 minutes, has fallen in recent years as adversaries accelerate from initial intrusion to lateral movement.
Read Post
netwrix

A Comprehensive Look into Password Attacks and How to Stop Them

Nov 29, 2024 By Dirk Schrader In Netwrix
There are some things you want to keep private such as your bank account number, government ID number, etc. In the digital age, that includes the passwords that protect these accounts because once your account credentials are compromised, cybercriminals can get that information. That is why password attacks have become so prominent today.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.