Researchers at Veriti have observed hundreds of spoofed domains following Meta’s launch of its Threads social media platform. “In recent weeks, we have observed a surge in the creation of suspicious domains, with over 700 domains related to Threads being registered daily,” the researchers write.
Using a new twist to bypass detection from security solutions, cyber attacks are now employing what will be construed as a benign image whose malicious intent can’t be traced. Threat actors need some means of getting a user to engage with malicious content – whether an attachment, link, or phone call, there needs to be some content within an email that provides the victim user with their next step.
As the rate of ransomware attacks steadily increased over time, there are clear indicators as to how these attacks are starting and, therefore, what can be done to stop them. With the exception of the Verizon Data Breach Investigations Report, we rarely get insight into specific industry verticals.
David Heinemeier Hansson lays out the economic case for why application providers should leave the cloud in a recently published blog post. It’s a powerful argument that needs to be heard by IT vendors and IT buyers, whether they are purchasing cloud applications or SASE services. Hansson is the co-owner and CTO of 37Signals, which makes Basecamp, the project management software platform, and Hey, an email service.
Cybersecurity liability insurance has progressed dramatically since the first bona fide policies emerged in the late 1990s. Some of the greatest changes that have occurred in recent years include insurance companies no longer insuring against state-sponsored attacks or ransomware events. The insurers do not want to become part of a cyber-war.
There’s nothing that makes you feel older than realizing how much of your life you have dedicated to a single topic. At what point do you consider yourself an expert? After more than 17 years in vulnerability management, I’m starting to come around to the idea that I might be an expert in the field. Although, the main reason I feel that way is because, at this point, I’ve seen pretty much everything.
In a chilling reminder of the relentless threat posed by hackers and cybercriminals, not even the aviation industry is safe from their clutches. Recent reports have shed light on a grave security breach, as unauthorized individuals gained access to vital pilot credentials within two prominent American aviation companies. The far-reaching impact of this breach serves as a stark warning to businesses across all domains: no data is safe from the clutches of malicious actors.
Truebot infects networks throughout the US and Canada, Charming Kitten targets new operating systems, and SmugX targets European government entities.
Business Email Compromise (BEC) is a targeted cyberattack in which a cybercriminal poses as a trusted figure, such as the CEO of a company, and sends out an email to specific individuals requesting sensitive information or money. BEC attacks involve research and preparation in order for the cybercriminal to develop a convincing impersonation. Continue reading to learn more about business email compromise and what organizations should do to prevent this type of attack.
