As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks. Every quarter, I’ve been covering the Quarterly Ransomware Reports from ransomware response company Coveware. In their latest report covering Q3 of this year, we get a greater sense of what trends their security researchers are seeing from the data: This last one is interesting.

A phishing campaign is exploiting a large number of.top domains, according to researchers from WhoisXML API. In an article for CircleID, the researchers analyzed a phishing operation first uncovered by security researcher Dancho Danchev. “Our DNS deep dive into the phishing campaign led to the discovery of 5,245 unreported potentially connected threat artifacts, a majority of which were.top domains,” the researchers write.

The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for 2023." This report sheds light on the alarming surge in phishing threats across email, web, and mobile channels. We will delve into the key findings and insights from the report, highlighting the growing influence of generative AI tools in cybercriminal activities. The Phishing Landscape: A Disturbing Uptick.

Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest. “In Q2 2023, spear phishing-related techniques represented the three most observed methods of attack,” the researchers write. “This remained true in Q3 2023, accounting for a total of almost 65% of all true-positive incidents.

An analysis of ransomware attacks on healthcare organizations from 2016 through October of 2023 shows the healthcare sector is likely to continue to suffer as a viable ransomware target. In the last seven years, there have been 539 confirmed ransomware attacks on U.S. hospitals, costing a total of around $77 billion. Consumer tech comparison website Comparitech performed an analysis of these attacks to show the trends – with both positive and negative results.

In an analysis of web pages identified as admin portals, some incredibly weak passwords were identified – and some of them are going to really surprise you. We all know the general drill with admin passwords – make them complex and long. Simple right? But a new analysis of admin passwords shows that IT admins seem to not be vigilant around good password hygiene.

The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.

As large organizations realize the likelihood of cyber attacks and improve their cyber readiness, small businesses are seeing increases not experienced by their larger counterparts. If I was to tell you that cyber attacks typically focus on larger businesses, you’d likely agree. After all, it just makes sense that the smaller the business, the likelihood that a cybercriminal’s earnings would be smaller. But, according to U.K.

Cybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing social engineering attacks, according to Eric Geller at the Messenger. “One of AI’s biggest advantages is that it can write complete and coherent English sentences,” Geller writes. “Most hackers aren’t native English speakers, so their messages often contain awkward phrasing, grammatical errors and strange punctuation.

Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns. “Octo Tempest is a financially motivated collective of native English-speaking threat actors known for launching wide-ranging campaigns that prominently feature adversary-in-the-middle (AiTM) techniques, social engineering, and SIM swapping capabilities,” the researchers write.