According to our most recent cloud security report, most cloud security incidents are the result of compromised credentials for either human or non-human identities. Once an attacker successfully controls an identity, such as a highly privileged user account, they can quickly move to other areas of an environment, including prevalent targets like sensitive data stores. This pattern of behavior is similar across all cloud platforms and services.

In today’s cyber attack scene, data often takes a detour – straight through hackers’ systems. Unlike phishing or ransomware, which aim to trick users into handing over credentials or stealing data directly from systems, a Man-in-the-Middle (MitM) attack involves an unseen intermediary trying to fool each of two parties into thinking he’s the other one, capturing and/or altering information communicated between the parties, etc.

Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.

Imagine leaving your car key at a public place, only to drop your keys when exiting the vehicle. Someone picks them up and drives away. They speed through a school zone and are caught on camera. Later, the car is used in a robbery. Now, you’re not only missing your car but also wrongly implicated in criminal activities.

Blind Cross-Site Scripting is a type of Cross-Site Scripting attack in which the injected script is executed in the context of another page and different circumstances compared to the page in which it was inserted. Blind XSS differs from regular XSS attacks as the attacker cannot see the effect of the injected script in his or her browser since the script is executed in a place that the attacker can not access.

It is more important than ever to protect websites from hacking in today's digital world. One common type of attack is the Ping Flood, also called the "Ping of Death." This is when a lot of ping requests are sent to a website's server at once, slowing it down or even crashing it. Attacks like these are more likely to happen as websites get busier and more complicated. This is why it's important to have strong defenses in place.

In today’s digital environment, encrypted traffic has become the norm, with over 90% of web communications now utilizing encryption. While this secures data in transit, it has become a blind spot for enterprises, enabling attackers to hide malware within encrypted channels. According to the Q3 2024 Cato CTRL SASE Threat Report, organizations that enable TLS inspection block 52% more malicious traffic than organizations than don’t.

The IT industry has seen an unshakable surge in malware attacks. According to SonicWall’s 2022 Cyber Threat Report, almost 2.8 billion malware attacks were detected in 2022. Approximately 30% of these malware attacks were carried out using emails containing malicious links and attachments. On June 10, 2022, one such malware, Dark Crystal, also known as DCRat, jolted Ukraine. It is a remote access Trojan (RAT) that has been receiving regular upgrades and new modules since 2018.