Read also: Former AT&T employee arrested for fraud, two Indians charged in fraud tech support scheme, and more.

For an enterprise business, the holidays can be a mixed bag. On the one hand, depending on your industry, you’re either winding down or doing the most business you’ll do all year. On the other, you’re especially vulnerable to holiday hacking attempts. Your customer data makes your organization an attractive target at a time when employee vacation time and office closures mean you have fewer employees to guard against holiday hackers.

Read also: Germany disrupts the BadBox malware operation, Raccoon malware operator sentenced, and more.

The holidays are a busy time for cyber attackers. They rely on distracted workers and lax security systems to breach an organization’s defenses. Then, they deploy ransomware or perform smash-and-grab operations on as much information as they can get their hands on. Either way, the goal is the same: profiting from a brief moment of weakness in your cybersecurity defenses. If you’re wondering how to prevent hacking during this hectic time of year, Lookout is here to help.

Salt Typhoon, a Chinese state-sponsored hacking group, has emerged as one of the most significant cyber threats to U.S. critical infrastructure. Initially identified in 2020, with increased recognition of their activities in 2021, the group has been linked to high-profile cyber espionage campaigns targeting U.S. telecommunications companies.

We witness a sharp surge in website security risks, as highlighted in the latest State of Application Security 2023 Annual Report. AppTrana WAAP blocked over 6 billion attacks across 1400+ websites under its protection. Every website is at risk, regardless of whether it is a simple blog, a portfolio showcase, a small cupcake business, or a dynamic e-commerce platform. Why would someone hack my website? How do hackers check if my website is hackable? How do websites get hacked?

For security leaders, staying vigilant and prepared is like wielding a well-crafted spellbook. OWASP, MITRE ATT&CK, and threat research are the critical chapters in this spellbook that leaders need to leverage to anticipate and counter emerging threats effectively, because you can’t afford for your organization to be ensnared by threats that could have been foreseen.

When we’re away from the security of our homes and workplaces, we will often let our guard down when we’re surfing online. Whether relaxing in your favorite coffee shop, or living the dream at your favorite vacation spot, the last thing on your mind is getting hacked. But this is when a Wi-Fi hacker can achieve the most success because despite the risks of public Wi-Fi, 81% will happily connect to it, and 99% will connect without a VPN.

Hacktivism – the practice of carrying out cyberattacks to advance political or social goals – is not new. Hacktivist attacks go as far back as the 1980s. Yet today’s hacktivists often look and operate in ways that are markedly different from their predecessors. They’ve embraced new techniques, they often have more resources at their disposal and they can prove more challenging to stop.

The latest trend in cybercrime is that attackers don't really focus on “hacking” in; they’re logging in. We see this now in the wild, driven by organized criminal groups like Scattered Spider and BlackCat, who’ve reemerged with a renewed focus on gaining access through legitimate means, often exploiting help desks and social engineering tactics.