Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months. “Attackers have developed tools to craft high quality large scale attacks that target the browser,” the researchers write. “Cybercrime tools, such as phish kits (PhaaS) and ransomware-as-a-service kits (RaaS), have simplified the process of launching sophisticated attacks.

In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that recently breached Microsoft's email system. This disclosure comes just a week after Microsoft reported a similar intrusion, putting the spotlight back on this notorious hacking group.

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend will persist into 2024. I love it when vendors put out a yearly summary, and do it in the first month of the next year! The data is relevant and helps paint a picture of what the industry should expect in the near future. In Cyberint’s 2023 Ransomware Recap report, we find that ransomware had quite the year.

Users are becoming increasingly aware of where and how their information is shared, and their concerns regarding the need to keep that data private are growing in turn. Digitalization, rising daily averages for time spent on the Internet and connected devices, along with the ongoing proliferation of cyberattacks, have made individuals more cautious than ever when it comes to providing information online – and rightfully so.

Technology is a crucial part of today’s healthcare and pharmaceutical industries. Advances in medical devices, data use, and interconnected systems have significantly improved patient care, reduced costs, and increased efficiency. However, as the sector’s reliance on technology grows, so does the risk of cyberattacks.

Trustwave SpiderLabs is tracking a spike in usage of the Greatness phishing kit to attack Microsoft 365 users to distribute malicious HTML attachments that steal login credentials. Greatness is a phishing-as-a-service platform developed by a threat actor known as "fisherstell," and has been available since mid-2022 that provides a ready-made infrastructure and tools for anyone to launch phishing campaigns charging $120 per month in Bitcoin.

Data privacy continues to be a hot topic as we become more connected via our devices and even in Virtual or Augmented realities. Technology advancements bring many questions, including how technology protects data (if at all) and how people can ensure their data remains secure. Fortunately, there is a wealth of resources on online privacy out there.

You may have heard more about the SEC Form 8-K recently due to changes that went into effect on Dec 16, 2023. From the SEC’s press release.

As a CurrentWare customer, these quarterly product updates are included at no additional cost as a part of your subscription. Need help upgrading? Our team is here to assist you every step of the way. We offer comprehensive documentation, training resources, and personalized support to ensure a smooth transition. Should you have any questions or need further assistance, please reach out to our support team.

The stark reality of cybersecurity today isn’t merely a question of advanced software or strategic counterattacks. It’s about people. The financial impact is undeniable with cybercrime costs projected to reach an astonishing $10.5 trillion annually by 2025. Yet, beneath these figures lies a more pressing issue: the exploitation of human psychology.