Cyberattacks

Detecting and Preventing Reconnaissance Attacks

May 2, 2024 By SecuritySenses In SecuritySenses

In 2024, every business across the world is already aware of the looming potential of a cyber attack. With billions of dollars pouring into the cyber criminal market each year, hackers have more backing to create large-scale attacks, breaching financial records, private data, and customer information. Reconnaissance attacks are the first step in many of these major breaches. By scouting out a business, collecting information about its security posture, and aiming to identify vulnerabilities, these initial attacks give hackers the data they need to launch precise, damaging attacks.

Read Post

SecuritySenses

Read more about Detecting and Preventing Reconnaissance Attacks

What is DLL Hijacking? How to Identify and Prevent DLL Hijacking?

May 2, 2024 By SignMyCode In SignMyCode

Ever happened – you clicked a random link by mistake but discovered your system working strangely? Maybe some programs crash, data goes missing, or pop-ups plague your screen. It could be a malicious threat within your system, or simply, your system is the victim of a DLL Hijacking. DLL Hijacking is a type of cyberattack that allows the attacker to steal your data or even take control of your system.

Read Post

SignMyCode

Read more about What is DLL Hijacking? How to Identify and Prevent DLL Hijacking?

What is Unrestricted Code Execution? How to Defend Organizations Against this Attack?

May 2, 2024 By SignMyCode In SignMyCode

Nowadays, with more organizations and individuals relying heavily on third-party software to execute their high-priority and covert tasks, the risks of data breaches or cyber-attacks are becoming a serious issue. A cyber attack is basically an attempt by cybercriminals, hackers, or other digital adversaries to access a computer network or system with a willingness to expose, alter, steal, or destroy your million-dollar information.

Read Post

SignMyCode

Read more about What is Unrestricted Code Execution? How to Defend Organizations Against this Attack?

What Is a Silver Ticket Attack?

May 2, 2024 By Jaryeong Kim In Keeper

A ticket in cybersecurity is a set of credentials used to authenticate users. A silver ticket is a forged ticket an unauthorized user creates. With this forged silver ticket, threat actors can launch a cyber attack that involves exploiting the weaknesses of a Kerberos authentication system. In this system, a Ticket Granting Service (TGS) serves as the credential token, granting authorized users access to particular services.

Read Post

Keeper

Read more about What Is a Silver Ticket Attack?

Navigating the Masquerade: Recognizing and Combating Impersonation Attacks

May 1, 2024 By Stu Sjouwerman In KnowBe4

With all great power, there comes an equal potential for misuse. Among the sophisticated arsenal of threat actors, impersonation attacks have surged to the forefront, which questions our sense of trust.

Read Post

KnowBe4

Read more about Navigating the Masquerade: Recognizing and Combating Impersonation Attacks

JFrog Security research discovers coordinated attacks on Docker Hub that planted millions of malicious repositories

Apr 30, 2024 By Andrey Polkovnichenko In JFrog

As key parts of the software ecosystem, and as partners, JFrog and Docker are working together to strengthen the software ecosystem. Part of this effort by JFrog’s security research team involves continuous monitoring of open-source software registries in order to proactively identify and address potential malware and vulnerability threats.

Read Post

JFrog

Read more about JFrog Security research discovers coordinated attacks on Docker Hub that planted millions of malicious repositories

Preventing Magecart Attacks Through Supply Chain Vulnerabilities

Apr 30, 2024 By Nethanel Gelernter April 30th, 2024 In IONIX

The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that is depended on for a particular first-party service (such as your website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.

Read Post

IONIX

Read more about Preventing Magecart Attacks Through Supply Chain Vulnerabilities

Shamane Tan on cyber resilience - Cyber Security Decoded

Apr 30, 2024 By Rubrik In Rubrik

Bouncing back from a cyber incident, data breach or #ransomware attack is a great accomplishment…but how can you bounce forward? A complete Cyber Resilience strategy is mission-critical. Security teams should be proactive and have response plans in place for when #CyberAttacks hit, rather than attempting to prevent attacks from occurring. With a #CyberResilience strategy, your team will be equipped with a plan when a cyber incident occurs while also having tools to identify those malicious attacks before they happen.

View Video

Rubrik

Read more about Shamane Tan on cyber resilience - Cyber Security Decoded

What is MFA bombing? Apple users were targeted using this phishing technique

Apr 29, 2024 By Luis Corrons In Avast

Some Apple users have reported phishing attacks using the password reset feature.

Read Post

Avast

Read more about What is MFA bombing? Apple users were targeted using this phishing technique

Targeted Smishing Attacks by Threat Group "The Com" On The Rise

Apr 29, 2024 By Stu Sjouwerman In KnowBe4

Cyber activity by the group "The Com," which leverages (SIM) swapping, cryptocurrency theft, swatting, and corporate intrusions, is increasing. Security researchers at Intel471 have published an analysis of the threat group, “The Com” (short for “The Community”), providing details about their targets and tactics. Operating mostly from Canada, the U.S.

Read Post