Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

New analysis of a phishing campaign shows how cybercriminals use brand impersonation of the platforms they need to compromise accounts and takeover legitimate services. Every day there seems to be a new term for yet another creative attack technique. The latest is phishception (a play on words from the movie Inception) coined by security analysts at cybersecurity company Netcraft.

I have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the hacker/malware space since I began. The same threats that were a problem then are the same problems now. Social engineering and unpatched software (and firmware) have long been the two biggest initial root causes for hacking…for decades.

Cybersecurity is a pressing topic of concern for most organizations today, as any amount of sensitive data or digital assets can present a security risk. Understanding the digital landscape, threat trends, and the way they change over time is an essential step in defending against cyberattacks. It can be daunting for any organization to stay in the loop and maintain perspective on cyberthreats and security practices.

What is the greatest cyber risk in the world right now? Ransomware? Business Email Compromise? Maybe AI? Well, the last one is pretty close. According to the World Economic Forum, misinformation and disinformation are the most severe global risks of the next two years. In their Global Risks Report 2024, the WEF posited that the post-pandemic world is at a "turning point," with the two key problems possessing the power to do everything, from challenging mental health to eroding human rights.

What is CSPM? Cloud Security Posture Management is about identifying and remediating security misconfigurations and risks to (IaaS) Infrastructure as a Service or (PaaS) Platform as a service environments.

Some of the most common ways ransomware is delivered are through phishing emails, drive-by downloads, exploit kits and RDP exploits. According to Malwarebytes’ 2024 State of Malware report, in 2023 the number of known ransomware attacks increased by 68% from the previous year. The report also found that the largest ransom demanded in 2023 was $80 million.

We all know cybersecurity is a team sport—one that is enhanced and optimized by the collective knowledge of a committed community.