According to new research, a rising rate of coronavirus infections has been met with a declining rate of reported cybersecurity breaches. The finding, from the Identity Theft Resource Center (ITRC), shows that publicly reported US data breaches dropped 33% in the first half of 2020 compared with[...]
Credential stuffing is a type of cyberattack where stolen account credentials typically consisting of lists of usernames and/or email addresses and the corresponding passwords (often from a data breach) are used to gain unauthorized access to user accounts through large-scale automated login[...]
New vulnerabilities in open source packages were down 20% compared to last year suggesting security of open source packages and containers are heading in a positive direction, according to Snyk.Well known vulnerabilities, such as cross-site scripting, continue to be reported but aren’t impacting[...]
The complexity and size of DDoS attacks in 2019 has increased significantly compared to 2018. A report published by NaWas by NBIP concludes that despite the number of attacks has decreased slightly over 2019, their complexity and size has increased significantly.Slightly fewer DDoS attacks were[...]
Magecart attackers have compromised web shops belonging to large retail chains Claire’s and Intersport and equipped them with payment card skimmers.The compromise of Claire’s online store and that of its sister brand Icing has been flagged by Sansec researchers.The skimmer was served from a[...]
Cybersecurity researchers uncovered a new critical vulnerability affecting the Server Message Block (SMB) protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "wormable" bug, the flaw can be exploited to achieve remote code execution[...]
It can’t have escaped everyone's attention, since the move to the cloud the number of data breaches has gone through the roof. In this article, I’m going to run through why this is happening, why workplace policy won’t fix it, and what your organization can do to reduce the risk of being next.
There was a 37 percent increase worldwide in enterprise mobile phishing encounter rate between the fourth quarter of 2019 and the first quarter of 2020, according to Lookout.The report also shows that unmitigated mobile phishing threats could cost organizations with 10,000 mobile devices as much[...]
Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was among the victims.The revelation was made on Thursday, when Cisco published an advisory saying that, on May 7, 2020, they’ve[...]
Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows.Over the past six months, a surge of development activity on a malicious program known as Valak — traditionally used for loading other malware on[...]
