Who are the biggest targets of credential stuffing attacks?
Media organizations, gaming companies, and the entertainment industry are among the biggest targets of credential stuffing attacks, in which malicious actors tap automated …
Finance knocks business and professional services off top spot in four most attacked industries
Finance is the most attacked sector in EMEA, accounting for 30% of all attacks – compared to 17% globally, according to NTT Security. It knocks business and professional …
Only 12% of enterprises are consistently able to detect insider threats
73 percent of IT professionals believe that insider attacks have become more frequent in the past year. Additionally, 59 percent said that their organizations experienced at …
Attackers fighting back against security teams while also targeting supply chains
According to the world’s leading IR professionals, increasingly sophisticated attacks involving instances of “island hopping,” counter incident response (IR), and lateral …
As fraud attacks grow more sophisticated, a need for contextual detection strategies increases
Fraudsters are using a complex array of tools to build armies of fake accounts, 74% of all fraudulent accounts are created from desktops, and cloud service provider IP ranges …
Zero-day Chrome/Windows combo actively exploited in the wild
We now know why a number of Googlers made a point to urge users to implement the latest Chrome update as soon as possible: the vulnerability (CVE-2019-5786) is definitely …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
New privacy-breaking attacks against phones on 4G and 5G cellular networks
Three new attacks can be used to track the location and intercept calls of phone users connected to 4G and 5G cellular networks, researchers from Purdue University and The …
A new taxonomy for SCADA attacks
Attacks aimed at SCADA networks are still much rarer than those targeting IT networks, but the number is slowly rising. And, according to Radiflow CTO Yehonatan Kfir, …
Cisco security appliances under attack, still no patch available
A vulnerability (CVE-2018-15454) affecting a slew Cisco security appliances, modules and firewalls is being exploited in the wild to crash and reload the devices, the company …
Criminals can compromise company networks by sending malicious faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments