Europe: The DDoS battlefield
DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal, according to …
Attack automation becomes a prevalent threat against APIs
The second half of 2022 marked a significant turning point in the security landscape. In several high-profile incidents, application programming interfaces (APIs) emerged as a …
Bad bots are coming for APIs
In 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year, according to Imperva. The proportion of human traffic (52.6%) decreased to its …
Refined methodologies of ransomware attacks
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when …
Prevent attackers from using legitimate tools against you
Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. …
Attackers are logging in instead of breaking in
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos. The data, analyzed from more than 150 Sophos Incident Response (IR) cases, …
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)
An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …
Dangerous misconceptions about emerging cyber threats
Organizations are leaving common attack paths exposed in their quest to combat emergent threats, according to Cymulate. The most concerning cyber threats The report delves …
Visa fraud expert outlines the many faces of payment ecosystem fraud
In this Help Net Security interview, Michael Jabbara, the VP and Global Head of Fraud Services at Visa, delves into digital skimming attacks, highlighting their common causes, …
Detecting face morphing: A simple guide to countering complex identity fraud
Our reliance on face matching for identity verification is being challenged by the emergence of artificial intelligence (AI) and facial morphing technology. This technique …
How two-step phishing attacks evade detection and what you can do about it
Phishing attacks have become increasingly prevalent and sophisticated, making it more difficult for individuals to protect themselves from these scams. In this Help Net …
Virtual patching: Cut time to patch from 250 days to <1 day
Unpatched vulnerabilities are responsible for 60% of all data breaches. The Department of Homeland Security has estimated that the proportion of breaches stemming from …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act