cyber attacks

Cyber Attack Severity Rating System Established in U.K.

Posted on by Admin
Cyber Attack Severity Rating System Established in U.K.

A new rating system in the U.K. will classify the severity of cyberattacks on a scale from one to five, aiming to provide businesses and policymakers with more precise insights into the impact of cyber threats. The Cyber Monitoring Centre, an independent nonprofit organisation of industry experts, will assess incidents in real time and publish results for free. The system is designed to be easily understood, similar to the Saffir-Simpson hurricane scale, which categorises hurricanes…

Read More

Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts

Posted on by Admin
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts

Feb 05, 2025Ravie LakshmananCybersecurity / Cloud Security Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments. Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks. “Originally sourced from public repositories like GitHub, these tools are increasingly used in attacks like Adversary-in-the-Middle (AitM)…

Read More

Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

Posted on by Admin
Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

Dec 17, 2024Ravie LakshmananCyber Espionage / Malware A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT. “The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target machine to pull down further payloads,” Proofpoint researchers Nick Attfield, Konstantin Klinger, Pim…

Read More

Are Long-Lived Credentials the New Achilles' Heel for Cloud Security?

Posted on by Admin
Are Long-Lived Credentials the New Achilles' Heel for Cloud Security?

The head of security advocacy at Datadog, a cloud-based monitoring and analytics platform, has urged enterprises in Australia and the APAC region to accelerate phasing out long-lived credentials for popular hyperscale cloud services, warning that they remain a serious data breach risk. Speaking with TechRepublic, Andrew Krug highlighted findings from Datadog’s State of Cloud Security 2024 report, which identified long-lived credentials as a persistent security risk factor. While credential management practices are improving, Krug noted…

Read More

Number of Active Ransomware Groups Highest on Record

Posted on by Admin
Number of Active Ransomware Groups Highest on Record

This year has seen the highest number of active ransomware groups on record, with 58 attacking global businesses in the second quarter. Threat intelligence platform provider Cyberint has reported only a slight dip in the third quarter, with 57 active groups. Furthermore, in Q3, the top 10 ransomware groups were responsible for only 58.3% of all detected attacks. This reflects both the increase in the number of active groups in general and a decline in…

Read More

Global Cyber Attacks to Double from 2020 to 2024, Report Finds

Posted on by Admin
Global Cyber Attacks to Double from 2020 to 2024, Report Finds

On the first day of Cybersecurity Awareness Month in the U.S., research has revealed that the number of significant global cyber attacks in 2024 will be double that of 2020. A new report from insurer QBE, Connected Business: digital dependency fuelling risk, predicts that organisations will be hit by 211 disruptive and destructive cyber attacks this year. Disruptive incidents are reversible and only impact data availability, integrity, or access — such as distributed denial-of-service attacks….

Read More

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Posted on by Admin
Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Sep 25, 2024Ravie LakshmananEmail Security / Threat Intelligence Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations. As many as 15 breached email accounts have been identified as used…

Read More

New APT Group

Posted on by Admin
New APT Group

Jul 08, 2024NewsroomCyber Espionage / Cloud Security A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed out the differences in the malware source code. The attacks wield an innovative data-gathering program…

Read More

3 UK Cyber Security Trends to Watch in 2024

Posted on by Admin
3 UK Cyber Security Trends to Watch in 2024

Staying up to date with the latest in cyber security has arguably never been more paramount than in 2024. Financial services provider Allianz named cyber attacks this year’s biggest risk for business in the U.K. and a top concern for businesses of all sizes for the first time. However, many professionals are still in the dark about what the events in Q1 tell us about the cyber landscape for the rest of the year that…

Read More

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

Posted on by Admin
Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

Mar 05, 2024NewsroomEmail Security / Network Security The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this approach were observed on February 26 and 27,…

Read More
1 2 3 5