[ad_1] Cloud account threats increased 16-fold in 2023, with attackers adopting new techniques in these environments, according to Red Canary’s 2024 Threat Detection Report. Researchers found that detections associated with T1078.004: Cloud Accounts, the MITRE ATT&CK technique for cloud account compromises, was the fourth most... Continue reading
Return to previous page
Page 15
[ad_1] Microsoft fixed 60 vulnerabilities in this month’s Patch Tuesday security update round, including just two critical bugs. These both affect Windows Hyper-V. CVE-2024-21407 enables attackers to escape from a Hyper-V guest virtual machine (VM) and achieve remote code execution (RCE) on the Hyper-V host,... Continue reading
[ad_1] A malicious campaign has been observed exploiting the blockchain-based Meson service for illicit gains ahead of the crypto token unlock planned for March 15. The campaign, discovered by the Sysdig Threat Research Team (TRT), saw an attacker swiftly create 6000 Meson Network nodes using... Continue reading
[ad_1] Accelerating competition between nation-states, regional conflicts with far-reaching impact, and non-state threat actors with unprecedented capabilities are three of the main cyber threats the US intelligence community (IC) will face over the next few months. This is according to the Office of the Director... Continue reading
[ad_1] A recent study conducted by Kaspersky Security Assessment experts has revealed the most prevalent vulnerabilities in corporate web applications developed in-house. Spanning the years between 2021 and 2023, the study identified numerous flaws, predominantly in the realms of access control and data protection, across... Continue reading
[ad_1] Over three-quarters of cyber incidents impacted small businesses in 2023, with ransomware having the biggest impact on these firms, according to a new Sophos report. The notorious LockBit group made up the highest number of small business ransomware incidents handled by Sophos Incident Response... Continue reading
[ad_1] Impersonated accounts on X (formerly Twitter) have been blamed for the majority of cryptocurrency phishing attacks last month, with victims losing almost $47m. Anti-fraud specialist Scam Sniffer claimed in its monthly Scam Sniffer Phishing Report that cybercriminals stole nearly $46.9m from just over 57,000... Continue reading
[ad_1] The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA) in place to stop the attackers, despite previous warnings about these risks. This is according to a British Library report that sheds new light... Continue reading
[ad_1] The BianLian threat actor has been observed shifting toward extortion-only activities, according to recent findings by GuidePoint’s Research and Intelligence Team (GRIT). Following Avast’s release of a decryptor for BianLian in January 2023, the group has altered its tactics. In a recent incident response,... Continue reading
[ad_1] Security researchers have uncovered a trend involving the exploitation of 1-day vulnerabilities, including two in Ivanti Connect Secure VPN. The flaws, identified as CVE-2023-46805 and CVE-2023-21887, were quickly exploited by multiple threat actors, leading to various malicious activities. Tracking these exploits, the Check Point... Continue reading