As budgets tighten in anticipation of economic hardships, cybersecurity threats only continue to grow. Bill Bernard, CISSP of Deepwatch, advises security leaders to consider how senior management and the board view cybersecurity and then adjust how you prioritize people, technology and managed services.
In this...
Uber is probing a hack attack after an intruder appeared to breach multiple internal systems, using the company's Slack messaging app to announce: "I am a hacker and Uber has suffered a data breach." The ride-hailing service has taken multiple systems offline while it investigates.
Invoice fraud. Payroll diversion. Gift card requests. Fraudulent wire transfers. Malicious attachments. These types of attacks have dominated the cybersecurity space for the past few years, as security leaders worldwide attempt to find ways to stop increasingly-sophisticated inbound threats.
But what about those...
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
Digital identities a – particularly the TLS certificates throughout your organization – are used by
machines to authenticate machine-to-machine communications. But they also protect machines
through consistent, trusted encryption.
When these machine identities fail, organizations experience outages. Even...
Cloud collaboration suites like Microsoft 365 are critical to business success, but have become significant entry points for potential exploitation. Just as your team relies on email and collaboration tools to accomplish their goals, so too do sophisticated threat actors. And while the built-in security of Microsoft...
Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.
Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.
The average person believes using Multi-Factor Authentication (MFA) makes them significantly less likely to be hacked. That is simply not true! Hackers can bypass 90-95% of MFA solutions much easier than you would think. Using a regular looking phishing email, they can bypass MFA just as easily as if it were a simple...
An updated version of the Russian-linked SOVA Android Trojan is back with updated attack techniques targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets. Researchers at Cleafy uncovered that the Trojan now also features ransomware capabilities.
As promised in Q1, here’s the Q2 Expel Quarterly Threat Report! Just like last quarter, this report surfaces the most significant data we’re seeing in our threat detection and response efforts, curates that data into trends that can impact your cybersecurity posture, and offers resilience recommendations to...
It feels like we hear about a new devastating cyberattack in the news every day, and attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard “click and infect” attack vectors?
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and...
Fraudsters have one key aim: to make the most money with the least effort.
The types of fraud consistently evolve to pick off the easiest targets. As digital identity and transaction monitoring solutions have become more advanced, fraudsters have faced an increasingly robust barrier to brute force account takeover...
The adoption of digital platforms shows no signs of slowing down as consumers embrace the convenience of mobile channels in Asia-Pacific region. What has also become clearly apparent from analysis of the LexisNexis® Digital Identity Network®, is that fraud is on the rise as consumer confidence returns.
In...
The past few years have shown us a tremendous shift in BEC attacks, which changed its strategies from Executive Impersonation to opting to impersonate third party vendors and suppliers instead. This shift has given the threat actors a plethora of additional trusted identities to exploit.
This Threat Intelligence...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
