attacks - Security Ticks

Record-breaking $75 million ransom paid to cybercrime group

attacks, Barrier Networks, extortion, law enforcement, News, Ransomware, report, zero trust, Zscaler / SecurityTicks

Record-breaking $75 million ransom paid to cybercrime group 2024-08-02 at 07:01 By Help Net Security Ransomware attacks have reached new heights of ambition and audacity over the past year, marked by a notable surge in extortion attacks, according to a Zscaler. The findings from the report uncovered a record-breaking ransom payment of $75 million to […]

React to this headline:

Record-breaking $75 million ransom paid to cybercrime group Read More »

Hackers stole call, text records of “nearly all” of AT&T’s cellular customers

account protection, AT&T, attacks, cloud security, cybercrime, data breach, Don't miss, Hot stuff, News, Privacy, Snowflake / SecurityTicks

Hackers stole call, text records of “nearly all” of AT&T’s cellular customers 2024-07-12 at 15:31 By Zeljka Zorz Hackers leveraging stolen Snowflake account credentials have stolen records of calls and texts made by “nearly all” of AT&T’s cellular customers from May to October 2022, the company has confirmed. “The data does not contain the content

React to this headline:

Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Read More »

Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella

attacks, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Mercury Risk And Compliance, News, opinion, regulation, risk, strategy / SecurityTicks

Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella 2024-07-09 at 07:31 By Help Net Security Microsoft is suffering cybersecurity failures due to systemic problems with strategic leadership. The world is witnessing an alarming trend of cybersecurity issues with Microsoft products and services. Over the past several years, Microsoft has suffered several serious attacks with

React to this headline:

Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella Read More »

Why every company needs a DDoS response plan

attacks, cybercriminals, cybersecurity, DDoS, Don't miss, Features, Government, Hot stuff, Netscout, News, opinion, strategy, Threat Intelligence / SecurityTicks

Why every company needs a DDoS response plan 2024-07-01 at 08:02 By Mirko Zorz In this Help Net Security interview, Richard Hummel, Senior Threat Intelligence Manager at NETSCOUT, discusses how companies can overcome the challenges of identifying and mitigating DDoS attacks. He stresses the need for adaptive, multilayered defense strategies and the inevitability of a

React to this headline:

Why every company needs a DDoS response plan Read More »

Future trends in cyber warfare: Predictions for AI integration and space-based operations

Artificial Intelligence, attacks, cybersecurity, Cyberwarfare, Don't miss, Features, Hot stuff, News, opinion, SentinelOne, strategy / SecurityTicks

Future trends in cyber warfare: Predictions for AI integration and space-based operations 2024-06-26 at 06:36 By Mirko Zorz In this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors. AI enhances decision-making speed and precision for state actors, facilitating

React to this headline:

Future trends in cyber warfare: Predictions for AI integration and space-based operations Read More »

New security loophole allows spying on internet users’ online activity

attacks, cybersecurity, Don't miss, Graz University of Technology, Hot stuff, News, Privacy, research, vulnerability / SecurityTicks

New security loophole allows spying on internet users’ online activity 2024-06-25 at 13:16 By Help Net Security Researchers at Graz University of Technology were able to spy on users’ online activities simply by monitoring fluctuations in the speed of their internet connection. This vulnerability, known as SnailLoad, does not require malicious code to exploit, and

React to this headline:

New security loophole allows spying on internet users’ online activity Read More »

Low code, high stakes: Addressing SQL injection

Application Security, attacks, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, News, Nokod Security, opinion, software development, SQL injection / SecurityTicks

Low code, high stakes: Addressing SQL injection 2024-06-17 at 08:01 By Help Net Security Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source of web application vulnerabilities. Reasons include human error, new technologies

React to this headline:

Low code, high stakes: Addressing SQL injection Read More »

20,000 FortiGate appliances compromised by Chinese hackers

attacks, China, Don't miss, enterprise, Fortinet, Government, government-backed attacks, hardware, Hot stuff, Malware, News, Remote Access Trojan / SecurityTicks

20,000 FortiGate appliances compromised by Chinese hackers 2024-06-12 at 14:16 By Zeljka Zorz Coathanger – a piece of malware specifically built to persist on Fortinet’s FortiGate appliances – may still be lurking on too many devices deployed worldwide. How Coathanger persists on FortiGate devices In February 2024, the Dutch Military Intelligence and Security Service (MIVD)

React to this headline:

20,000 FortiGate appliances compromised by Chinese hackers Read More »

Key questions to ask when tailoring defensive stacks

attacks, cybersecurity, Don't miss, Hot stuff, risk assessment, strategy, threat, Tidal Cyber, Video / SecurityTicks

Key questions to ask when tailoring defensive stacks 2024-05-15 at 06:31 By Help Net Security In this Help Net Security video, Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, outlines the questions you need to ask your security team when tailoring a defense stack against your current threat landscape. Small talks about what

React to this headline:

Key questions to ask when tailoring defensive stacks Read More »

Are you meeting your cyber insurance requirements?

attacks, backup, Clumio, cyber insurance, cybersecurity, Don't miss, Hot stuff, patching, policy, security controls, strategy, tips, Video / SecurityTicks

Are you meeting your cyber insurance requirements? 2024-05-14 at 06:31 By Help Net Security Cyber insurance policies are specifically designed to offer financial protection to organizations in the face of cyber attacks, data breaches, or other cybersecurity incidents. While they can provide a sense of security, it’s crucial to be aware of their limitations. In

React to this headline:

Are you meeting your cyber insurance requirements? Read More »

Triangulation fraud: The costly scam hitting online retailers

Artificial Intelligence, attacks, authentication, biometrics, cybersecurity, Don't miss, Features, fraud, Hot stuff, News, online payment, opinion, remote access, scams, Visa / SecurityTicks

Triangulation fraud: The costly scam hitting online retailers 2024-04-30 at 08:01 By Mirko Zorz In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, estimating monthly losses to range from $660 million to $1 billion among merchants. He also highlights the

React to this headline:

Triangulation fraud: The costly scam hitting online retailers Read More »

Okta warns customers about credential stuffing onslaught

account hijacking, account protection, attacks, credentials, Don't miss, Hot stuff, News, Okta / SecurityTicks

Okta warns customers about credential stuffing onslaught 2024-04-29 at 14:01 By Zeljka Zorz Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. Abuse of proxy networks “In credential stuffing attacks, adversaries attempt to sign-in to

React to this headline:

Okta warns customers about credential stuffing onslaught Read More »

Researchers unveil novel attack methods targeting Intel’s conditional branch predictor

attacks, chip, cybersecurity, hardware, Intel, News, software / SecurityTicks

Researchers unveil novel attack methods targeting Intel’s conditional branch predictor 2024-04-29 at 13:46 By Help Net Security Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry research team led

React to this headline:

Researchers unveil novel attack methods targeting Intel’s conditional branch predictor Read More »

Fuxnet malware: Growing threat to industrial sensors

attacks, critical infrastructure, cybersecurity, Don't miss, Hot stuff, Malware, network, Phosphorus Cybersecurity, sensors, Video / SecurityTicks

Fuxnet malware: Growing threat to industrial sensors 2024-04-22 at 07:01 By Help Net Security In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the vulnerability of sensor networks and the outsized impact these attacks can have on

React to this headline:

Fuxnet malware: Growing threat to industrial sensors Read More »

Authorities take down LabHost, phishing-as-a-service platform

attacks, cybercrime, cybercriminals, Europol, law enforcement, News, phishing / SecurityTicks

Authorities take down LabHost, phishing-as-a-service platform 2024-04-18 at 12:01 By Help Net Security Law enforcement from 19 countries severely disrupted one of the world’s largest phishing-as-a-service platform, known as LabHost. This year-long operation, coordinated at the international level by Europol, resulted in the compromise of LabHost’s infrastructure. International investigation disrupts phishing-as-a-service platform LabHost Between Sunday

React to this headline:

Authorities take down LabHost, phishing-as-a-service platform Read More »

Geopolitical tensions escalate OT cyber attacks

attacks, CISO, critical infrastructure, cybersecurity, Don't miss, Features, GISEC, Government, Hot stuff, ICS/SCADA, News, opinion, Ransomware, strategy, threats / SecurityTicks

Geopolitical tensions escalate OT cyber attacks 2024-04-15 at 07:31 By Mirko Zorz In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attacks and their 2024 Threat Report. He examines how global geopolitical tensions and evolving ransomware tactics are reshaping industrial cybersecurity. He sheds light

React to this headline:

Geopolitical tensions escalate OT cyber attacks Read More »

Enterprises increasingly block AI transactions over security concerns

Artificial Intelligence, attacks, ChatGPT, cybersecurity, Data Protection, generative AI, News, report, Zscaler / SecurityTicks

Enterprises increasingly block AI transactions over security concerns 2024-03-28 at 07:31 By Help Net Security Enterprises must secure a transformation driven by generative AI (GenAI) bidirectionally: by securely adopting GenAI tools in the enterprise with zero trust while leveraging it to defend against the new AI-driven threat landscape, according to Zscaler. AI has already become

React to this headline:

Enterprises increasingly block AI transactions over security concerns Read More »

Strengthening critical infrastructure cybersecurity is a balancing act

access control, attacks, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, information sharing, News, opinion, regulation, resilience, strategy, zero trust / SecurityTicks

Strengthening critical infrastructure cybersecurity is a balancing act 2024-03-26 at 07:31 By Mirko Zorz In this Help Net Security interview, Aaron Crow, Senior Director at MorganFranklin Consulting, discusses critical infrastructure cybersecurity strategies, barriers to threat information sharing, and innovative technologies enhancing resilience against cyberattacks. How do current cybersecurity strategies address the critical infrastructure sectors’ unique

React to this headline:

Strengthening critical infrastructure cybersecurity is a balancing act Read More »

Key MITRE ATT&CK techniques used by cyber attackers

attacks, Cloud, credentials, cybersecurity, Email, identity, News, Ransomware, Red Canary, report / SecurityTicks

Key MITRE ATT&CK techniques used by cyber attackers 2024-03-15 at 11:01 By Help Net Security While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. The report tracked MITRE ATT&CK techniques that adversaries abuse

React to this headline:

Key MITRE ATT&CK techniques used by cyber attackers Read More »

The most concerning risks for 2024 and beyond

Artificial Intelligence, attacks, burnout, cloud security, Compliance, cybersecurity, Don't miss, generative AI, Hot stuff, Incident Response, Ransomware, risk, Tanium, Video / SecurityTicks

The most concerning risks for 2024 and beyond 2024-03-13 at 07:13 By Help Net Security In this Help Net Security video, Melissa Bischoping, Director, Endpoint Security Research at Tanium, discusses the most concerning risks for 2024 and beyond, from both an internal and external perspective. The post The most concerning risks for 2024 and beyond

React to this headline:

The most concerning risks for 2024 and beyond Read More »