Tag

Cyberattacks

All articles tagged with #cyberattacks

Identity as the Perimeter: The Hidden Gate in Cyber Breaches
technology8 days ago

Identity as the Perimeter: The Hidden Gate in Cyber Breaches

A sponsored Visual Capitalist infographic (in partnership with Unit 42 by Palo Alto Networks) outlines how cyberattackers breach systems by exploiting identity. Identity-based techniques drive about 65% of initial access, with social engineering and credential misuse leading the way, and 90% of recent investigations showing identity weaknesses as material. Once inside, over-privileged identities and token abuse enable rapid lateral movement, making identity the practical perimeter. Defenses recommended include phishing-resistant MFA (passkeys/FIDO2), rotating machine credentials, shorter sessions, just-in-time elevation for admins, and cross-cloud identity telemetry to detect unusual access chains.

China Launches Over 2.6 Million Daily Cyberattacks on Taiwan in 2025
world1 month ago

China Launches Over 2.6 Million Daily Cyberattacks on Taiwan in 2025

The NSB reports a significant increase in Chinese cyberattacks on Taiwan's critical infrastructure in 2025, with attacks averaging 2.63 million daily attempts, especially targeting energy and emergency sectors, employing tactics like vulnerability exploitation, DDoS, social engineering, and supply chain attacks, involving major hacker groups and international cooperation to enhance cybersecurity defenses.

Top Password Blunders and Risks in 2025
technology3 months ago

Top Password Blunders and Risks in 2025

The article highlights various high-profile security failures caused by weak passwords, including a Louvre CCTV breach, a US pipeline ransomware attack, nuclear launch code vulnerabilities, a UK business collapse due to hacking, and scandals involving phone hacking and political data breaches, emphasizing the importance of strong, unique passwords and layered security measures.

Harnessing AI for Enhanced Security and Defense
technology4 months ago

Harnessing AI for Enhanced Security and Defense

Advancements in AI are enabling hackers to launch faster, smarter, and more personalized cyberattacks, posing significant threats to critical infrastructure, financial services, and organizations worldwide. While malicious actors are leveraging AI for malicious purposes, cybersecurity professionals are also using AI to enhance defenses, automate threat detection, and respond more effectively, creating a high-stakes race between attackers and defenders.

Russian Hackers Exploit WinRAR Zero-Day to Spread RomCom Malware
cybersecurity6 months ago

Russian Hackers Exploit WinRAR Zero-Day to Spread RomCom Malware

Russia-linked attackers exploited a high-severity WinRAR vulnerability (CVE-2025-8088) before it was patched, using targeted spearphishing campaigns against European and Canadian companies. The vulnerability involves a path-traversal flaw that was exploited via malicious archives containing ADSes, leading to malware deployment and backdoors like Mythic, SnipBot, and RustyClaw. Multiple threat groups, including RomCom and Paper Werewolf, have used this zero-day in targeted attacks, highlighting the importance of timely updates and vigilance.

Urgent FBI Warning: Airlines and Cybercriminals in the Crosshairs
technology7 months ago

Urgent FBI Warning: Airlines and Cybercriminals in the Crosshairs

A group of young cybercriminals called Scattered Spider is increasingly active in launching sophisticated cyberattacks across various sectors, including retail, insurance, and airlines, primarily using social engineering and ransomware tactics. Despite law enforcement efforts, the group remains resilient and poses a significant threat to critical infrastructure, operating within a broader marketplace of cybercriminal services.

Rising Cyber Threats: US Critical Networks and Iran-Israel Tensions
world8 months ago

Rising Cyber Threats: US Critical Networks and Iran-Israel Tensions

US critical infrastructure sectors are on high alert for potential Iranian cyberattacks amid escalating tensions between Iran and Israel, with concerns that US military actions could prompt Iran to target US networks. While federal agencies like CISA have historically increased defenses during geopolitical crises, current federal support appears limited, prompting infrastructure operators and ISACs to independently bolster their cybersecurity measures. The situation remains dynamic, with ongoing monitoring and heightened vigilance across sectors.

Corrupted Files: The Latest Tactic in Phishing and Malware Attacks
cybersecurity1 year ago

Corrupted Files: The Latest Tactic in Phishing and Malware Attacks

Cyber attackers are employing sophisticated methods like zero-day attacks using corrupted files, fileless malware via PowerShell scripts, and phishing hosted on Azure Blob Storage. ANY.RUN's Interactive Sandbox is highlighted as a tool for detecting these threats, offering a cloud-based environment for malware analysis. The sandbox can identify malicious activities in real-time, providing a comprehensive view of the execution chain and network activities.

Romania Faces Political Turmoil Amid Election Uncertainty
politics1 year ago

Romania Faces Political Turmoil Amid Election Uncertainty

Romania's political landscape is in turmoil as a court decision on potentially annulling the recent election is postponed until Monday, with a new election possibly occurring in December. Concerns have arisen over the influence of far-right candidate Călin Georgescu, who allegedly used TikTok to sway voters, prompting regulators to investigate. Additionally, Romanian security chiefs have confirmed cyberattacks during the election, with suspicions of Russian involvement, further complicating the political situation.

Romania's Court Mandates Recount Following Far-Right Election Upset
politics1 year ago

Romania's Court Mandates Recount Following Far-Right Election Upset

Romania's Constitutional Court has ordered a recount of votes from the first round of the presidential election after far-right candidate Calin Georgescu unexpectedly won with 22.9% of the vote. Georgescu, who opposes NATO and supports Putin, will face centrist Elena Lasconi in a runoff. The recount decision follows allegations of cyberattacks and claims that TikTok favored Georgescu's campaign. Both candidates have criticized the court's decision, with Lasconi emphasizing the need to protect democracy.

Cyber Threat Alert: Phishing Attacks Exploit Microsoft Visio Files
cybersecurity1 year ago

Cyber Threat Alert: Phishing Attacks Exploit Microsoft Visio Files

Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files and SVG attachments to evade detection and steal credentials. These attacks exploit user trust by embedding malicious URLs in familiar file formats and instructing victims to perform actions like holding down the Ctrl key to bypass security systems. As cyber fraud evolves, especially during International Fraud Week, businesses are urged to enhance their defenses with robust email security and two-factor authentication to mitigate risks.

Cybercriminals Exploit Microsoft Visio in New Phishing Tactics
cybersecurity1 year ago

Cybercriminals Exploit Microsoft Visio in New Phishing Tactics

Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files to evade detection. These attacks involve sending emails from breached accounts with seemingly harmless attachments that, when interacted with, lead to credential-stealing sites. Additionally, attackers are using scalable vector graphics (SVG) files to deploy phishing attacks, exploiting their ability to execute JavaScript. Users are advised to be cautious with unfamiliar file formats and ensure robust email security measures, including two-factor authentication.