All articles tagged with #cyberattacks
A POLITICO poll across the US, Canada, France, Germany and the UK shows a majority view cyberattacks that disrupt hospitals or other critical infrastructure as acts of war, while NATO debates thresholds for response and governments push to bolster cyber defenses amid rising state-linked cyber activity.
A sponsored Visual Capitalist infographic (in partnership with Unit 42 by Palo Alto Networks) outlines how cyberattackers breach systems by exploiting identity. Identity-based techniques drive about 65% of initial access, with social engineering and credential misuse leading the way, and 90% of recent investigations showing identity weaknesses as material. Once inside, over-privileged identities and token abuse enable rapid lateral movement, making identity the practical perimeter. Defenses recommended include phishing-resistant MFA (passkeys/FIDO2), rotating machine credentials, shorter sessions, just-in-time elevation for admins, and cross-cloud identity telemetry to detect unusual access chains.
The NSB reports a significant increase in Chinese cyberattacks on Taiwan's critical infrastructure in 2025, with attacks averaging 2.63 million daily attempts, especially targeting energy and emergency sectors, employing tactics like vulnerability exploitation, DDoS, social engineering, and supply chain attacks, involving major hacker groups and international cooperation to enhance cybersecurity defenses.
The article highlights various high-profile security failures caused by weak passwords, including a Louvre CCTV breach, a US pipeline ransomware attack, nuclear launch code vulnerabilities, a UK business collapse due to hacking, and scandals involving phone hacking and political data breaches, emphasizing the importance of strong, unique passwords and layered security measures.
Advancements in AI are enabling hackers to launch faster, smarter, and more personalized cyberattacks, posing significant threats to critical infrastructure, financial services, and organizations worldwide. While malicious actors are leveraging AI for malicious purposes, cybersecurity professionals are also using AI to enhance defenses, automate threat detection, and respond more effectively, creating a high-stakes race between attackers and defenders.
Microsoft reports a significant increase in the use of AI by Russia, China, Iran, and North Korea to conduct cyberattacks and spread disinformation against the US, with over 200 instances of AI-generated fake content identified in July alone, highlighting the urgent need for improved cybersecurity defenses.
Cybersecurity experts warn that criminal hackers are rapidly exploiting generative AI tools to enhance their cyberattacks, raising concerns about the ability to defend against these evolving threats.
Russia-linked attackers exploited a high-severity WinRAR vulnerability (CVE-2025-8088) before it was patched, using targeted spearphishing campaigns against European and Canadian companies. The vulnerability involves a path-traversal flaw that was exploited via malicious archives containing ADSes, leading to malware deployment and backdoors like Mythic, SnipBot, and RustyClaw. Multiple threat groups, including RomCom and Paper Werewolf, have used this zero-day in targeted attacks, highlighting the importance of timely updates and vigilance.
A group of young cybercriminals called Scattered Spider is increasingly active in launching sophisticated cyberattacks across various sectors, including retail, insurance, and airlines, primarily using social engineering and ransomware tactics. Despite law enforcement efforts, the group remains resilient and poses a significant threat to critical infrastructure, operating within a broader marketplace of cybercriminal services.
US critical infrastructure sectors are on high alert for potential Iranian cyberattacks amid escalating tensions between Iran and Israel, with concerns that US military actions could prompt Iran to target US networks. While federal agencies like CISA have historically increased defenses during geopolitical crises, current federal support appears limited, prompting infrastructure operators and ISACs to independently bolster their cybersecurity measures. The situation remains dynamic, with ongoing monitoring and heightened vigilance across sectors.
Cyber attackers are employing sophisticated methods like zero-day attacks using corrupted files, fileless malware via PowerShell scripts, and phishing hosted on Azure Blob Storage. ANY.RUN's Interactive Sandbox is highlighted as a tool for detecting these threats, offering a cloud-based environment for malware analysis. The sandbox can identify malicious activities in real-time, providing a comprehensive view of the execution chain and network activities.
Romania's political landscape is in turmoil as a court decision on potentially annulling the recent election is postponed until Monday, with a new election possibly occurring in December. Concerns have arisen over the influence of far-right candidate Călin Georgescu, who allegedly used TikTok to sway voters, prompting regulators to investigate. Additionally, Romanian security chiefs have confirmed cyberattacks during the election, with suspicions of Russian involvement, further complicating the political situation.
Romania's Constitutional Court has ordered a recount of votes from the first round of the presidential election after far-right candidate Calin Georgescu unexpectedly won with 22.9% of the vote. Georgescu, who opposes NATO and supports Putin, will face centrist Elena Lasconi in a runoff. The recount decision follows allegations of cyberattacks and claims that TikTok favored Georgescu's campaign. Both candidates have criticized the court's decision, with Lasconi emphasizing the need to protect democracy.
Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files and SVG attachments to evade detection and steal credentials. These attacks exploit user trust by embedding malicious URLs in familiar file formats and instructing victims to perform actions like holding down the Ctrl key to bypass security systems. As cyber fraud evolves, especially during International Fraud Week, businesses are urged to enhance their defenses with robust email security and two-factor authentication to mitigate risks.
Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files to evade detection. These attacks involve sending emails from breached accounts with seemingly harmless attachments that, when interacted with, lead to credential-stealing sites. Additionally, attackers are using scalable vector graphics (SVG) files to deploy phishing attacks, exploiting their ability to execute JavaScript. Users are advised to be cautious with unfamiliar file formats and ensure robust email security measures, including two-factor authentication.