Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
This latest Quarterly Threat Report (QTR) distils the trends, notable new behaviours, and unusual attacks we saw over the last quarter. Also utilizing previous threat reports to compare findings and point out patterns–and even provide some solutions for avoiding the latest threats.
By dissecting how attackers got...
Genetics testing firm 23andMe is investigating a data leak of ancestry DNA information for certain customers whose usernames and passwords were previously hacked on other websites. The company suspects a massive credential stuffing attack on individual accounts using recycled passwords and no MFA.
Netcraft purchased an online brand protection vendor to incorporate security analysts into the company's highly automated cybercrime takedown process. The deal will expedite the takedown of fraudulent websites by capitalizing on their joint knowledge of the global infrastructure provider landscape.
Cybercriminals continue to rely on proven attack methods while developing new ways to infiltrate digital environments and break through your human defense layer.
But how can you reduce your organization’s attack surface? We looked at 12.5 million users across 35,681 organizations to find out.
In this webinar...
Search engine optimization poisoning attacks, which involve intentionally manipulating search results to lead users onto malware-laced websites, are on the rise in the healthcare sector, U.S. federal regulators warn. Users should watch for typosquatting, keyword stuffing, meta tagging and cloaking.
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...
Understanding and Defending Against AI-Generated Email Attacks
ChatGPT. Google Bard. DeepFaceLab.
Generative AI is all the rage, and for good reason. What used to take hours can now be done in minutes, and what used to take minutes can be done in seconds. Which is great for productivity in the right hands.
But...
While historically the origin of most business email compromise (BEC) attacks has been West Africa, residing in Nigeria certainly isn’t a requirement for BEC attackers. Indeed, the subject of this report is a sophisticated threat group based in Israel.
The group is unique in that they impersonate executives and...
Email is your most essential business tool—and today’s top malware delivery vector. This vital communications channel has become fertile ground for today's most damaging cyber threats and all kinds of fraud. Because email threats inherently target people, an effective cybersecurity program focuses on people first....
Bots have become an important tool for modern cybercrime. A bot is used somewhere in the attack cycle in more than three-quarters of security incidents. HUMAN Security co-founder and CEO Tamer Hassan called account takeover "the gateway drug to all other forms of fraud and abuse."
We strongly recommend that you use a password manager to reduce password reuse and improve complexity, but you may be wondering if it’s really worth the risk. Is it safe to store all of your passwords in one place? Can cybercriminals hack them? Are password managers a single point of failure?
Join Roger A....
When you think of using biometric technology as part of your multi-factor authentication process, you assume these attributes are safe. Cybercriminals can’t hack your fingerprints, can they? The answer may surprise you!
Biometric attributes aren’t as safe as they once were. Cybercriminals are always coming up...
Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.
More than 80% of UK organizations experienced a successful attack in 2021/2022. Over a 12-month period, ransomware attacks affected 73% of UK organizations with average cost of ransom payment of £1.08 million.
Join us alongside Oliver Rochford, an ex-Gartner analyst with extensive experience in cybersecurity, for...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
