Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Insider threats are a top concern at organizations of all kinds; only 3% of respondents surveyed are not concerned with insider risk, according to Gurucul. With responses from more than 325 cybersecurity professionals, the report explores the latest trends and challenges organizations are facing as they work to adapt to changing insider threats, and how […]
Continue ReadingAccording to the FBI’s 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country’s $6.9 billion in cyber losses that year – around $2.4 billion. In surprisingly sharp contrast, ransomware attacks accounted for only $50 million of those losses. In this Help Net Security video, Dror Liwer, Co-Founder of […]
Continue Reading
Adversaries’ shift toward Shell Link (LNK) files, likely sparked by Microsoft’s decision to block macros, provides the opportunity to capitalize on information that can be provided by LNK metadata. Cisco Talos analyzed metadata in LNK files and correlated it with threat actors tactics techniques and procedures, to identify and track threat actor activity. This report […]
Continue ReadingA month ago, the FBI warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers – anything that can be downloaded, really – via Google and Bing. The recent explosion […]
Continue ReadingIn this Help Net Security video, MacKenzie Jackson, Developer Advocate at GitGuardian, offers his cybersecurity predictions for 2032. These include: Developers will be a priority target for hacking campaigns Doubling down on MFA bypass Source code security More efforts to measure the software supply chain attack surface Open-source security will be front and center on […]
Continue ReadingDDoS attacks are getting larger and more complex moving towards mobile networks and IoT, which are now used in cyberwarfare. In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the most powerful DDoS attacks in the past 12 months. The post The most significant DDoS attacks in the past year appeared […]
Continue ReadingThe third quarter of 2022, APWG observed 1,270,883 total phishing attacks — is the worst quarter for phishing that APWG has ever observed. The total for August 2022 was 430,141 phishing sites, the highest monthly total ever reported to APWG. Over recent years, reported phishing attacks submitted to APWG have more than quintupled since the […]
Continue ReadingWhen it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains. “Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to […]
Continue Reading
Microsoft is phasing out support for executing VBA macros in downloaded Office documents. Cisco Talos investigates another vector for introduction of malicious code to Microsoft Excel—malicious add-ins, specifically XLL files. Although XLL files were supported since early versions of Excel, including Excel 97, malicious actors started using it relatively recently. Currently, a significant number of […]
Continue ReadingIn this Help Net Security video, Dave Trader, Field CISO at Presidio, talks about the evolution of ransomware attacks and outlines what we can expect in 2023. The lack of fundamental cybersecurity practices and controls, including critical vulnerability patching and employee cybersecurity training, undermines organizational attempts to improve ransomware defenses. A ransomware crisis leaves deep […]
Continue Reading