The increasing problem of leaked credentials is becoming a critical issue for businesses, particularly with non-human identities (NHIs) like microservices and Kubernetes workloads, which now outnumber human identities 45:1. Research by GitGuardian and CyberArk reveals that 79% of IT decision-makers have experienced secrets leaks, with over 12.7 million hardcoded credentials …
A recent report from cybersecurity firm Infoblox highlights a long-standing yet underappreciated threat: Sitting Ducks attacks. Over the past five years, tens of thousands of domains, including those belonging to well-known brands, non-profits, and government entities, have been hijacked due to vulnerabilities in DNS ownership verification. Alarmingly, this issue has …
The city of Sheboygan, Wisconsin, is grappling with a significant cybersecurity incident after hackers demanded a ransom following unauthorized access to its network. This cyberattack, which began in late October, has led to widespread technology outages impacting city operations. City officials have isolated parts of the network and are collaborating …
The cybersecurity agencies within the Five Eyes alliance — the U.S., U.K., Australia, Canada, and New Zealand — have issued an urgent advisory on a troubling trend: cyber actors are now more frequently exploiting zero-day vulnerabilities to penetrate networks. This marks a shift from recent years when attackers predominantly targeted …
Cybercriminals are now leveraging ZIP file concatenation to deliver malware undetected, exploiting the way ZIP parsers process these combined files. This tactic, identified by researchers at Perception Point, was used in a phishing scheme where hackers hid a trojan within a seemingly harmless compressed file attachment. How ZIP File Concatenation …
Over 200,000 SelectBlinds customers who shopped for blinds or window treatments in 2023 may have had their personal and payment information stolen in a recent cyber attack. Hackers embedded malware on the retailer’s website, allowing them to scrape sensitive data from the checkout page, including usernames, passwords, addresses, emails, phone …
Ransomware attacks are becoming a significant threat to critical infrastructure, with financial impacts soaring up to $1 million per incident. A survey conducted by Claroty, which involved 1,100 security professionals in sectors such as chemical manufacturing, healthcare, and energy, revealed that 45% of organizations suffered financial losses exceeding $500,000 due …
Businesses of all sizes face growing complexities in managing IT infrastructure and protecting against cybersecurity threats. When deciding how to manage these responsibilities, two of the most common options are partnering with a Managed Service Provider (MSP) or a Managed Security Service Provider (MSSP). While these two providers may seem …
New research reveals significant gaps in third-party risk management within the financial sector, highlighted by recent incidents like the CrowdStrike IT outage. Despite increasing reliance on complex third-party IT ecosystems, only a small percentage of financial institutions have robust exit plans for supplier disruptions. The lack of preparedness leaves the …
The Brain Cipher ransomware group claims they orchestrated a cyberattack on several French national museums, including the iconic Le Grand Palais, during the recent Olympic Games. They allege they have stolen 300GB of data and plan to leak it today. The attack targeted financial systems related to 40 institutions overseen …
