What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in social engineering

Cisco Talos: Top Ransomware TTPs Exposed

Cisco Talos analyzed the top 14 ransomware groups between 2023 and 2024 to expose their attack chain and highlight interesting Tactics,Techniques and Protocols. The security company also exposed the most leveraged vulnerabilities being triggered by ransomware actors. Ransomware attack chain: What Cisco Talos researchers learned Ransomware actors nearly all use . . . Read more

Paris Olympics 2024: Cyber Attackers are Targeting Companies Associated With Games, Report Finds

Organisations linked to the Paris Olympics 2024 have an increased risk of cyber attacks, including ransomware, credential leaks and phishing campaigns, a study has found. Insikt Group, the threat research division of security firm Recorded Future, has already observed posts advertising access to Games-related organisations in France and compromised credentials . . . Read more

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries

A new report from IBM X-Force exposes changes in the Grandoreiro malware landscape. The banking trojan is now capable of targeting more than 1,500 global banks in more than 60 countries, and it has been updated with new features. Also, Grandoreiro’s targeting has become wider, as it initially only targeted . . . Read more

How Can Businesses Defend Themselves Against Common Cyberthreats?

Today, all businesses are at risk of cyberattack, and that risk is constantly growing. Digital transformations are resulting in more sensitive and valuable data being moved onto online systems capable of exploitation, thus increasing the profitability of a successful breach. Furthermore, launching a cyberattack is becoming more accessible. Exploit kits . . . Read more

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

A threat actor quietly spent the last two years integrating themself in the core team of maintainers of XZ Utils, a free software command-line data compressor widely used in Linux systems. The attacker slowly managed to integrate a backdoor in the software that was designed to interfere with SSHD and . . . Read more

UK’s NCSC Issues Warning as SVR Hackers Target Cloud Services

Russian state hackers are adapting their techniques to target organizations moving to the cloud, an advisory from the UK National Cyber Security Centre and international security agencies has warned. The advisory details how cyber espionage group APT29 is directly targeting weaknesses in cloud services used by victim organizations to gain . . . Read more

CrowdStrike 2024 Global Threat Report: 6 Key Takeaways

Highlights from CrowdStrike’s 2024 report: Identity-based and social engineering attacks still take center stage. Cloud-environment intrusions have increased by 75% from 2022 to 2023. Third-party relationships exploitation makes it easier for attackers to hit hundreds of targets. CrowdStrike added 34 new threat actors in 2023. Attackers are compromising networks at . . . Read more

National Cyber Security Centre Study: Generative AI May Increase Global Ransomware Threat

The U.K.’s National Cyber Security Centre has released a new study that finds generative AI may increase risks from cyber threats such as ransomware. Overall, the report found that generative AI will provide “capability uplift” to existing threats as opposed to being a source of brand new threats. Threat actors . . . Read more

Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware

Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. A new report from U.S.-based cybersecurity company Proofpoint exposes a new attack campaign operated by a financially-oriented threat actor dubbed TA4557 with high financial data theft risks and possibly more risks such as . . . Read more

Google Cloud’s Cybersecurity Trends to Watch in 2024 Include Generative AI-Based Attacks

A November report from Google Cloud details possible nation-state malware tactics in 2024 and new angles of cyberattacks. What will cybersecurity look like in 2024? Google Cloud’s global Cybersecurity Forecast found that generative AI can help attackers and defenders and urged security personnel to look out for nation-state backed attacks . . . Read more