Security News > 2023 > October

Cheat sheets are concise, to-the-point references tailored for instant insights. This article provides a curated list of 10 essential cybersecurity cheat sheets, all free to download. Whether you're seeking a quick refresher or a beginner trying to make sense of it all, these resources will help.

Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed...

Globally, 48% of SMBs have experienced a cybersecurity incident in the past year, while 26% of US SMBs have experienced more than one type of cyber breach. 75% of US SMBs say cyber threats are a major concern and 59% expect to increase their investment in cybersecurity in the coming year.

In contrast, South American organizations experience attack rates of merely 2% largely due to their practice of verifying IDs against government databases, creating a more formidable barrier against fraud. The data analysis underscores a significant and notable discrepancy in attack modes based on document verification compared to attacks using selfies.

In the pursuit of optimized performance, modern compilers employ sophisticated techniques, translating high-level source code into efficient, executable programs. Unbeknownst to many, these obscure threats can counteract safety measures and render a seemingly secure application vulnerable post-compilation.

Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks. Out of more than 1.8 million administrator credentials analyzed, over 40,000 entries were "Admin," showing that the default password is widely accepted by IT administrators.

Kwik Trip has released another statement on an ongoing outage, all but confirming it suffered a cyberattack that has led to IT system disruptions. Kwik Trip is a US chain of over 800 convenience stores and gas stations in Michigan, Minnesota, and Wisconsin, also operating under the name Kwik Star in Illinois, Iowa, and South Dakota.

A new report from Netskope detailing the top techniques used by cybercriminals to attack organizations found that cloud apps are increasingly being used by threat actors, representing 19% of all clicks on spearphishing links. Netskope recently reported that Microsoft OneDrive is the most popular cloud app used in enterprises, so it is not a surprise that attackers leverage this target a lot, alongside Microsoft Teams, SharePoint and Outlook.

A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to evade detection and analysis. [...]

Amazon has quietly added passkey support as a new passwordless login option for customers, offering better protection from information-stealing malware and phishing attacks. Amazon recently added a new section in the Your Account > Login & security settings that lets you generate a passkey that can be used to log in to the site.