Security News > 2024 > April
While the use of zero-day exploits is on the rise, Mandiant's M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time - the time attackers remain undetected within a target environment - has reached its lowest point in over a decade. In 2023, organizations detected intrusions within a median of 10 days, a notable decrease from 16 days in 2022.
In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features the following vendors:...
Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered...
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the...
GISEC Global is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. Here are a few photos from the event, featured vendors include: Waterfall Security Solutions,...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat...
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at...
This brings us on to our third point, which is that we should not be looking to harness GenAI for security awareness training. GenAI promises to transform security training for the better.
Social engineering has also increased, now representing 19% of phishing attacks and phishing emails are over three times longer than they were in 2021, likely due to the increase in use of generative AI. On the other hand, the use of attachment-based payloads has decreased since 2021; three years ago, these accounted for 72.7% of attacks detected by Egress, and by the first quarter of 2024, this had fallen to 35.7% as threat actors evolve their payloads to evade cybersecurity efforts. Generative AI is also expected to increase attack success rate, including creating payloads such as malware, phishing websites and invoices for wire fraud attacks as cybercriminals look to streamline their processes and deliver more efficient campaigns at even swifter pace.