Security News
ENISA, EU's Agency for Cybersecurity, released its annual Threat Landscape report, covering the period from July 2021 up to July 2022. EU Agency for Cybersecurity Executive Director, Juhan Lepassaar stated that "Today's global context is inevitably driving major changes in the cybersecurity threat landscape. The new paradigm is shaped by the growing range of threat actors. We enter a phase which will need appropriate mitigation strategies to protect all our critical sectors, our industry partners and therefore all EU citizens."
In this Help Net Security video, Tonia Dudley, VP, CISO at Cofense, provides a look at the various changes seen in the phishing threat landscape. Dudley talks about the impact of credential phishing and business email compromise, which allow cybercriminals to steal substantial amounts of money from global organizations.
As phishing attacks soar in frequency and sophistication and are delivered by an entirely new breed of cybercriminals, it's time we utilize the latest technology to anticipate threats before they advance. Smartphones have become increasingly targeted by hacking attempts - especially since the pandemic, with total phishing attacks in the second quarter of 2022 rising to over 1 million.
Over the years, there has been a long-standing narrative that foreign state-sponsored threat actors present the most significant cyber threat to the election process. The threat actors also targeted devices belonging to the state boards of elections, state secretaries of state, and organizations that supported election infrastructure to steal voter data.
Webinar The cloud is constantly in flux, and with its continual growth comes an equally rapid acceleration of threats and vulnerabilities direct towards it. You could say the cloud environment resembles the wild west where even hired guns carefully guarding your wagon train are not always enough to prevent an ambush by a gang of determined outlaws.
SonicWall Capture Labs threat researchers recorded 2.8 billion malware hits, in the first half of 2022. Except for June, the global malware detection has been higher in 2022 when compared to 2021.
LinkedIn has introduced three new features to fight fake profiles and malicious use of the platform, including a new method to confirm whether a profile is authentic by showing whether it has a verified work email or phone number. Over the past couple of years, LinkedIn has become heavily abused by threat actors to initiate communication with targets to distribute malware, perform cyberespionage, steal credentials, or conduct financial fraud.
Current challenges and risks entailing 5G / IoT. A key differentiation between 5G and its predecessor networks is that 5G entails an untrusted core network between the subscriber end and the unified data management environment, whereas predecessor networks had a hierarchical trust model. A 2021 report by the Cybersecurity and Infrastructure Security Agency regarding Potential Threat Vectors to 5G Infrastructure listed supply chain risks as a particularly dangerous threat in the 5G space.
Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions and services, as well as third-party service providers. In this Help Net Security video, Marc Woolward, Global CTO & CISO at vArmour, talks about notable supply chain attacks and predicts how they will evolve in 2023.
Harrington and Meiggs were charged in November 2019 for targeting at least ten victims in SIM swapping attacks and, in some cases, with death threats. According to the court documents, they allegedly stole $200,000 worth of cryptocurrency in one go from an Arizona resident who "Publicly communicated with cryptocurrency experts online," while $100,000 were swiped from a victim in California with close ties to someone who "Operated a blockchain-based business."