Security News
When it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains. "Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture," said John Fokker, Head of Threat Intelligence, Trellix.
Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time. As exposed in new research from Cisco Talos, threat actors might leverage event handling functions in Excel files in order to automatically launch.
As the internet continues to expand and connect more people and devices than ever before, the need for effective cyber threat intelligence sharing has never been greater. In today's interconnected world, a threat to one organization can quickly become a threat to many others, making it essential for businesses and other organizations to share information and work together to stay safe online.
The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network. "The most recent distribution of Zerobot includes additional capabilities, such as exploiting vulnerabilities in Apache and Apache Spark, and new DDoS attack capabilities," Microsoft researchers said.
With the rapid expansion of Internet-connected devices, both consumer and industrial, the cyber-threat landscape is growing faster than individuals' ability to keep up. Comcast's biennial take on consumer cyber health, the 2022 Xfinity Cyber Health Report, found that there are an average of 15 connected devices per household, up 25% from 2020 - with "Power users" having as many as 34.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
The threat actor targets high-profile and high-security accounts for cyberespionage purposes. Their favorite method to approach and attack their targets consists of using web beacons in emails before eventually attempting to harvest the target's credentials.
The National Security Agency, the Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence, have published a joint report that highlights the most likely risks and potential threats in 5G network slicing implementations. The 5G network slicing report builds upon Potential Threat Vectors to 5G Infrastructure, a paper published last year by the Enduring Security Framework cross-sector working group focused on addressing risks and threats to the security and stability of U.S. national security systems.
As attacks continue to evolve in methods and sophistication, security teams need to prioritize threat detection so they can identify suspicious activity before a breach can occur. Major blind spots exist unless threat detection visibility extends to the network and cloud as well.