Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage

December 10, 2024 at 06:54AM A cyber espionage group linked to China has targeted IT service providers in Southern Europe, utilizing Microsoft Visual Studio Code Remote Tunnels for command and control. Detected between June and July 2024, the attacks aimed to establish footholds for future data breaches, leveraging legitimate tools to evade detection, highlighted by … Read more

Healthcare’s Grim Cyber Prognosis Requires Security Booster

October 8, 2024 at 03:17PM The healthcare sector’s resilience against ransomware attacks has worsened, with two-thirds of organizations experiencing attacks. New threats, such as the Trinity ransomware, continue to emerge. Legislation is being proposed to improve cybersecurity in the industry, as cybercriminals target healthcare due to its critical operations and willingness to pay ransoms. Healthcare … Read more

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

October 7, 2024 at 07:45AM Organizations face significant financial losses of up to $186 billion annually due to vulnerable APIs and bot abuse, posing escalating risks to global businesses. API adoption has dramatically expanded the attack surface, leading to a 40% increase in API-related security incidents. Meanwhile, bot attacks have surged by 88%, driven by … Read more

700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking

October 2, 2024 at 05:38PM Multiple critical vulnerabilities in DrayTek routers, including a perfect 10 out of 10 CVSS severity rating, pose security risks for over 785,000 devices. Attackers could exploit these flaws to gain control, steal data, deploy ransomware, and launch denial-of-service attacks. It’s imperative for users to apply patches, employ best practices, and … Read more

Unix Printing Vulnerabilities Enable Easy DDoS Attacks

October 2, 2024 at 05:19PM A recent disclosure of four critical vulnerabilities in the Common Unix Printing System (CUPS) has shed light on the potential for attackers to conduct distributed denial-of-service (DDoS) attacks. The vulnerabilities could enable adversaries to exploit approximately 58,000 Internet-exposed devices, creating significant strain on target systems and potentially affecting server hardware. … Read more

Manufacturers Rank as Ransomware’s Biggest Target

October 2, 2024 at 09:02AM The manufacturing industry has become a prime target for ransomware attacks, accounting for 21% of such incidents and putting companies at three times higher risk. A Black Kite study reveals that 80% of manufacturing firms have critical vulnerabilities and 67% are listed in the Known Exploited Vulnerabilities catalog. Persistent patch … Read more

Ransomware forces hospital to turn away ambulances

September 30, 2024 at 06:20PM A ransomware attack on University Medical Center in Lubbock, Texas forced the hospital to limit operations and divert patients to other facilities. The center is working with authorities and third-party experts to resolve the issue. Ransomware attacks in healthcare are rising, posing a threat to patient care and information security. … Read more

A Hacker’s Era: Why Microsoft 365 Protection Reigns Supreme

September 30, 2024 at 07:18AM The article highlights how Microsoft 365 is targeted by cybercriminals due to its widespread usage, integrated services, and valuable data. It discusses vulnerabilities such as weak passwords, lack of multifactor authentication, and misconfigured settings, and recommends proactive defense measures including multilayered security, user training, and automated backup solutions like Backupify. … Read more

Transport, Logistics Orgs Hit by Stealthy Phishing Gambit

September 26, 2024 at 04:19PM A recent blog by Proofpoint researchers revealed that a targeted group of transportation and logistics companies in North America had been affected by business email compromise (BEC) attacks. The threat actor used various techniques, including thread hijacking and bespoke phishing attacks, to infiltrate the companies’ networks. The transportation and logistics … Read more

Concerns Over Supply Chain Attacks on US Seaports Grow

September 19, 2024 at 04:47PM The congressional report revealed that US maritime infrastructure relies heavily on Chinese-made cranes and systems, posing potential cybersecurity risks. While no evidence of malicious activity was found, concerns persist about remote access and software vulnerabilities. The report recommends measures to address these issues, stressing the importance of protecting critical infrastructure … Read more