The age of malware-driven cyber attacks has peaked, at least when it comes to incidents affecting small and medium-sized enterprises (SMEs), where over half (56%) of attacks observed in the third quarter were “malware-free”, meaning adversaries leveraged scripting frameworks and legitimate tools instead of deploying malware payloads. This is according to a quarterly SME threat…
Over half of SME cyber incidents now ‘malware-free’ Read More »
Automotive industry leaders are struggling with competing cyber risk and security priorities, and as such, many are increasingly concerned that their organisations will be unprepared for new, United Nations (UN)-backed vehicle safety regulations that come into force next year, leaving drivers exposed to unacceptable security risks. The United Nations Economic Commission for Europe World Forum…
As vehicle safety regulations loom, carmakers fret over cyber risks Read More »
A threat actor tracked in Microsoft’s taxonomy as Storm-0324 has been observed switching up its tactics to incorporate social engineering phishing attacks conducted via Microsoft Teams, Redmond has revealed. Storm-0324, a so-called initial access broker (IAB), is linked to several prolific and dangerous ransomware operations, including some known to have deployed the Clop, Gandcrab, Maze…
UK business leaders are far less concerned about the risk of a material cyber attack on their organisation than they were this time last year, according to data compiled by Proofpoint, which suggests a growing sense of alignment between security leaders and boardrooms. In a study published last week, Cybersecurity: The 2023 board perspective report,…
UK boardrooms and CISOs increasingly aligned on cyber risks Read More »
Cyber attacks in 2023 continue to gain traction. As dwell times lessen, cyber crime rates are developing quicker, leading to higher frequencies of cyber attack attempts. But companies at large and small scales are fighting back, opting to adopt higher protective measures with expanded cyber security capabilities. For example, Google has recently switched to AI-backed…
AI-powered cloud SIEM: Real-time threat intel boosts defences Read More »
Cyber security experts have welcomed the apparent downfall of the Qakbot malware, following a multinational law enforcement hack-back operation, encompassing the UK’s National Crime Agency (NCA) and the FBI among others, which took down its botnet infrastructure over the weekend of 25-27 August. A long-established tool in the cyber criminal arsenal, Qakbot infected millions of…
Ransomware gangs enjoyed a midsummer fling in July 2023, with record numbers of attacks observed – an increase of over 150% from the same month in 2022, and a 16% increase on June 2023 – according to the latest monthly statistics collated by NCC Group’s global threat intelligence team. Although arguably not ransomware attacks as…
Clop’s MOVEit attacks drive ransomware volumes to record high Read More »
The National Cyber Security Centre (NCSC), alongside its Five Eyes partner agencies in Australia, Canada, New Zealand and the US, have released details of the 12 most exploited vulnerabilities of 2022, with the likes of Log4Shell and ProxyShell still riding high. The collective said their list served as a warning about the importance of updating…
Log4Shell, ProxyShell still among most widely exploited flaws Read More »
Artificial intelligence and its various sub-categories are playing an increasingly major role in cyber security. In a study conducted for Egress last year, 77% of cyber security leaders said they use a product that incorporates AI. When we dig in, however, we found only 66% of those using AI-based security products stated they ‘fully understand’…
AI has a place in cyber, but needs effective evaluation Read More »
