cybersecurity

Attackers Don’t Hack, They Log In: Can You Stop Them?

The latest trend in cybercrime is that attackers don’t really focus on “hacking” in; they’re logging in. We see this now in the wild, driven by organized criminal groups like Scattered Spider and BlackCat, who’ve reemerged with a renewed focus on gaining access through
Read More

Financial Institutions are the Most Affected by Phishing Attacks and Scams

New data shows how the overwhelming majority of phishing attacks on financial institutions dwarf every other industry sector by as much as a factor of 30-to-1. It’s no secret that banks and other types of financial institutions hold all the money, so it should be no surprise
Read More

Three-Quarters of Organizations Have Experienced an Increase in Email-Based Threats

New data on the state of email security shows that nearly every organization has been the target of a phishing attack as attacks increase in sophistication. While organizations are attempting to shore up their cybersecurity defenses, Mimecast’s State of Email Security report
Read More

91% of Organizations Concerned About Ransomware Attacks in 2022

With ransomware attacks becoming more frequent, evasion getting more sophisticated, and ransoms increasing, new data shows organizations aren’t fighting for staff and budget. As ransomware attacks now reach downtime costs of over $160 billion, this prevalent attack is
Read More

One in Three IT Organizations Have No Cyberattack Incident Response Plan

Despite increases in ransomware attacks, ransom amounts and how often payments are made, new data shows organizations aren’t responding in kind and putting response plans in place. As expected, we’re continuing to see data corroboration around the rise in ransomware attacks this
Read More

The Digital Workplace is a Cybersecurity Disaster

New data reviewing how the 2020 shift to a remote workforce impacted organizational security shows all too well that since the pandemic onset, cybersecurity has become critically worse. We all know IT’s focus during the pandemic was to primarily get the business running remotely.
Read More

New Phishing Scam Uses Fake PPP Loans to Trick Victims into Giving Up Personal Information

Taking advantage of people’s need for financial assistance, these scammers pose as a bank offering “forgivable business loans to individuals impacted by the pandemic.” Nothing says lowlife more than someone who purposely targets those who are already down and out. Those
Read More

Health Care Sees Double the Increase in the Amount of Ransomware Attacks Since November

With an average of 626 ransomware attacks weekly on health care organizations, it’s evident that the bad guys are stepping up their tactics and focus where they believe the money to be. Health care as a target industry has always been somewhere in the top 10 or even top five
Read More

Report: 85% Of Employees More Likely to Leak Files Now Than Pre-Pandemic

According to research released by Code42, 85% of employees are more likely to leak files today than before the COVID-19 pandemic. “By malicious insiders, we are not talking about terrible people who are criminals,” said Joe Payne, Code42’s president and CEO. “More often
Read More

The Most Effective Attacks Are Often the Simplest

The recent Twitter hack shows that devastating security breaches don’t always involve sophisticated actors or methods, according to Rachel Tobac, CEO of SocialProof Security. On the CyberWire’s Hacking Humans podcast, Tobac explained that social engineering only requires an
Read More

Don’t Overlook Policy When Designing Security

There’s no single defense against phishing and other social engineering attacks, according to Kevin O’Brien, CEO and co-founder of email security company GreatHorn. On the CyberWire’s Daily Podcast, O’Brien explained that the social engineering tactics used in phishing attacks
Read More

60% of Organizations are Hit by Cyberattacks Spread by Their Own Employees

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an organization to do? When you think of cyberattacks, the assumption is that it’s a simple matter of “the
Read More

Microsoft: Ransomware Gangs That Don’t Threaten to Leak Your Data Steal it, Anyway

That means you can from now on count a ransomware infection as a data breach with all the consequences that this brings. Moreover, the so-called “human-operated” ransomware gangs have stepped up their attacks amid the pandemic to maximize their ill-gotten profits. In
Read More

Verizon: More Than Half of Users Click on Multiple Phishing Links; Social Engineering, Innovation are Responsible

The latest data from Verizon’s 2020 Mobile Security Index report shows that both consumer and business users make it all too easy for cyberattackers to fool them into becoming a victim. Think about the layered security you have in place today – each solution (whether hardware or
Read More

New DoppelPaymer Ransomware Makes Money Off of You Whether You Pay the Ransom or Not

Taking a page from the Maze ransomware playbook, the creators of DoppelPaymer don’t just encrypt your data; they have found channels to sell it if you don’t pay up. Back in November, Maze ransomware became the first to publish a victim’s data if they didn’t pay the ransom,
Read More
12