The lack of API security is responsible for every 1 in 13 cybersecurity incidents, with annual global losses of up to $75 billion and 57% affecting American businesses.
International law enforcement has taken down illicit proxy service RSOCKS, a Russian botnet that has been active since at least 2014 and compromised millions of devices.
67% of businesses suffered subsequent cyber attacks within a year after the first incident, with 10% recording ten or more repeated breaches. Medium-sized firms were most impacted.
The Iran-backed campaign targets prominent Israelis and uses spear phishing to gain access to emails, leveraging the account takeover to hijack existing conversations.
The Chinese hackers are distributing backdoored Web3 wallets, primarily targeting searches for Coinbase Wallet, imToken, MetaMask and Token Pocket, and are focused on both iOS and Android users.
Digital Shadows Photon Research team found that over 24 billion stolen user credentials were available for sale on the dark web market in 2022, an increase of 65% in two years.
Tenable CEO cites reports from several cybersecurity firms that indicate Microsoft is not being timely enough with its vulnerability disclosures and sometimes has a "dismissive" attitude.
Security researchers have documented a Facebook credential phishing campaign that has been active since late 2021, and has been highly successful in duping victims using an authentic-looking spoofed login page.
Germany has opened an antitrust probe into Apple’s App Tracking Transparency framework. This follows a probe initiated by Poland in late 2021, and the expression of concerns along similar lines by both France and the UK.
Cyber espionage group is thought to have been in action since at least 2013, with a heavy focus on certain APAC countries and regions. The Chinese hackers also focuses in on political targets.