Octo Tempest has gradually stepped up from data theft, to data extortion, and now to ransomware as of this summer (becoming an affiliate of the ALPHV/BlackCat group). The cybercriminals are entirely financially motivated and nearly always leads with either a phishing email/message or a social engineering call. It also looks to execute SIM swap attacks.
During a M&A process, the scope of the organization’s attack surface is stretched to new limits. Every company, from Fortune 500s to smaller enterprises, has digital baggage that can dramatically increase potential security risks, from multiple generations of technologies, various IT stacks, and new and unknown risks in their environments.
Describing cyber threats as one of its primary challenges, the FBI is asking for an additional $64 million in 2024 to add 192 new positions and improve its cyber capabilities. Much of the budget request focuses on the looming threat that China poses.
As with most technological developments, there are two sides of the coin. ChatGPT may present businesses with a never-ending pool of opportunities, but the same resource can be exploited to help criminals infiltrate systems more effectively.
Cybercriminals aren’t just hacking for activism or for fun. They’re running their attacks like a business, targeting organisations to extort money – and they’re getting smarter at it. Don’t get complacent, don’t cut corners and shore yourself up against the people lurking in the cyber-shadows.
The popularity of online gaming surged during the COVID-19 pandemic—and so did cyberattacks against gamers with 5.8 million attacks detected over the past year. Cybercriminals are becoming experts in deception which makes them increasingly difficult to detect.
Cryptocurrency is increasingly being added to businesses' balance sheets because it helps to reach new customers, and it provides a way to avoid many fees. As with any financial asset, the question of how to secure it is moving to the forefront of the CFO’s mind.
Attackers are becoming savvier, using search engine optimization (SEO) techniques to bump malicious links and malware to the top of users’ search engine results. Email, SMS, messaging apps, and social media are also commonly used to lure users.
The cyberattack on Colonial Pipeline was a big lesson. It is imperative that critical infrastructure companies uplevel their protection against modern security risks by using modern techniques and automation to comply with new cybersecurity regulations.
U.S. federal agencies issued a joint cybersecurity advisory over cyber threats targeting water facilities and wastewater treatment plants threatening water safety and availability.