Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Attackers use remote code execution as a way to gain unauthorized access, perform data breaches, disrupt services and deploy malware. Here’s how you can prevent your organization from RCE attacks: Let’s dive deep into remote code execution and, importantly, its prevention techniques.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In an era where digital technology increasingly underpins food production and distribution, the urgency of cybersecurity in agriculture has heightened.

Dark Pink (also known as Saaiwc Group) is an advanced threat actor that has been operating since mid-2021, mainly in the Asia-Pacific region and to a lesser extent in Europe, leveraging a range of sophisticated custom tools within a sophisticated kill chain relying on spear-phishing emails. The group has been quite active since 2021, attacking at least 13 organizations in Vietnam, Bosnia and Herzegovina, Cambodia, Indonesia, Malaysia, Philippines, Belgium, Thailand, and Brunei.

A pretexting attack is a type of social engineering attack where the threat actor persuades their target into revealing sensitive information or sending them money by making up a story, hence the word “pretext.” Pretexting attacks can come in many different forms including a phone call, text message, email or even in person.

Read also: Jimbos Protocol hacked for $7.5M, nearly 9 million dental patients impacted in a ransomware attack, and more.

We all know that cyberattacks in the public sector are mounting. Over 100 state and municipal governments and dozens of school districts were compromised by ransomware last year. And geopolitical tensions will only embolden both state-linked and financially motivated threat actors going forward. These are uneasy times for cybersecurity leaders at these government and education sector entities. But help is at hand.

The theft of users’ credentials is a growing industry. The market for compromised credentials is vast and has huge potential due to: These factors have created a lucrative market for cybercriminals who are able to steal credentials and sell them on the black market. The stolen credentials can then be used to access personal and financial information, commit identity theft, or launch other cyberattacks.

The other week, Bitsight released a piece of high-profile research alerting the public to a high-severity vulnerability potentially allowing attackers to launch one of the most powerful Denial-of-Service (DoS) attacks in history. Here’s a summary of what happened and why it matters: Security leaders are asking “now what?” and Bitsight has answers.

Cyber attacks on Australian hospitals and healthcare providers are becoming a more frequent occurrence. The Australian Cyber Security Centre, the ACSC, has recently warned healthcare providers in Australia of an increased number of cyber attacks aimed at the healthcare industry. The ACSC has identified ransomware and other cyber attack methods as leading to dangerous breaches of sensitive hospital data, which can have widespread ramifications if not addressed and preempted.

As is tradition with my blog posts, let’s start off a definition of what HTTP pipelining is all about. “HTTP pipelining is a feature of HTTP/1.1 which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding responses. HTTP/1.1 requires servers to respond to pipelined requests correctly, with non-pipelined but valid responses even if server does not support HTTP pipelining.