Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Google’s Mandiant has published guidance on defending against an ongoing wave of social engineering attacks targeting organizations’ Salesforce instances. The organized criminal gang tracked by Google as “UNC6040” has been using voice phishing attacks to trick employees into granting access.

Most modern sites run significant third-party code in the user’s browser. The Web Almanac 2022 reports that the top 1,000 sites load an average of 43 third-party domains on mobile and 53 on desktop, expanding the surface for JavaScript injection attacks and supply-chain tampering. In parallel, real e-commerce compromises continue to surface. Sansec has identified more than 70,000 websites that suffered Magecart e-skimming over time.

Adversaries have shifted their tactics away from traditional malware and toward approaches that exploit the very tools organizations rely on. Instead of introducing malicious files that can be blocked outright, attackers weaponize legitimate applications such as built-in Windows utilities, remote monitoring and management (RMM) tools, file transfer software, and administrative programs.

As Jaguar Land Rover (JLR) announces a return to operations after a six-week disruption, a lengthier, less publicised UK-based cyber-attack recovery remains unresolved. Perhaps the relative quiet is because Colt Technology Services, a critical connectivity and trading network serving major banks and stock exchanges in ~30 countries, is not a household name like JLR, Co-Op, or M&S. Or perhaps it’s because the narrative doesn’t fit the now-expected Scattered Spider storyline.

Authentication issues seem like low-level attacks. But authentication today – especially API authentication – can be more difficult than people expect. Companies rely on APIs to carry sensitive information every day. If access to those APIs is not properly secured, all the sophisticated security solutions companies use to protect their data elsewhere are completely undermined.

Misconfigurations in storage and encryption settings can put your mobile apps at risk, but so can social engineering attacks. Mobile devices are powerful productivity tools, enabling your staff to work from almost anywhere. They can also be security risks, sharing sensitive data outside of a tightly controlled office environment. If smartphones and tablets are integral to your organization’s day-to-day workflows, a mobile application security assessment should be part of your cybersecurity strategy.

Cyberattacks are becoming more frequent and costly for businesses all around the world. Despite investing in solid IT/security teams, businesses are struggling to ward off cyberattacks. There are three main problems with in-house teams: limited staff, restricted budgets for advanced tools, and a lack of specialized expertise to cover every threat. So, what’s the solution? Managed Cybersecurity Services.