Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The First Half of 2024 Results in More Than 1 Billion Data Breach Victims

New data shows that cyber attacks have resulted in double the number of data breaches in 2024 than throughout all of 2023. After a data breach, there are two common impacts– an organization with disrupted operations and customer victims. We tend to focus only on the duration it takes for an organization to regain normal operations, but the total number of victims from a data breach can take years to tally.

Dark Angels Ransomware Group Scores Record-Breaking $75 Million Payday

In the ever-evolving world of cybercrime, ransomware attacks continue to be a lucrative business for cybercriminals. The latest development comes from the Dark Angels ransomware group, who have reportedly secured a staggering $75 million ransom payment from an undisclosed victim. This eye-watering sum shatters the previous record of $40 million paid by insurance giant CNA Financial in 2021, setting a new and alarming benchmark in the ransomware landscape.

Organizations Prepare for More Evolved AI-Based Cyber Attacks as Deepfakes Become Top Concern

New data on how the threat of AI in cyber crime is being seen as a growing risk provides insight into how organizations are shifting from reaction to prevention. According to endpoint security vendor Deep Instinct’s Voice of SecOps report, 97% of organizations are concerned they will suffer a security incident as a result of adversarial AI. The advent of new malicious LLM-based AI platforms are allowing cybercriminals to get their hands on sophisticated tech and create convincing deepfakes.

Nearly All Ransomware Attacks Now Include Exfiltration of Data...But Not All Are Notified

Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening. Many assume data is being exfiltrated as part of a ransomware attack and it’s going to be used as part of the extortion component of the attack. But according to Arctic Wolf’s The State of Cybersecurity: 2024 Trends Report, that doesn’t seem to be the case.

QR Code Phishing is Still on the Rise

Organizations need to be aware of the threat posed by QR code phishing (quishing), according to researchers at Trend Micro. “Phishing emails continue to be the number one attack vector for organizations,” the researchers write. “A QR code phishing, or quishing attack, is a modern social engineering cyber attack technique manipulating users into giving away personal and financial information or downloading malware.

IoT: Internet of Threats?

The Internet of Things (IoT) has slowly but surely weaved its way into our homes and places of work. From smart homes to industrial control systems, IoT has brought convenience and efficiency to our lives. However, with this increased connectivity we have increased our risk. The IoT Attack Surface IoT devices are often designed with functionality in mind, rather than security. This means that many devices have weak or default passwords, unpatched vulnerabilities, and insecure communication protocols.

New Phishing Scam Leverages Chat To Add Credibility And Ensure Success

A new phishing scam is leveraging trusted aspects of ecommerce to make their scams look legitimate. Perception Point has spotted a new level of credibility used by phishing scammers in which fake payment pages include the use of legitimate support chat. Spoofed payment pages resembling marketplace, like Etsy and Upwork, ask business owners to “claim” payments for products or services sold.

Is Your Bank Really Calling? How to Protect Yourself from Financial Impersonation Fraud

Protecting your financial information has never been more crucial. With the rise of sophisticated scams, it's becoming increasingly difficult to distinguish between legitimate bank communications and fraudulent attempts to access your accounts. So, how can you be sure it's really your bank contacting you? The Vulnerability of Personal Information First, it's important to understand that our personal details are more accessible than we might think.