There’s a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure, according to Aqua Security. While most attacks were aimed at abusing public cloud compute resources for cryptocurrency mining, the methods used open the door for higher-value targets that leverage security gaps in container software supply chains and runtime environments. The report…

Cyber attacks have increased in number and severity since the onset of the pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch campaigns exploiting mass uncertainty and fear. Ransomware attack severity increases In fact, since the beginning of COVID-19, Coalition observed a 47% increase in the severity of…

This year presented even more challenges for ensuring the integrity and security of open-source ecosystems. Open source has been the greatest boon to developers in that virtually anyone can use and customize it, typically at no cost, and contribute to the community. What has been a means of ensuring greater transparency, security and promoting developer…

All organizations wrestle with chronic phishing attacks that are the primary vectors through which malicious actors breach systems and spread malware. Most phishing attackers deliver their payloads on networks by crafting spoofed emails that look like they come from legitimate, authoritative senders. Those look-alike emails instead derive from domains deployed solely for malicious purposes. It’s…

Mimecast released the Threat Intelligence Report: Black Hat U.S.A. Edition 2020, which presents insights gleaned from the analysis of 195 billion emails processed by Mimecast for its customers from January through June 2020. Of those, 92 billion (47%) were flagged as malicious or spam and rejected. Main trends Two main trends ran throughout the analysis:…

RDP hijacking definition One means of compromising systems cherished by malware authors is Remote Desktop Protocol (RDP). It provides a convenient way for system administrators to manage Windows systems and help users with troubleshooting an issue. RDP hijacking attacks often exploit legitimate features of the RDP service rather than purely relying on a vulnerability or…

Previous attacks involving this malware family were observed leveraging malicious versions of the trading app Stockfolio, and security researchers also associated the GMERA Trojan with the activities of North Korean hackers. Recently identified campaigns featuring the malware involved the use of several websites that distributed malicious applications claiming to provide cryptocurrency trading capabilities. The cybercriminals…

As cyberattacks escalate, Infoblox and Forrester Consulting investigated how security and risk (S&R) teams are using their DNS investments. The 203 respondents to the study reveal they most often use DNS to detect and block threats early in the kill chain, identify compromised devices, and investigate and respond to malware. DNS is effective but under-utilized…