Phishing remains a significant and ever-evolving cybersecurity threat, with recent data showing a 28% rise in attacks between Q1 and Q2 of 2024. This trend highlights how persistent and evolving phishing tactics continue to be, impacting a staggering 94% of cybersecurity decision-makers in 2023. Attackers are increasingly using compromised internal accounts, shifting the platforms they use, and incorporating QR codes, which is becoming a new favorite way to deliver malicious content. This article describes some of the recently observed threat actor tactics as well as some tips for staying safe.
Read more…
Source: Water ISAC
Related:
- How to Make API Security an Integral Part of Your Application Security Strategy
January 12, 2022
The farther your organization travels down the digital transformation path, the more critical API protection is to your overall security posture. Every day, your development teams are innovating; they rely more on microservices to save time and money as they automate business-to-business processes and provide a back-end for mobile applications. APIs are the cornerstone of ...
- Maryland officials confirm ransomware attack shut down Department of Health
January 12, 2022
Maryland officials confirmed on Wednesday that state’s Department of Health is dealing with a devastating ransomware attack, which has left hospitals struggling amid a surge of COVID-19 cases. In a statement released on Wednesday, Maryland Chief Information Security Officer Chip Stewart said the attack began on December 4 and crippled their systems. “We have paid no extortion ...
- Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
January 11, 2022
This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community reduce the risk presented by these threats. This CSA provides an overview of Russian state-sponsored ...
- LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk
January 11, 2022
Our LoRaWAN security series has so far outlined multiple security flaws, vulnerability issues, and entry vectors that attackers have been known to use. In this fourth part of the series, we talk about an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. Although it is not a typical target, it ...
- What to Include in a Cybersecurity Disaster Recovery Plan
January 11, 2022
If the unthinkable were to happen to your business, what’s your disaster recovery plan? If bad actors were to inject ransomware into your system, what’s your process for a return to normal working? Google the words “What do I do if I have a cybersecurity breach” and the first twenty results will start with the ...
- Uncovering and Defending Systems Against Attacks With Layers of Remote Control
January 10, 2022
As organizations brace themselves for the year ahead, now is an opportune time to take stock of how they can strengthen their security posture and shore up their defenses. While organizations may have the power of leading-edge cybersecurity solutions on their side, malicious actors continue to work diligently to refine their methods and take advantage ...