Phishing remains a significant and ever-evolving cybersecurity threat, with recent data showing a 28% rise in attacks between Q1 and Q2 of 2024. This trend highlights how persistent and evolving phishing tactics continue to be, impacting a staggering 94% of cybersecurity decision-makers in 2023. Attackers are increasingly using compromised internal accounts, shifting the platforms they use, and incorporating QR codes, which is becoming a new favorite way to deliver malicious content. This article describes some of the recently observed threat actor tactics as well as some tips for staying safe.
Read more…
Source: Water ISAC
Related:
- UK government transport website caught showing porn
November 25, 2021
A UK Department for Transport (DfT) website was caught serving porn earlier today. The particular DfT subdomain behind the mishap, on most days, provides vital DfT statistics for the public and the department’s business plan. Racy traffic ahead The UK DfT’s charts.dft.gov.uk website was seen serving porn today, as confirmed by BleepingComputer. Read more… Source: Bleeping Computer
- Step Towards Foresight on Emerging Cybersecurity Challenges
November 22, 2021
ENISA kicks off a new area of work in line with its Strategy objective “Foresight on Emerging and Future Cybersecurity Challenges”. As a key element of ENISA’s strategy, foresight increases knowledge and understanding of emerging and future challenges, thus providing a path to find solutions that address those challenges and bolster EU resilience to cybersecurity threats. What ...
- EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms
November 11, 2021
New research into the security posture of Europe’s top pharmaceutical giants has revealed concerning levels of vulnerabilities and weak spots in web applications. On Thursday, Outpost24 published new research that claims the top 10 pharmaceutical countries in the region are all failing to maintain a robust security posture — with 80% considered to be “critically exposed” ...
- On the Watch for Incident Response Capabilities in the Health Sector
November 11, 2021
The meetings of the CSIRT Network and the CyCLONe taking place these days in Ljubljana and online, have set the stage for the publication of the new report on CSIRT capabilities for increased efficiency of incident response tools and processes of specific sectors. Health organisations such as hospitals rely today on complex critical infrastructures in order ...
- Discovering the Exploitable Security Gaps in Remote Work Spaces
November 8, 2021
Working and living areas are getting smarter every year as owners adopt new technology and continuously upgrade old devices to fit into modernized spaces. This has enabled many professionals to work or run their business virtually from home. International conferences can be conducted from home office spaces, major projects can be managed and modified online, ...
- CISA Binding Operational Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities
November 3, 2021
A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security (DHS) to develop and oversee the implementation of binding operational directives. Federal agencies are required to comply ...