Phishing remains a significant and ever-evolving cybersecurity threat, with recent data showing a 28% rise in attacks between Q1 and Q2 of 2024. This trend highlights how persistent and evolving phishing tactics continue to be, impacting a staggering 94% of cybersecurity decision-makers in 2023. Attackers are increasingly using compromised internal accounts, shifting the platforms they use, and incorporating QR codes, which is becoming a new favorite way to deliver malicious content. This article describes some of the recently observed threat actor tactics as well as some tips for staying safe.
Read more…
Source: Water ISAC
Related:
- IAEA: Improving Computer Security Anomaly Detection Techniques through Coordinated Research Projects
August 25, 2023
Identifying anomalies in the operations of computer systems that control critical safety and security functions calls for extensive expertise, and the actions required need to be tested, analysed and amended in order to be robust. “Anomaly detection plays an important part in early assessment of possible threats targeting the computer-based systems at nuclear and radiological facilities,” ...
- CISA, NSA, and NIST Publish Factsheet on Quantum Readiness
August 21, 2023
Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography (PQC), to inform organizations—especially those that support Critical Infrastructure—of the impacts of quantum capabilities, and to encourage the early planning for migration to post-quantum cryptographic standards ...
- CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan
August 16, 2023
Today, CISA released the Remote Monitoring and Management (RMM) Cyber Defense Plan, the first proactive Plan developed by industry and government partners through the Joint Cyber Defense Collaborative (JCDC). This plan addresses systemic risks facing the exploitation of RMM software. Cyber threat actors can gain footholds via RMM software into managed service providers (MSPs) or manage ...
- Bangladesh Bank warns banks and financial institutions against cyber attacks
August 12, 2023
The Bangladesh Bank has issued out a comprehensive 11-point instruction in a situational alert, urging all banks and financial institutions to bolster their cyber defences. This move comes on the heels of a recent cyber threat targeting the country’s cyber sphere, with potential implications for critical state information infrastructure (CII), including banking, healthcare, and government operations. Read ...
- Capita shares plummet 11 per cent as contractor reveals cyber attack cost £25m
August 4, 2023
Capita shares in slumped 11.4 per cent on Friday morning after it said a recent data breach could cost it up to £25m. The government contractor, which provides data and IT outsourcing processes, said this morning it expects a major cyber attack in March could cost it £20-25m, as an investigation nears its close. Read more… Source: City ...
- Cyberattacks targeting utility firms at ‘alarmingly high levels’
August 2, 2023
Utility firms such as electricity providers have become the new frontier for cyberattacks, reaching “alarmingly high levels” last year, the International Energy Agency (IEA) has warned. Russia’s invasion of Ukraine gave fresh impetus to cyber criminals to attack electricity grids and demand ransoms from energy companies scarcely able to defend themselves due to a cybersecurity ...