In a new report, Cato observed that the Log4J exploit represented 30% of the outbound vulnerability exploitations and 18% of the inbound vulnerability exploitations detected in the first quarter of 2024.
Ransomware operations are experiencing a decline in profitability due to various factors such as increased cyber resilience of organizations, the availability of decryptors, and more frequent law enforcement actions.
The attackers exploited two zero-day vulnerabilities in Ivanti Connect Secure to gain initial access to MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) in late December 2023.
Identified by analysts in 2022, the hackers use social engineering to lure users into giving up their login credentials or one-time password codes to bypass multifactor authentication.
WPScan observed in April increased exploitation activity against WordPress sites with versions of the plugin older than 5.7.0.1, which are vulnerable to a high-severity (8.8) unauthenticated cross-site scripting flaw tracked as CVE-2023-40000.
AT&T has split its cybersecurity services business to form a new company called LevelBlue. It includes AT&T’s managed security services business, cybersecurity consulting business, and assets from the acquisition of AlienVault in 2018.
Germany has recalled its ambassador to Russia in response to alleged Moscow-backed cyberattacks targeting various sectors in Germany, including defense, aerospace, and IT companies, as well as the German Social Democratic Party.
A report by Ping Identity highlighted the pressing need for enhanced identity protection strategies, as 97% of organizations struggle with identity verification, and 48% lack confidence in defending against AI-related attacks.
The White House is engaging with the tech industry to establish a legal framework for software liability as part of a broader cybersecurity strategy, aiming to incentivize software developers to create products without exploitable security flaws.
According to Verizon’s latest Data Breach Investigations Report (DBIR), supply chain breaches increased by 68% year-over-year, primarily due to software vulnerabilities exploited in ransomware and extortion attacks.