Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • Cybersecurity ‘Vaccines’ Emerge as Ransomware, Vulnerability Defense

    Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware strain and the new Apache Log4Shell vulnerability. Germany-based G Data CyberDefense released software designed to trick the STOP ransomware variant into believing…

  • Apache Log4j Zero Day Exploit Puts Large Number of Servers at Severe Risk

    A critical vulnerability in the open-source logging software Apache Log4j 2 is fueling a chaotic race in the cybersecurity world, with the Apache Software Foundation (ASF) issuing an emergency security update as bad actors searched for vulnerable servers. Log4j 2, developed by the ASF, is a widely used Java package that enables logging in an…

  • AT&T Looks to Shut Down Botnet that Attacked 5,700 Network Appliances

    AT&T is working to stop a botnet that has infected at least 5,700 network edge servers inside its networks and appears designed to steal sensitive information and launch distributed denial-of-service (DDoS) attacks. Researchers at Netlab, the network security unit of Chinese tech giant Qihoo 360, wrote in a report this week that the rapidly updated…

  • Nation-State Attackers Use RTF Injection to Easily Spread Malware

    Hacking groups linked to Russia, China and India are leveraging a novel attack technique that makes it easier for them to spread malware, steal data and evade detection, according to a report this week by security firm Proofpoint. The advanced persistent threat (APT) groups are using a technique called rich text format (RTF) template injections,…

  • Companies Get Better at Fighting Ransomware Despite Escalating Threats

    In a year in which ransomware attacks seem to get worse by the day, companies have made surprising progress defending themselves against attacks. But the attention paid to the malware by journalists, cybersecurity vendors and increasingly, government agencies, has pushed companies to improve their preparedness to defend themselves against ransomware gangs, according to a report…

  • How Hackers Use Payloads to Take Over Your Machine

    A payload is a piece of code that executes when hackers exploit a vulnerability. In other words, it’s an exploit module. It’s usually composed of a few commands that will run on the targeted operating system (e.g., key-loggers) to steal data and other malicious acts. Most operations use payloads, but there are a few payload-less…

  • Cybersecurity Mesh, Decentralized Identity Lead Emerging Security Technology: Gartner

    New cybersecurity buzzwords are always in abundance at the Gartner Security & Risk Management Summit, and the concepts that took center stage this week, like cybersecurity mesh and decentralized identity, seem well suited for new threats that have exploded onto the scene in the last year. Gartner analyst Ruggero Contu noted that security risks are…

  • HTML Smuggling Techniques on the Rise: Microsoft

    Bad actors are increasingly using a technique called HTML smuggling to deliver ransomware and other malicious code in email campaigns aimed at financial services firms and other organizations, according to Microsoft researchers. In a blog post, the company’s Microsoft 365 Defender Threat Intelligence Team wrote that the highly evasive technique, which is used to deploy…

  • Hacker Compromises FBI Server to Send Fake Emails

    Hackers got into an email server at the FBI over the weekend to spread fake messages in an attempt to blame a cybersecurity expert for non-existent attacks, apparently in hopes of damaging his reputation. According to intelligence organization Spamhaus and subsequent reports, the hackers sent out emails with the false accusations in two waves to…

  • DDoS Attacks Skyrocket, Kaspersky Researchers Say

    Distributed denial of service (DDoS) attacks soared in the third quarter, giving organizations yet another cyber threat to worry about. Kaspersky researchers reported that total attacks were up by about a third from the second quarter. Even the slowest days saw 500 DDoS attacks; the busiest day, Aug. 18, saw a whopping 8,825 attacks. Kaspersky…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List