While 20% of businesses may not survive past their first year, those that manage steady growth face new challenges over time. Among them is external attack surface expansion, one of the most critical security aspects for growing businesses.
In recent news, more than 13,000 subdomains of brands were hijacked for a large spam campaign that "leverages the trust associated with these domains to circulate spam and malicious phishing emails by the millions each day, cunningly using their credibility and stolen resources to slip past security measures."
Malwarebytes Labs recently published a report on the latest Nitrogen malware campaign that has been targeting system administrators using fake ads in the guise of Google sponsored search results. According to the security analysts, the victims are currently limited to North America.
This month, Stephanie Driver, CSC's marketing manager, spoke with Patrick Hauss, head of Corporate Development and Strategic Alliances EMEA, about the Internet Corporation for Assigned Names and Numbers (ICANN) Registration Data Request Service (RDRS) as part of an ongoing a series of interviews with CSC's Digital Brand services business experts, where we talk about industry issues across cybersecurity, domains, brand protection, and fraud protection.
More than 30.6 billion records have been exposed in 2024 so far based on 8,839 publicly disclosed incidents. Intensifying cybersecurity efforts has thus become more critical than ever for organizations the world over.
Bleeping Computer recently reported that a phishing-as-a-service (PhaaS) available in cybercriminal forums dubbed "Typhoon 2FA" has the ability to compromise Microsoft 365 and Google accounts even if users have two-factor authentication (2FA) enabled.
Radix, a leading top-level domain registry, recently released its Premium Domains Performance Report for the second half of 2023, highlighting significant growth and robust sales across its domain portfolio.
The 2024 U.S. tax season is well underway, and as usual, scams of all kinds targeting taxpayers and causing the Internal Revenue Service (IRS) problems have cropped up. One such ongoing malicious campaign has explicitly been trailing its sights on small business owners and the self-employed.
Glupteba, an advanced piece of malware, has been used in several cybercriminal attacks for more than a decade now. But Palo Alto's Unit 42 only brought to light one of the features that made it so effective - its Unified Extensible Firmware Interface (UEFI) bootkit component, which allowed it to intervene and control the operating system (OS) boot process and be extremely difficult to detect and remove, last November 2023.
A new info-stealing malware called "TimbreStealer" is in town. Cisco Talos detected its distribution through a phishing campaign targeting Mexico.