Tag: cyberattacks
175 articles

AI Cybersecurity Threats: Must-Have Best Practices
AI can be both defender and threat—and NIST’s NCCoE is leading virtual sessions to shape the Cyber AI Profile, offering practical guidance to spot AI-enabled risks and harden defenses. Whether you’re a technologist, policymaker, or business leader, this essential guide shows how to harness AI safely and stay ahead of evolving cyber threats.

NIS2 Directive compliance: Stunning Risky Failures
Eight EU countries risk penalties and increased vulnerability after missing the NIS2 transposition deadline—it’s a wake-up call to shore up cyber defenses before trust in essential services is eroded.

Hacktivism on the Rise: Threats to Critical Infrastructure
As the lights flicker off in hospitals and data centers scramble, we find ourselves grappling with a chilling new reality: hacktivism is on the rise, targeting the very infrastructure that keeps our society running. With attacks skyrocketing by over 50% in just a year, the line between civil disobedience and life-threatening threats has never been blurrier.

SharePoint vulnerabilities: Must-Have Critical Fix
Microsoft’s emergency SharePoint patch—triggered by active exploits—proved that even trusted collaboration tools can become powerful attack vectors; don’t wait: patch now, inventory your instances, and tighten monitoring to stay ahead of costly breaches.

On-Prem SharePoint Security: Critical Must-Have Fixes
Microsoft warns on‑prem SharePoint servers are being actively targeted—assume compromise and take action now. Patch and harden systems, enforce least privilege, boost monitoring, and have an incident‑ready recovery plan to stop data loss before it happens.

ICS Vulnerabilities: Must-Have Fixes for Critical Risk
CISA’s latest advisory reveals widespread flaws in Industrial Control Systems from major vendors—putting power, water, and other essential services at real risk. Now’s the time for operators, vendors, and policymakers to act fast with inventory, segmentation, and prioritized patching to keep communities safe.

Critical infrastructure security: Must-Have Best Defenses
Hacktivists and sophisticated attackers are increasingly targeting the systems that keep our cities running. Learn the must-have, layered defenses governments and operators need to protect lives, services, and supply chains.

Operation Eastwood: Stunning Victory, Risky Future
Operation Eastwood is a rare win—Europol and partners dismantled 100+ DDoS servers and arrested suspects tied to pro‑Russian NoName057(16)—but it also shows how fragile defenses remain and how quickly attackers can adapt. The takedown proves international cooperation works, yet it’s a clear call for sustained resilience, smarter diplomacy, and stronger defenses.

Identity-Based Attacks: Critical Must-Have Defense Tips
Identity-based attacks—up 156%—are using infostealers and lifelike phishing kits to steal logins, but you can push back with simple steps like unique passwords, a reputable password manager, and phishing-resistant MFA. Stay skeptical of unexpected prompts, keep devices patched, and teach your family the warning signs to dramatically reduce your risk.

Proxy Services: Stunning, Risky Threat to Ukraine
As daylight fades over Kyiv, a quieter crisis unfolds online: huge swaths of Ukrainian IP space have been transferred to proxy services and intermediaries. That shift lets privacy tools and malicious actors alike masquerade as local, undermining trust, security, and everyday life for millions.

Small Business Cybersecurity: Must-Have Essential Defenses
A single cyberattack can sink a small business—NCCoE’s Cybersecurity Connections turns NIST guidance into practical, budget-friendly steps (MFA, patching, tested backups) and real-world tools to help owners protect customers, preserve trust, and keep their business running.

Embedding Security in Digital Citizen Services for Resilient Government
When digital services stumble, everyday life grinds to a halt—discover why embedding robust security in government platforms is vital to keeping our communities safe, connected, and resilient.

90% of Large Organizations Unready for AI-Driven Cyber Threats
With AI-powered cyberattacks evolving faster than ever, a shocking 90% of large organizations are still unprepared to defend themselves—are we ready to face this new digital battleground?

How to Stop the Rising Fake North Korean IT Worker Threat
Think all resumes are trustworthy? Think again—fake North Korean IT worker profiles are sneaking into global tech teams, posing a hidden threat that could compromise your company’s security from the inside out.

Millions of Printers at Risk Amid New Critical Hacking Flaws
Think your office printer is just a harmless machine? Think again—new critical flaws put millions of printers at risk, turning them into unexpected gateways for hackers to invade your network and steal sensitive data.

Microsoft’s First 2025 Patch Tuesday Arrives Without Active Exploits
Microsoft’s first Patch Tuesday of 2025 brings over 130 crucial fixes—and for the first time this year, none are actively exploited, giving everyone a rare chance to update and stay ahead of cyber threats.

Microsoft July 2025 Patch Tuesday Addresses One Zero-Day and 137 Vulnerabilities
Microsoft’s July 2025 Patch Tuesday fixes one zero-day and addresses 137 vulnerabilities, enhancing security and protecting users against potential threats.

Phishing platforms, infostealers blamed as identity attacks soar
Explore the rise of phishing platforms and infostealers fueling identity theft, as attacks escalate and online security becomes more critical than ever.

Ingram Micro outage caused by SafePay ransomware attack
Ingram Micro faces a significant outage due to a SafePay ransomware attack, disrupting services and raising concerns about cybersecurity vulnerabilities.

Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS
Alert: Exposed JDWP interfaces are vulnerable to crypto mining, while Hpingbot targets SSH for DDoS attacks. Stay informed and secure your systems.

Hunters International Ransomware Group Announces Disbandment
Hunters International Ransomware Group disbands, signaling a significant shift in the cybercrime landscape and potential implications for cybersecurity efforts.

Young Consulting Discovers Over 1 Million Affected by Breach Incident
Young Consulting uncovers a breach incident affecting over 1 million individuals, highlighting the urgent need for enhanced cybersecurity measures.

Surveillance Used by a Drug Cartel
“Explore the chilling surveillance tactics employed by drug cartels to monitor rivals, evade law enforcement, and maintain their grip on territory.”

CISA Warns of Potential Iranian Cyber Threats to US Entities
CISA alerts U.S. entities about potential Iranian cyber threats, urging heightened security measures to safeguard against attacks and vulnerabilities.