eSecurity Planet

DECEMBER 3, 2021

Fifteen years after the launch of the microblogging social media platform, Twitter remains a dominant public forum for instant communication with individuals and organizations worldwide on a universe of topics, including #cybersecurity. — Dave Kennedy (@HackingDave) July 15, 2020. Eugene Kaspersky | @e_kaspersky.

Accountability 134

Accountability Cybersecurity Penetration Testing InfoSec 134

Malwarebytes

FEBRUARY 17, 2021

Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had a security breach, leading to the compromise of almost 5,000 Yandex email accounts. The post Yandex sysadmin caught selling access to email accounts appeared first on Malwarebytes Labs.

Accountability 96

Accountability Social Engineering System Administration Engineering 96

Security Affairs

JUNE 3, 2023

At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. The APT group has persistently refined its social engineering tactics, making its spear-phishing campaigns progressively harder to detect.

Social Engineering 89

Social Engineering Phishing System Administration Engineering 89

Security Affairs

FEBRUARY 14, 2021

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. “TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.”

Passwords 139

Passwords Social Engineering Software System Administration 139

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. Microservices Architecture has Created a Security Blind Spot. password guessing). API Security Tools.

DDOS 114

DDOS Authentication Architecture Social Engineering 114

eSecurity Planet

MARCH 25, 2022

Like in the case of SolarWinds in 2020, masked threat actors aren’t afraid to linger for months during reconnaissance. In November 2021, an unauthorized third party called a Robinhood customer support employee and, through social engineering , gained access to the company’s customer support systems.

VPN 111

VPN Software Authentication Encryption 111

Digital Shadows

AUGUST 17, 2021

Going back a bit, it was also the top attack vector in 2020, 2019, 2018, 2017, 2016, and well, hopefully, you get the picture. The social engineering aspect around phishing works because humans want to be helpful, informed, paid well, get stuff for free sometimes, and generally not end up on the wrong side of management.

Phishing 52

Phishing Accountability Social Engineering Mobile 52