Cyberthreat News
Cyberthreat News is a weekly newsletter for IT security professionals that covers the latest cyberattacks, research, tools and trends impacting your organization. Our goal is to provide you with the information you need to be a confident, proactive member of your cybersecurity team.
The most common cyberattacks target financial assets like bank accounts, credit cards and cryptocurrency wallets for direct theft or resale on the dark web. Intellectual property theft encompasses data and product designs for theft or resale, as well as stolen login credentials for identity and financial fraud. Other cyberattacks include ransomware (locking systems or files hostage until a ransom is paid), supply chain attacks and wiper malware that destroys critical information or data.
Nation-state threat actors are the most advanced attackers, probing classified networks and critical infrastructures for long-term espionage or disruption of services. Terrorist groups are gaining sophistication but tend to have less of a propensity for cyberattacks than state-sponsored adversaries.
Zero-day exploits are flaws in hardware or software that are leveraged by hackers before a patch is released. Other techniques exploit human trust instead of technical weaknesses, including phishing, where cybercriminals use emails, texts or social media messages to trick people into giving up sensitive information or installing malware.
Other tactics expand the attack surface by targeting vulnerabilities in third-party components and exploiting escrow services. DNS spoofing changes DNS records to redirect users from legitimate websites to malicious ones, and malvertising embeds malware into digital ads on sites that allow third-party advertising.