- Apple Patches Critical iOS Bugs; One Under Attack - Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks. Apple lovers who haven’t yet updated to iOS 15, you may want to pop into Settings to freshen up your iPhone now: Apple has released several critical security updates that might light a fire under your britches. On Monday… Continue Reading
- Ransomware thieves publish major airlines’ passenger information - Ransomware group LockBit attacks Bangkok Airways and releases passenger data including passport and credit card information Just a few weeks after global consultancy Accenture fell prey to a cyber-attack with a US$50m price tag, the ransomware group LockBit attacked Bangkok Airways, stealing and encrypting a massive haul of passenger information, including passport and credit card… Continue Reading
- Apple releases update fixing NSO spyware vulnerability affecting Macs, iPhones, iPads and Watches - Citizen Lab said the vulnerability would give hackers access to a device without the victim even clicking anything. Apple has released an urgent security update for Mac, iPhone, iPad and Watch users after researchers with Citizen Lab discovered a zero-day, zero-click exploit from mercenary spyware company NSO Group that gives attackers full access to… Continue Reading
- Feds Warn of Ransomware Attacks Ahead of Labor Day - Threat actors recently have used long holiday weekends — when many staff are taking time off — as a prime opportunity to ambush organizations. Though lots of people might be taking some time off over the Labor Day weekend, threat actors likely won’t — which means organizations should remain particularly vigilante about the potential for… Continue Reading
- This serious Wi-Fi bug can break your iPhone, but here’s how to protect yourself - Walking past a Wi-Fi hotspot with a specific name can cause big problems for your iPhone. And the scary thing is that it's easy to do. A specially-crafted hotspot can cause big problems for your iPhone or iPad. Software engineer Carl Schou discovered that a specific network name -- %secretclub%power -- can completely disable your… Continue Reading
- Install immediately: Microsoft delivers emergency patch for PrintNightmare security bug - Microsoft is offering patches for unsupported versions of Windows to plug the so-called PrintNightmare bugs. Microsoft has released an out-of-band patch for the security flaw known as PrintNightmare that is under attack already and lets attackers take control of a PC. The PrintNightmare bug is being tracked as CVE-2021-1675 and CVE-2021-34527. It's a critical… Continue Reading
- Peloton’s leaky API let anyone grab riders’ private account data - But the company won't say if it has evidence of malicious exploitation Halfway through my Monday afternoon workout last week, I got a message from a security researcher with a screenshot of my Peloton account data. My Peloton profile is set to private and my friend’s list is deliberately zero, so nobody can view my… Continue Reading
- A security bug in Google’s Android app put users’ data at risk - Until recently, Google’s namesake Android app, which has more than five billion installs to date, had a vulnerability that could have allowed an attacker to quietly steal personal data from a victim’s device. Sergey Toshin, founder of mobile app security startup Oversecured, said in a blog post that the vulnerability has to do with how… Continue Reading
- Rising travel brings increased cybersecurity risks - With the pandemic easing considerably in the United States and receding in other countries, business travel is starting to return to pre-pandemic levels. But normal travel can also bring with it a host of cybersecurity dangers. Forbes Magazine illustrated the return to normal: In a recent survey of business travelers commissioned by insurance company Chubb,… Continue Reading
- Everything you need to know about the Microsoft Exchange Server hack - Updated: Vulnerabilities are being exploited by Hafnium. Other cyberattackers are following suit. Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by a state-sponsored threat group from China and appear to have been adopted by other cyberattackers in widespread attacks. While in no way believed to be connected to the SolarWinds supply chain… Continue Reading
What are cybersecurity threats?
A cybersecurity threat is any malicious attack by an individual or organization to gain access to another individual’s or organization’s network to corrupt data or steal confidential information. Sometimes, the attacks destroy computer systems.
No company is immune from cyber attacks and the resulting data breaches. As cyber threats become increasingly sophisticated, businesses must ensure they implement the security necessary to safeguard their data and their networks.
However, before they can do that, organizations need to understand the types of threats they’ll be facing almost daily, including:
- Trojan: A type of malicious software (malware) or code that acts as a legitimate application or file to trick a user into loading and executing the malware on his device. A Trojan’s goal is to damage or steal an organization’s data or otherwise inflict some harmful action on its network.
- Virus: A malicious program aimed at infecting a company’s systems, destroying data and bringing its network to a standstill. A virus attaches itself to a program, file, or document and lies dormant until some event triggers the device to execute its code.
- Phishing attacks: A type of social engineering that attempts to trick users into bypassing normal cybersecurity practices and giving up sensitive data, such as user names and passwords, bank account information, Social Security numbers, and credit card data. Typically, hackers send out phishing scam emails that appear to come from trusted senders, such as PayPal, eBay, financial institutions, as well as friends and co-workers. The cybercriminals try to get users to click on links in the emails that will redirect them to fraudulent websites that ask for personal information or install malware on their devices. Opening attachments sent with phishing emails can also install malware on users’ devices, or allow the hackers to control their devices remotely.
- Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. … It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
- Distributed denial of service (DDoS): A DDoS attack aims to take down a company’s website by overwhelming its servers with requests. In this attack, requests come from hundreds or thousands of IP addresses that have probably also been compromised and tricked into continuously requesting a company’s website. A DDoS attack overloads an organization’s servers, slows them down significantly or temporarily takes them offline. This prevents customers from accessing the website and completing orders.