Blogs

Background

The digital landscape is in a constant state of flux, and with it, the ever-evolving realm of cyber threats. A recent addition to the cybercrime arena is the Rhysida Ransomware Group, which emerged in May 2023 and swiftly gained notoriety.

In the modern digital landscape, enterprises utilize communication platforms to facilitate smooth interactions; however, these conveniences also open up numerous avenues that can be exploited by malicious actors. This is the final blog of the Business Communication Risks series, highlighting how seemingly benign mobile apps can become pathways for attackers targeting individuals and infiltrating organizations.

Overview

BlackByte is a ransomware-as-a-service (RaaS) group that emerged in July 2021. Initially catching the attention of the FBI and U.S. Secret Service for targeting critical infrastructure sectors, BlackByte has adapted to remain effective and profitable in the ever-evolving cybersecurity landscape. This group continues to target organizations globally with a diverse focus on sectors ranging from small businesses to government entities.

In the modern digital landscape, enterprises utilize communication platforms to facilitate smooth interactions; however, these conveniences also open up numerous avenues that can be exploited by malicious actors. This blog, part four of the Business Communication Risks series, highlights how seemingly benign platforms can become pathways for attackers targeting individuals and infiltrating organizations.

Background

The enduring and evolving threat of malware remains a predominant concern in the cybersecurity realm, imperiling individuals, organizations, and even entire nations. Malware infiltrates systems through diverse entry points, from malicious email attachments to compromised websites and sophisticated social engineering schemes that deceive unwitting users into executing malevolent code.

In the modern digital landscape, enterprises utilize communication platforms to facilitate smooth interactions; however, these conveniences also open up numerous avenues that can be exploited by malicious actors. This blog, part three of the Business Communication Risks series, highlights how seemingly benign platforms can become pathways for attackers targeting individuals and infiltrating organizations.

Recently, there has been a resurgence of Kerberoasting attacks, revealing a concerning trend in the evolving tactics of cybercriminal groups. These attacks, which target the Kerberos authentication protocols used in Windows environments, have seen a staggering 583% increase over the past year. Kerberoasting has been a recognized cyberattack method since approximately 2014. It targets the Kerberos authentication system, integral to Windows-based infrastructures.

Background of Abandoned Website Phishing 

The Critical Start Cyber Threat Intelligence Team is aware of cybercriminals employing a tactic known as "abandoned website phishing" to carry out their malicious activities. In this approach, attackers take advantage of websites that have been neglected or abandoned by their original owners.

Credit unions play a vital role in the financial sector, offering essential financial services to their members. However, the digital landscape also puts credit unions at risk of cyberattacks and other vulnerabilities.

There is a rise in cyberattacks against credit unions, according to the National Credit Union Administration (NCUA).

In the modern digital landscape, enterprises utilize communication platforms to facilitate smooth interactions; however, these conveniences also open up numerous avenues that can be exploited by malicious actors. This blog, part two of the Business Communication Risks series, highlights how seemingly benign platforms can become pathways for attackers targeting individuals and infiltrating organizations.

Today is a special day in our industry, as we celebrate International Women in Cybersecurity Day (IWCD). IWCD's purpose is to recognize women's immeasurable accomplishments and address the challenges women face in the industry. It’s a day we can look back at women's growth and make plans for a brighter future that’s more inclusive of women in cybersecurity.