THREAT

Exploit kits are automated threats that utilize compromised websites to divert web traffic, scan for vulnerable browser-based applications, and run malware.

3 min read

Phishing attacks are one of the most prevalent methods of cybercrime because they are easy to deploy, can bypass detection methods, and offer low risk and cost.

3 min read

A denial-of-service attack is meant to shut down a machine or network by flooding it with traffic, making it inaccessible to its intended users.

3 min read

A distributed denial-of-service (DDoS) attack is a variant of a DoS attack that employs large numbers of attacking computers to overwhelm the target.

3 min read

A bot is a piece of malware that infects a computer to carry out commands under the remote control of the attacker.

3 min read

Spyware is a type of malware that collects and shares information about a computer or network without the user’s consent.

3 min read

The cyber attack lifecycle consists of multiple stages, and prevention must occur at each stage to prevent attackers from gaining access and stealing data.

5 min read

To identify and prevent evasive threats, security tools must employ purpose-built virtual analysis, bare metal analysis, and incorporate threat intelligence.

3 min read

Organizations face 3 challenges when identifying and preventing evasive threats: the threat marketplace, inadequate defenses, and open source vulnerabilities.

3 min read

The success of any industry is reliant on its economics. Cybercrime is no different, maintaining its own economy of commoditized products and services.

3 min read

Unknown threats are recycled or modified known threats, or created entirely from scratch, and bypass security tools designed to protect against known threats.

5 min read

Credential based attacks occur when attackers steal credentials to gain access, bypass an organizations security measures, and steal critical data.

3 min read

Attackers can obtain stolen credentials in many ways: phishing, malware, social engineering, brute force or black-market purchase. Once attackers have stolen credentials, they can abuse them to enter an organization, move laterally, and escalate privileges for unauthorized applications and data.

3 min read

Users and their credentials are among the weakest links in an organization’s security infrastructure. As such, the majority of breaches involve credential theft at some point in the attack lifecycle. With credential abuse as part of the attackers’ toolset, their chances of successfully breaching go up, and their risk of getting caught goes down..

2 min read