Positive Technologies stories

Among the possible consequences of the attacks are infection with ransomware, data theft, and denial of service.

While phishing attacks remain a consistent threat to online security, attackers are switching up the topics they use to bait unsuspecting victims.

In Q3 2021 there has been a decrease in the number of unique cyber attacks, however there’s been an increase in the share of attacks against individuals, and also a rise in attacks involving remote access malware.

"In order to build an effective protection system, it is necessary to understand what unacceptable events are relevant for a particular company."

Positive Technologies has released a new version of its Network Attack Discovery solution, PT NAD.

A vulnerability in Cisco security devices is dangerous for business processes in large companies.

Flaws in Apple Pay, Samsung Pay, and Google Pay are allowing attackers to make unlimited purchases.

Vulnerabilities have been discovered in Wincor Cineo ATMs allowing illegal cash withdrawals

Researchers have identified a new, previously unknown group that has systematically attacked Russia's fuel and energy complex and its aviation industry. 

Ransomware attacks have reached 'stratospheric levels', now accounting for 69% of all attacks involving malware. 

"The level of cybersecurity at most industrial companies is too low for comfort."

More cybercriminals are customising malware for attacks on virtual infrastructure.

Tampering with this system may negatively impact a company's ability to work, to the point of full disruption of its protection system and stopping of business processes.

The flaw means attackers could disrupt the operation of enterprise IT systems by deleting backups.

There was an increase in the number of attacks aimed at the trade industry and medical institutions, as well in the number of social engineering attacks on individuals.

The company's findings show that 25% of that malware was active in 2019-2020, and that at least 23 APT groups around the world have used them in attacks.

"Since March 2020, we have noticed a surge of interest in website hacking, which is seen by the increase in the number of ads on forums on the dark web."

Attackers did not spare clinics where COVID-19 patients were being treated or pharmaceutical sites where vaccine research was being conducted.

"There is a risk that attackers will take advantage of standalone 5G networks while they are being established and operators are getting to grips with potential vulnerabilities."

"Our automated security assessment proved that all companies have network services available for connection on their network perimeter, allowing hackers to exploit software vulnerabilities and bruteforce credentials to these services."

Almost half of all actions by attackers are identical to the usual activities of users and admins, a new report has found. 

"Through these vulnerabilities, hackers can obtain usernames, account balances, transfer confirmations, card limits, and the phone number associated with a victim's card.”

"The larger the hacked company is, and the higher the obtained privileges, the more profitable the attack becomes."

Since early January 2020, the number of internet-accessible Cisco ASA devices considered vulnerable has jumped from 170,000 to 220,000.