In 2024, cybercriminals increasingly exploit identity vulnerabilities through credential theft, primarily using AI-generated phishing emails and infostealers, leading to a significant rise in intrusions and data breaches.
The US Cybersecurity and Infrastructure Security Agency has extended funding for the Common Vulnerabilities and Exposures Program for 11 months to ensure continuity in cybersecurity vulnerability disclosures, while highlighting ongoing challenges regarding the program’s long-term viability and independence.
Microsoft has identified a significant increase in online scams driven by artificial intelligence, blocking over $4 billion in fraud attempts and highlighting the need for collaboration between public and private sectors to combat these evolving threats.
BRICKSTORM, a sophisticated cyber espionage tool linked to the China-aligned threat group UNC5221, has evolved to target both Windows and Linux environments in European strategic industries since late 2022, employing advanced evasion techniques and command-and-control mechanisms for long-term infiltration.
The US government has reinstated funding for the Common Vulnerabilities and Exposures (CVE) database to ensure continuity in cybersecurity resources, while the establishment of the CVE Foundation aims to address future funding uncertainties.
Employing a security service is crucial for safeguarding websites from various online attacks, including SQL injection and malformed data submissions.
