Dependency confusion attacks, involving malicious code injection into applications through vulnerable dependencies, pose a significant security risk to organizations, with a high percentage of applications and assets being vulnerable to such attacks.

In an effort to grow its hybrid cloud and artificial intelligence capabilities, IBM announced on Tuesday that it was acquiring Polar Security, an Israel-based company specializing in data security posture management.

NoName057(16) reportedly claimed it was behind DoS attacks against the Finnish parliament’s website on Tuesday, the day the country joined NATO. The country’s Technical Research Centre of Finland was also hacked, according to Finnish news site, YLE.

New studies by NCC Group and Barracuda Networks show threat actors are increasing ransomware exploits, with consumer goods and services receiving the brunt of attacks and a large percentage of victims being hit multiple times.

The latest annual IBM X-Force Threat Intelligence Index released today reported that deployment of backdoor malware, which allows remote access to systems, emerged as the top action by cyberattackers last year.

Once the initial IcedID infection is done, an interactive command line session is started, which downloads additional files on the infected system. Seven minutes after the initial infection, a Cobalt Strike beacon is used on the infected computer.

Displaying the Zoom name and logo, the email itself claimed that the person had two messages waiting for their response. To read the alleged messages, the recipient had to click on a button in the body that would redirect them to a fake login page.

Also known in some circles as FIN7 or Carbon Spider, Coreid is a ransomware-as-a-service (RaaS) operation that develops ransomware tools and services and then collects money from affiliates who use these tools to carry out the actual attacks.

Traffers — from the Russian word “???????,” also referred to as “worker” — are cybercriminals responsible for redirecting Internet users network traffic to malicious content that they operate, this content being malware most of the time.

Cybercriminals have been building phishing pages on AWS. By sending a link to such a page through a phishing email, the scammers are able to bypass security tools and convince the recipient to share credentials for sensitive accounts.