According to security researchers at Malwarebytes, most ransomware attacks now occur between 1 am and 5 am to catch cybersecurity teams off guard.  To compound the challenge for network defenders, the researchers claimed it takes less time than ever to complete the entire ransomware attack chain, from initial access to encryption.  The researchers noted that it used to take weeks to work through all these steps to conduct a successful ransomware attack, but now it takes only hours.

According to security researchers at Barracuda Networks, more than a fifth (21%) of ransomware attacks targeted healthcare in the past 12 months, up from 18% in the previous year.  The researchers analyzed 200 reported ransomware incidents from August 2023 to July 2024 during the new study.  The researchers also found that local government municipalities are also a highly targeted sector, at 17%.  Ransomware incidents affecting the education sector fell from 18% in 2022-23 to 9% in 2023-24.

The Remote Authentication Dial-In User Service (RADIUS) protocol, a widely used security protocol dating back to the days of dial-up Internet, has been found to contain vulnerabilities that leave many networked devices exposed to an attack and enable an adversary to gain control of traffic on an organization's network.

According to Abnormal Security, threat actors are using popular file-hosting or e-signature solutions to trick victims into revealing private information or downloading malware. A file-sharing phishing attack involves a cybercriminal posing as a familiar colleague, file-hosting solution, or e-signature solution and sending a malicious email with a link to what seems to be a shared file or document. Clicking on the link starts the second phase of the attack, which may involve stealing login credentials or infecting the target's device with malware.

Joseph K. Nwankpa, Miami University Associate Professor of Information Systems and Analytics, points out that default privacy settings are a potential risk to user privacy. As a cybersecurity scholar, he finds that many apps' privacy settings can often increase the vulnerability of end users to data exposure despite appearing to enable privacy. According to Nwankpa, these apps intentionally have complicated default privacy settings that make the user's information more public than private. Users are often unaware of the additional steps required for optimal privacy settings.

Czech Republic, Hungary, and Georgia are facing financial fraud campaigns involving a recently discovered sophisticated mobile phishing technique. This phishing technique uses Progressive Web Applications (PWAs), which offer a native-app-like experience and are growing on Android and iOS devices. ESET researchers detected the campaigns, noting that this method installs a phishing app from a third-party website without user consent. This article continues to discuss observations regarding the PWA phishing method.

The French security company Quarkslab found a major backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading Chinese chip manufacturer. According to Quarkslab researcher Philippe Teuwen, the backdoor allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms worldwide. Teuwen explained that a supply chain attacker could execute instantaneous, scaled attacks using the backdoor, which requires only a few minutes of physical proximity to an affected card.