Skip to content

DXC Security Threat Intelligence Report

Stay up to date on the latest threats, vulnerabilities and nation-state activities.

Mark Hughes, president of Security, DXC

The evolution of malware

Malware has become sophisticated enough to evade even the most robust antivirus software. Fortunately, organizations can still avoid an attack with several simple steps.


SkidMap malware targets Linux distros

SkidMap adapts to the operating system it is executed on, and it can choose the binary to download based on the Linux distribution architecture of an infected system.

By the numbers

Nearly 35%
of executives saw their organizations’ accounting and financial data recently targeted by cyber criminals
3.4 million
additional cybersecurity experts are needed to support today’s global economy
Over 75%
of targeted cyberattacks start with email


EvilProxy leveraged for cloud-account takeover campaign

This phishing tool has been used to steal Microsoft 365 credentials, including those protected by multifactor authentication, from more than 100 organizations.


Reptile rootkit targets Linux systems

Open source rootkit targets systems in South Korea.

By the numbers

$9.48 million
average cost of a data breach in the United States
median cost per ransomware incident with a financial loss, a two-fold increase in the last 2 years

Other news

Hacking device spams iPhones with Bluetooth pop-ups

Hackers are using Flipper Zero, a popular and relatively cheap hacking tool, to spam iPhones with annoying pop-ups that prompt the user to connect to a nearby AirTag, Apple TV, AirPod or other Apple device.

TikTok opens Euro data center to ease China spy fears

TikTok is shifting its European users’ data to new servers in Dublin, Ireland. The move is part of the video-sharing platform’s response to data-privacy concerns around its links to China.

Energy supplier targeted in QR phishing campaign

QR code phishing campaigns have been observed targeting the Microsoft credentials of users from a wide array of industries. The most notable target, a major U.S. energy company, saw nearly 30% of 1,000+ emails containing malicious QR codes.

Generative AI could revolutionize email — for hackers

Phishing attempts can already be made indistinguishable from legitimate emails by using AI, eliminating red flags. Now some security experts are fighting back with AI to get ahead of the attackers.

Microsoft signing key stolen

Networks, including those of the U.S. government networks, have reportedly been breached by Chinese hackers. The attackers gained access to user email using forged authentication tokens, including a stolen Microsoft Azure account consumer signing key.

Hackers weaponize Cloudflare Tunnels

Hackers are abusing Cloudflare’s legitimate tunneling feature to create stealthy HTTPS connections from compromised devices, bypass firewalls and maintain long-term persistence.

Visual Studio Code lets extensions steal passwords

This Microsoft code editor and development environment contains a flaw that lets malicious extensions retrieve authentication tokens stored in Windows, Linux and macOS credential managers.

Subscribe for the latest threat updates.



DXC Security Threat Intelligence Report

Get the latest threat updates

Protect your enterprise. Subscribe to DXC's monthly report on the latest threats, breaches, cybercrimes and nation-state activities.