Noname Security Extends Reach of API Security Platform Noname Security this week extended the reach of its platform for securing application programming interfaces (APIs) to make...
Author:
USENIX Security ’22 – Andreas Kogler, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, Daniel Gruss – ‘Half-Double: Hammering From The Next Row Over’
USENIX Security ’22 – Andreas Kogler, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, Daniel Gruss – ‘Half-Double: Hammering From...
3 Ways Balbix can help operationalize CISA BOD 23-01
3 Ways Balbix can help operationalize CISA BOD 23-01What is CISA Directive BOD 23-01? In October 2022, the US Cybersecurity and Infrastructure Security Agency (CISA), which...
Women’s History Month at RiskLens: More Voices – Aliscia Warren
Women’s History Month at RiskLens: More Voices – Aliscia Warren For Women’s History Month, we are asking RiskLens staff members for their thoughts on the current...
The Future of XDR in Security Operations
The Future of XDR in Security OperationsIn this blog we talk about the future of XDR in Security Operations. What does... The post The Future of...
FusionAuth announces Pass-wordle™
FusionAuth announces Pass-wordle™FusionAuth is proud to announce the next big thing in end user authentication. Passwords suck Standards body, such as NIST, no longer recommend using...
NYPD blues: Cops ignored 93 percent of surveillance law rules
NYPD blues: Cops ignored 93 percent of surveillance law rulesWho watches the watchmen? The Office of the Inspector General Back in July 2020, then New York...
Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin
Hackers are actively exploiting a flaw in the Elementor Pro WordPress pluginThreat actors are actively exploiting a high-severity flaw in the Elementor Pro WordPress plugin used...
Treading Water: The Struggle Against Third-Party Vulnerabilities and How True Automation Can Help.
Treading Water: The Struggle Against Third-Party Vulnerabilities and How True Automation Can Help.By Dan Richings – Senior Vice President, Global Presales, Solutions Engineering, and Support –...
Friday Squid Blogging: Giant Squid vs. Blue Marlin
Friday Squid Blogging: Giant Squid vs. Blue MarlinEpic matchup. As usual, you can also use this squid post to talk about the security stories in the...
German Police Raid DDoS-Friendly Host ‘FlyHosting’
German Police Raid DDoS-Friendly Host ‘FlyHosting’Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire...
From Workshops to Leader Panels: A Recap of Women’s History Month at McAfee
From Workshops to Leader Panels: A Recap of Women’s History Month at McAfee From Workshops to Leader Panels: A Recap of Women’s History Month at McAfee...
Preventing and Detecting Attacks Involving 3CX Desktop App
Preventing and Detecting Attacks Involving 3CX Desktop AppIn this blog entry, we provide technical details and analysis on the 3CX attacks as they happen. We also...
S4x23 Review Part 4: Cybersecurity for Industrial IoT
S4x23 Review Part 4: Cybersecurity for Industrial IoTIn this fourth article, I introduce the discussion related to Industrial IoT, that is involved challenges to adopt cybersecurity...
Study: Women in cybersecurity feel excluded, disrespected
Study: Women in cybersecurity feel excluded, disrespectedFeelings of exclusion and being disrespected impacts hiring opportunities and retention for women, according to a new report. The post...
15 million public-facing services vulnerable to CISA KEV flaws
15 million public-facing services vulnerable to CISA KEV flawsOver 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in...
Twitter open-sources recommendation algorithm code
Twitter open-sources recommendation algorithm codeTwitter announced on Friday that it's open-sourcing the code behind the recommendation algorithm the platform uses to select the contents of the...
Artificial intelligence: A double-edged sword for technology & ethics
Artificial intelligence: A double-edged sword for technology & ethicsPål (Paul) has more than 30 years of experience from the IT industry and has worked with both...
Subprime Lender TitleMax Hit With Hacking Incident
Subprime Lender TitleMax Hit With Hacking IncidentPersonal, and Potentially Financial Data Exposed in 'Contained' IncidentThe parent company of subprime lender TitleMax says hackers made off the...
SEC Eyes Final Rules on Incident Disclosure, Board Expertise
SEC Eyes Final Rules on Incident Disclosure, Board ExpertiseOne Rule Would Force Firms to Disclose 'Material Cybersecurity Incidents' in 4 DaysRules coming in April could require...
Evolving AlienFox Malware Steals Cloud Services Credentials
Evolving AlienFox Malware Steals Cloud Services CredentialsAttackers Use Toolkit to Harvest API Keys and Secrets From 18 Cloud ProvidersHackers have used a modular toolkit called "AlienFox'"...
Ukrainian Cops Bust Phishing Group That Stole $4.3 Million
Ukrainian Cops Bust Phishing Group That Stole $4.3 MillionFruadsters Used Fake E-Commerce Websites to Swindle VictimsThe Ukrainian law enforcement busted a transnational group of scammers that...
Investigadores detallan la grave vulnerabilidad «Super FabriXss» en Microsoft Azure SFX
Investigadores detallan la grave vulnerabilidad «Super FabriXss» en Microsoft Azure SFXHan surgido detalles sobre una vulnerabilidad ahora parcheada en Azure Service Fabric Explorer ( SFX )...
Dark Power, nuevo ransomware activo
Dark Power, nuevo ransomware activoHa aparecido una nueva operación de ransomware llamada «Dark Power», y ya ha enumerado a sus primeras víctimas en un […]Read MoreBlog...
15 millones de servicios públicos vulnerables a fallas CISA KEV
15 millones de servicios públicos vulnerables a fallas CISA KEVMás de 15 millones de servicios públicos son susceptibles a al menos una de las 896 vulnerabilidades...
Cybersecurity Insights with Contrast CISO David Lindner | 3/31
Cybersecurity Insights with Contrast CISO David Lindner | 3/31 Insight #1 " Microsoft Security Copilot, a generative AI approach to helping secure your systems was announced...
3CX VoIP Desktop Application Supply Chain Attack
3CX VoIP Desktop Application Supply Chain AttackThreat Summary The 3CX DesktopApp is a voice and video conferencing software developed by 3CX – a widely used application,...
Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea
Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea The post Post-Conference Tech Spec: Why Building Your Ship (Application)...
AlienFox malware caught in the cloud hen house
AlienFox malware caught in the cloud hen houseMalicious toolkit targets misconfigured hosts in AWS and Office 365 A fast-evolving toolkit that can be used to compromise...
Azure blunder left Bing results editable, MS 365 accounts potentially exposed
Azure blunder left Bing results editable, MS 365 accounts potentially exposed'BingBang' boo-boo affected other internal Microsoft apps, too An Azure Active Directory (AAD) misconfiguration by Microsoft...