Top 10 Node.Js Security Best Practices
Best Security Practices in Nodejs By Harikrishna Kundariya, CEO, eSparkBiz Node.js is one of the most popular frameworks for web and mobile application development. It is JavaScript runtime which works…
5 Ways Cybersecurity Will Change In 2022
By Jaime Coreano, Vice President of Sales – Flexxon The annual cost of cybercrime is set to hit $10.5 trillion by 2025. The losses caused by theft, fraud and embezzlement…
Are You Prepared for the New Normal of Jekyll and Hyde Data?
An organization’s data and secrets are simultaneously its greatest assets and its greatest risks. By Howard Ting, CEO, Cyberhaven Recently Twitch suffered a devastating hack that exposed its most sensitive…
Is XDR The Right Solution for Today’s Security Threats?
Defining XDR’s Role in the Security Stack By Steve Garrison, VP Marketing, Stellar Cyber XDR and Open XR are two of the latest buzzwords in the cybersecurity tools market, but…
Looking Ahead: Five Security Trends For 2022
A look at some of the key security trends for next year By Mark Guntrip, Strategy Leader at Menlo Security. Ransomware and the fight back Ransomware has dominated the…
Phishing: How To Improve Cybersecurity Awareness
By Jason Stirland, CTO at DeltaNet International According to research by Proofpoint, 75% of organizations around the world experienced a phishing attack in 2020, and 74% of attacks targeting US businesses were…
12 Tips for Improving Access Control in Your Organization
By Bryon Miller ASCENT In today’s world, we have more access to essentially all that’s available in our lives. More access to people and places. More access to information and…
‘Spider-Man: No Way Home’ used to spread a cryptominer
Threat actors attempted to take advantage of the interest in the new ‘ Spider-Man: No Way Home’ movie to spread a Monero Cryptominer. Threat actors are attempting to capitalize the…
Conti ransomware gang exploits Log4Shell bug in its operations
The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise…
It’s About Time: The Unappreciated Fundamental Metric for Security
By Winn Schwartau During the Cold War, the US defended us poor, soon-to-be-nuked citizenry, with time. If the Soviets got it into their heads to send over a six-pack of…
Crooks injects e-skimmers in random WordPress plugins of e-stores
Threat actors are injecting credit card swipers into random plugins of e-commerce WordPress sites, Sucuri researchers warn. Sucuri researchers are warning of threat actors injecting credit card swipers into random…
FBI training document shows lawful access to multiple encrypted messaging apps
Which are the most secure encrypted messaging apps? An FBI document shows what data can be obtained from them. The Record shared an FBI training document that reveals the surveillance…
Sinclair TV stations downtime allegedly caused by a ransomware attack
A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group broadcast television company. TV stations owned by the Sinclair Broadcast…
New SOVA Android Banking trojan is rapidly growing
SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. Researchers from cybersecurity firm ThreatFabric have spotted in the…
Gold Optis: Most Innovative and Socially Conscious Technologies at Black Hat
By Olivia Gallucci, Cybersecurity Reporter, Cyber Defense Magazine I interviewed approximately sixty industry leaders from over forty companies who attended Black Hat. Although this article series—The Optis—can be read as…
Understanding The Importance of Designing for Security
By Camille Morhardt, Director of Security Initiatives and Communications at Intel, and Tom Garrison, VP and GM of Client Security Strategy and Initiatives at Intel Robust security is a necessary…
Vice Society ransomware also exploits PrintNightmare flaws in its attack
Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice Society ransomware operators are actively exploiting Windows print spooler PrintNightmare…
How to Accelerate SecOps efficiency and extend capabilities with XDR
By Ed Martin, Director of Product Management, Secureworks Security Operations (SecOps) teams have been under pressure since their inception to perform the role of enterprise defender for firms in every…
Maximizing the Impact of AI/ML Threat Detection Tools
By Cary Wright, VP Product Management, Endace Companies are increasingly looking to Artificial Intelligence (AI) and Machine Learning (ML) threat detection tools to improve the security posture of the enterprise….
Biden discussed Russian ransomware gangs with Putin in a phone call
President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir Putin. The recent wave of ransomware attacks carried out by…
Why A ‘Layers and Lists’ Approach to Cybersecurity Is Doomed to Fail
By Gary Fischer, VP Americas, XM Cyber Why is cyber-defense such an asymmetrical war? Hackers can launch a barrage of attacks on a single target and keep going until they find…
Threat actors in January attempted to poison the water at a US facility
Threat actors in January attempted to poison the water at a US facility, a circumstance that highlights the importance of cybersecurity for water and wastewater utilities. The news that a…
Crypto-mining campaign targets Kubeflow installs on a large scale
Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow…
Data Loss Prevention in Turbulent Times
By Otavio Freire, CTO & Co-Founder at SafeGuard Cyber Data, the saying goes, is the new oil. This probably understates the case: Not only is data at the core of…
French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh…
Darkside gang lost control of their servers and funds
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds the gang obtained from the victims. Darkside ransomware operators say…
The Case for Open XDR
The current model for cybersecurity is broken. It consists of acquiring and deploying a lot of stand-alone tools, each with its own console, to analyze logs or traffic and detect…
Patchstack Protects The Web With Community
By Oliver Sild, the co-founder and CEO of Patchstack Web applications today are built with heavy use of open source code – all of which is largely put together by…
This man was planning to kill 70% of Internet in a bomb attack against AWS
The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28),…
SAP systems are targeted within 72 hours after updates are released
On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis…